Since the outbreak of the COVID-19 and the declaration of the same as a global pandemic, the Cyber World has noticed a rise in Cybercrime and online attacks to include phishing, malware and online digital payment fraud. The Lock-down has also assured the perpetrator of not being booked due to the preoccupancy of LEA and also for the fact that the investigation and crack-down on them is made difficult.
Cybercriminals are also taking advantage of the increasing amount of time that people spend online due to new measures taken by government to stop the spread of the virus. The fact that the victims are not able to reachout due to health crisis is also a factor that is encouraging the criminals.
In one of a kind incident in India, it was reported by a Locked-Down victim, that he had made a certain payment for home-delivery of some essentials. Subsequently, after the payment was transferred Digitally, the perpetrator then cancels the order, citing reasons, and does not initiate the reversal of payment. This then has resulted in a Digital Cybercrime.
The above quoted incident is one among the many acts by the Cyber Criminal, who have now learnt the trick of utilizing the adverse scenario to make the fast money. As the pandemic continues and individuals are increasingly required to minimize social contact or even shelter in place to help blunt the impact of the virus, many workforces have become remote virtually overnight. And many corporate IT and security departments are still rushing to get the right tools and defense in place.
The Activation of the Dark Web
It says that since 19 February 2020, dark web search activity for COVID-19 increased more than seven-fold, just as it has on the clear web, with individuals searching for information via Google. Ransomware attacks on Health Care units from the Dark Web is now on the increase. Threat-Intelligence firm, Digital Shadows says that forum posters asking for ways to exploit the pandemic are often met with a barrage criticism from their fellow cybercrime aficionados, but still there are individual on the Dark Web who stll function without remorse.
The Activation on Social Media Sites
Attackers have been using COVID-19-themed malware, social engineering and phishing messages that include links leading to malicious sites or have attached Microsoft Office documents with malicious macros designed to download and execute malware on a victim’s system. Some of these messages appear to come from the World Health Organization or U.S. Center for Disease Control, exploiting individuals’ obvious need to know more about the pandemic.
One such website in India made its entry in the garb of providing online symptomatic checkup through Digital Forms. This then turned out to be a malicious phishing effort.
In an another incident, a website claimed to be the official ‘Dashboard’ for the Corona Pendemic, and was enticing users to register by passing certain credentials for creation of the profile.
The Activation on E-commerce Sites
The escalated price of commodities, has also forced buyers to purchase items from the e-commerce platforms. Criminals are thus resorting to fake ‘exclusive discounts”, generation of “coupons” , Cash-back, etc. The criminal then cheat the online buyers of their money on this E-commerce website.
The ease of MITM is also exploited by Cyber Criminals for those who are working “Working from Home”, as their setup at home may not cater for a secure services as at the original workplace.
The Crimainals are also aware that the Incident Response mechanism against crime is also at its least efficiency. Hence the cyber criminals are at ease of performing their malicious act.
The need of the hour is, “Business Process Continuity”. The priority is to keep the Health Care and other Critical Infrastructure running. The Cyber Criminals will like to make hay when the sun shines. Unfortunately, the period of at most need, hasn’t blunted attempts to turn COVID-19 to some criminals’ advantage. The crisis of coronavirus is sadly an enticing for exploitation since people may be easier to scam using the ‘coronavirus theme’ because now everyone is familiar with it. Meanwhile, more and more hospitals, research hubs and medical centres are being targeted by organised cyber units which are after information, intelligence, and system accessibility.
Disruption and being victims of Cyber Crime can accumulate and negatively contribute to elongated procedures, what may even indirectly lead to a negative impact on human health, losses and psychological trauma or in some situations – even life.
It is hence a testing time for Cyber Security Evangelists and also Experts to assist in curbing the Cyber Criminals from having a free run.