The coronavirus pandemic and its impact on cybersecurity

The coronavirus pandemic has impacted cybersecurity in several ways. The challenges range from the infrastructure of the internet itself to the spread of disinformation online. Nevertheless, not all is lost, as, at the same time, valuable lessons can be learned for the future.

The coronavirus pandemic has changed society’s way of life in several ways, but some of the most remarkable changes have occurred in the digital realm. Due to social distancing measures, more people have needed to go online, and several services have been forced to either digitalise or increase their online presence. This has revealed two things. On the one hand, the information society is resilient, as it can maintain a certain degree of productivity and human interaction through digital means. Still, on the other hand, the sudden and massive move to the online environment was anything but smooth. Thus, we are experiencing a chaotic situation in the physical world and in cyberspace, a situation that involves both state and non-state actors.

The challenges are abundant and are related to: (a) infrastructural limits, (b) the increase in cybercriminal activity (d) the growth of surveillance and espionage, and (d) the spread of disinformation online. Therefore, despite the marginal attention paid to it during the first stages of the outbreak, cybersecurity is emerging as an essential tool to cope with society’s new demands. This article will briefly discuss the form these challenges are taking and what we can learn from them to pave a better way towards the “new normal”.

The challenges

One of the first challenges that concern cybersecurity specialists relates to the cyberspace infrastructure itself. With the increasing dependence on the internet, its importance has changed, along with the possibility of its disruption. The growing numbers of people going online is increasing pressure on the internet’s infrastructure. This pressure, coupled with potential bottlenecks (such as home-office Wi-Fi, national internet exchange points (IXPs), seabed cables, and cloud servers), is making it more vulnerable to directed cyberattacks (DiploFoundation, 2020). A large-scale DDoS attack, for instance, could paralyse the provision of essential goods or services in the pandemic.

Another challenge relates to online criminal activity. Cybercriminals are exploiting people’s fear and curiosity about the coronavirus to conduct cyberattacks. These illegal activities include phishing attacks, malware distribution, and cyberattacks against remote access or remote working infrastructure (NCSC; CISA, 2020 p.3). According to Check Point (2020), since mid-February, there has been an increase in coronavirus-related cyberattacks from a few hundred daily to as high as over 5,000 on 28 March (an average of 2,600 attacks daily).

A third challenge relates to surveillance and espionage, with governments tracking people’s movement to control the spread of infections (Marson; Stupp; Hinshaw, 2020) and advanced persistent threat (APT) groups, potentially related to states, conducting espionage campaigns (Thales, 2020). This challenge demands an open debate within society on the terms of accessing data from digital devices; it also demands efforts to curb data leaks to malicious actors.

Finally, there is what the World Health Organization (WHO) named as an “infodemic”. In other words, there has been a high spread of disinformation online related to COVID-19. According to an unpublished report from the US Global Engagement Center, “roughly 2 million tweets peddled conspiracy theories about the coronavirus over the three weeks when the outbreak began to spread outside China” (Romm, 2020). This online disinformation may not only give rise to distrust among people and governments, or even international institutions, but may also impede efforts to contain the disease as it may lead people to make poor judgments.

The lessons

It is clear that cybersecurity is important in the current context and that the challenges to overcome are not easy ones. Thus, the first lesson is that the digitalisation of goods and services is here to stay, and the development of digital infrastructure must take security by design as fundamental. Another lesson relates to prevention. It is much easier and cheaper to curb cyberattacks if we can prevent the cyber kill chain from the beginning. However, for prevention to happen, a generalized cyber-hygiene culture should be implemented, both in private and public institutions. 

A third lesson comes from observing how the joint forces of government and the private sector are being developed to tackle disinformation online. It will be possible to recalibrate what works and what does not in a post-crisis scenario, to create perhaps permanent “mixed agencies” that could improve security online.

Finally, the aspect of surveillance and espionage can teach us the importance of an open and inclusive discussion on cybersecurity with diverse stakeholders. Transparency leads to trust. Trust can lead people to accept some actions better and to accord a degree of legitimacy to them. Then, as these actions are regarded as legitimate, a proportional design becomes possible, like their adaptation for use in non-crisis times.

How these lessons will be implemented in practice remains to be seen. What we can be sure of is that we can come out of the pandemic better than we entered it,  at least when it comes to cybersecurity.

References

Check Point (2020) Coronavirus update: In the cyber world, the graph has yet to flatten Check Point Blog.  Retrieved from: https://blog.checkpoint.com/2020/04/02/coronavirus-update-in-the-cyber-world-the-graph-has-yet-to-flatten/

DiploFoundation (2020, March 24). [Live Discussion] Could COVID 19 disrupt the Internet? [Video File] Retrieved from https://youtu.be/7-id-mWlymA 

Mason, James; Stupp, Catherine; Hinshaw, Drew. (2020, April 3) U.S. and Europe Turn to Phone-Tracking Strategies to Slow Spread of Coronavirus. The Wall Street Journal [online]. Retrieved from: https://www.wsj.com/articles/u-s-and-europe-turn-to-phone-tracking-strategies-to-halt-spread-of-coronavirus-11585906203 

National Cyber Security Center (NCSS); Cybersecurity and Infrastructure Security Agency (CISA). (2020, April 8) Advisory: COVID-19 exploited by malicious cyber actors. Retrieved from: https://www.ncsc.gov.uk/news/covid-19-exploited-by-cyber-actors-advisory 

Romm, Tony (2020, February 29) Millions of tweets peddled conspiracy theories about coronavirus in other countries, an unpublished U.S. report says. The Washington Post [online]. Retrieved from: https://www.washingtonpost.com/technology/2020/02/29/twitter-coronavirus-misinformation-state-department/ 

Thales (2020, March 24) COVID-19 Cyber Threat Assessment:  Retrieved from: https://www.thalesgroup.com/sites/default/files/database/document/2020-03/2020-03-24_COVID-19_CYBER_THREAT_ASSESSMENT_(ENG).pdf?_ga=2.5586352.201679710.1586936406-183827954.1586936406