Spread of Covid-19 gives rise to the 'cyber-demic'

Dec. 7, 2020
Experian’s annual data breach forecast predicts hackers will continue leverage the pandemic to wreak havoc in 2021

While 2020 will be remembered primarily as the year in which normal, day-to-day life was brought to a screeching halt by the global spread of the coronavirus, it will also likely be remembered by some as an inflection point for cybersecurity standards and practices. Sure, data breaches and cyber-attacks have almost come to be expected by both the public and private sectors but the Covid-19 pandemic and how malicious actors have looked to take advantage of citizens and businesses during these uncertain times has brought higher scrutiny on just how far some hackers are willing to go to cause societal disruption or gain a financial windfall.

Just last month, Microsoft accused three nation-state actors from North Korea and Russia of launching cyber-attacks against pharmaceutical companies developing Covid vaccines. This follows a proverbial onslaught of ransomware incidents too numerous to list that have frozen the computer systems of myriad businesses, hospitals, schools, and government agencies this year as many employees have made the work-from-home transition to mitigate the spread of the virus.

It should come as little surprise then that two of the top five data breach predictions in this year’s edition of the Experian Data Breach Industry Forecast are directly related to the pandemic. The top five predictions in this year’s forecast are:

  1. Mass transition to remote work and increased digital usage provides hackers with new opportunities.
  2. Cybercriminals may attempt to target the rollout ecosystem of the Covid-19 vaccines.
  3. Contact tracing apps created to mitigate the spread of coronavirus COVID-19 curve create a fresh surface to exploit.
  4. Proliferation of 5G will usher new tech capabilities as well as increased vulnerabilities.
  5. Rush to adopt digital and telehealth services puts the healthcare industry at risk for a new wave of attacks.

“I think we’ve really entered the cyber-demic era right now because… these (attacks) are going to have a long-term impact on privacy and security considerations for everybody,” explains Michael Bruemmer, Vice President of Experian Data Breach Resolution. “Hackers are going to have new targets and they’re definitely using some new means. Why I use the term ‘cyber-demic’ is because it is pandemic-influenced, and it also focuses on many unsecure apps and devices and the new technology and threat vectors. So, these three components make this a really focused effort.”

Vaccine Chaos   

While people around the world continue to hold their collective breath that a vaccine, several of which have already proven successful in trials, will soon be made widely available, Bruemmer says that hackers are doing their best to sow discord and spread misinformation about the vaccines and their makers. In fact, the head of the International Federation of Red Cross and Red Crescent Societies, Francesco Rocca, recently said that “fake news” about the vaccines has become a second pandemic.       

“I think the vaccine, since it is going to be in the news for the next six months, is definitely one of those situations where we may see long lasting or ripple effects for a while,” Bruemmer says.

Ransomware Hits Home

When it comes to the top prediction in this year’s forecast, Bruemmer says they believe that ransomware will spread beyond the confines of locking up organizational data and begin to infiltrate smart home devices.

According to a recent report published by cybersecurity firm Skybox Security, ransomware has thrived during the pandemic with new samples increasing by 72% over the first half of the year. However, as evidenced by the incident earlier this summer that involved hackers compromising the Twitter accounts of a sizeable number of prominent companies and notable celebrities, including former President Barack Obama and entrepreneur Elon Musk, as part of a Bitcoin scam, these types of attacks are now increasingly being aimed at individuals which could be a preview of what the future may hold for ransomware.

“These couple of proof points lead us to believe that there is going to be a huge increase – with everybody working from home and doing their business from home – of having home devices taken over and ransomware being used as that threat vector,” Bruemmer explains.

Contact Tracing Backfires

Though the goal of using contact tracing apps to help inform people when they have possibly been in contact with someone that has contracted the coronavirus was a noble one, hackers will also likely look to harvest the data of unsuspecting victims through them.

“We believe, specifically, the APIs through the apps are going to be the exploit surface where the hackers will decompile those apps and they will attack or clone them,” Bruemmer says. “Additionally, the extension of what is already happening with social engineering as an attack vector that has been around for a while, that’s going to be used as well.”

The 5G Conundrum

The prospects for 5G and how it stands to revolutionize mobile communications has many industries abuzz about how it could improve their operations moving forward, however; as with many technological innovations, 5G will also undoubtedly include a litany of vulnerabilities that have yet to be discovered or even thought about. Because harnessing the benefits of 5G will require that devices always “be on,” Bruemmer says that presents a whole host of opportunities for malicious actors to find and compromise them. “With the new 5G endpoints, we believe there has to be a rapid increase in new security protocols but with 5G being such a growth aspect for equipment manufacturers as well cellular operators, it is going to be a weak spot,” he adds. 

 New Healthcare Threats

The healthcare industry has always faced an outsized threat when it comes to cybersecurity given the value of the PII (personally identifiable information) that hospitals and others in the industry collect on a regular basis. However, the pandemic has further hastened the development and use of telehealth tools, which comes its own set of risks.

“We’ve seen about a 350% growth in that sector alone and with the value of every health record being between $25 and $1,000, depending on how complete that record is, it is very valuable if you can find a way into this digital health or telehealth realm – you have a way to access the information and then sell it,” Bruemmer says. “To that point, Experian last year serviced about 5,000 breaches and 36% of all of those breaches were related to healthcare. Specifically, in the last 12 months, the telehealth breaches that we have serviced are up 90% year over year.”

The Human Element

Beyond the top five predictions in this year’s forecast, Bruemmer says there were a couple of other things that stood out in reviewing the data, particularly the human error aspect that is still prominent in most of these attacks.

“Especially with social engineering, clicking on (malicious) links, not being cognizant to update the factory settings on a router – these are all things that you have to take personal responsibility on,” he adds. “I also think that just in the environment that we’re going to be in for most of 2021 – the rollout of a vaccine, a new (presidential) administration, most people still working from home – you have a lot of different trends going on that in 2020 we saw in hindsight but in previous years there weren’t all these things going on and the pandemic has affected everybody. There is just a lot of turmoil and turmoil is a great environment for the hackers to be more successful.”

For more information or to download a full copy of the report, click here.  

Joel Griffin is the Editor-in-Chief of SecurityInfoWatch.com and a veteran security journalist. You can reach him at [email protected].   

About the Author

Joel Griffin | Editor-in-Chief, SecurityInfoWatch.com

Joel Griffin is the Editor-in-Chief of SecurityInfoWatch.com, a business-to-business news website published by Endeavor Business Media that covers all aspects of the physical security industry. Joel has covered the security industry since May 2008 when he first joined the site as assistant editor. Prior to SecurityInfoWatch, Joel worked as a staff reporter for two years at the Newton Citizen, a daily newspaper located in the suburban Atlanta city of Covington, Ga.