Cyber Security in the Age of COVID-19: A Timeline and Analysis of Cyber-Crime and Cyber-Attacks during the Pandemic (2006.11929v1)

Abstract: The COVID-19 pandemic was a remarkable unprecedented event which altered the lives of billions of citizens globally resulting in what became commonly referred to as the new-normal in terms of societal norms and the way we live and work. Aside from the extraordinary impact on society and business as a whole, the pandemic generated a set of unique cyber-crime related circumstances which also affected society and business. The increased anxiety caused by the pandemic heightened the likelihood of cyber-attacks succeeding corresponding with an increase in the number and range of cyber-attacks. This paper analyses the COVID-19 pandemic from a cyber-crime perspective and highlights the range of cyber-attacks experienced globally during the pandemic. Cyber-attacks are analysed and considered within the context of key global events to reveal the modus-operandi of cyber-attack campaigns. The analysis shows how following what appeared to be large gaps between the initial outbreak of the pandemic in China and the first COVID-19 related cyber-attack, attacks steadily became much more prevalent to the point that on some days, 3 or 4 unique cyber-attacks were being reported. The analysis proceeds to utilise the UK as a case study to demonstrate how cyber-criminals leveraged key events and governmental announcements to carefully craft and design cyber-crime campaigns.

• The paper constructs a timeline showing surges in cyber incidents after key COVID-19 announcements, emphasizing phishing in 86% of cases.
• It employs a case study approach from regions like the UK to correlate public health events with spikes in fraud, malware, and phishing attacks.
• The research highlights a global pattern, with early attacks impacting China and the US by 39%, urging adaptive cybersecurity strategies.

Cyber Security in the Age of COVID-19: An Analytical Overview

The paper "Cyber Security in the Age of COVID-19: A Timeline and Analysis of Cyber-Crime and Cyber-Attacks during the Pandemic" provides a methodical examination of the evolution of cyber-crime incidents stimulated by the COVID-19 pandemic. It underscores the pandemic's exploitation by cyber-criminals to increase the breadth and success of their attacks globally. The paper adopts a timeline-based approach to delineate the development of these attacks correlated with major pandemic-related events, offering a granular view of the modus operandi of the perpetrators.

The core focus of the paper is the construction of an attack timeline that categorizes a wide spectrum of cyber incidents tied to COVID-19, including phishing, malware distribution, financial fraud, and extortion. These attacks often drew on the anxiety and the heightened digital dependency induced by COVID-19. The UK is analyzed as a focal case paper, illustrating how cyber-criminals synchronized their campaigns with key national announcements, thus enhancing the contextual relevance and potential impact of their schemes.

Key Findings:

• Cyber Attack Patterns: The timeline method demonstrates a significant correlation between global and local events related to COVID-19 and the spike in cyber incidents. Typically, announcements concerning public health measures or economic aid were quickly followed by targeted phishing campaigns or fraud attempts.
• Attack Sequence Analysis: Phishing remains the predominant attack vector, employed in 86% of the cases analyzed. Phishing attempts frequently served as the entry point for more complex attack chains involving malware deployment, data theft, and subsequent financial fraud.
• Regional Impact Modeling: China and the United States bore a substantial portion of the early pandemic-related cyber-attacks, accounting for approximately 39% collectively. The research emphasizes the global nature of the threat, highlighting the adaptability and scope of cyber-criminal endeavors during times of international crisis.
• Implications for Organizational and National Security: The findings highlight that cybersecurity measures must evolve in tandem with geopolitical and socioeconomic developments—particularly the types of announcements that cyber actors are likely to exploit. The paper suggests that announcements should be accompanied by advisories regarding potential cyber threats to mitigate risks.

Implications for Future Research and Practice:

The paper indicates the necessity for continued vigilance and adaptive cybersecurity practices in light of dynamic global events. It provides a foundational analysis from which further research can explore the construction of predictive models linking real-world events to cyber threats. Such models could inform both practical cybersecurity frameworks and strategic policy implementation at national and organizational levels.

In conclusion, this paper adds to the body of knowledge by highlighting the agility and opportunistic nature of cyber-criminals during global crises. It recommends a proactive approach by governments and institutions to inoculate the digital ecosystem against the heightened risk profiles induced by such emergencies, thereby safeguarding both organizational resilience and public trust.