New cybersecurity threats emerging amid coronavirus pandemic, researchers warn

The rise of remote working, e-learning and online health consultations are opening up new fronts in the battle over cybersecurity
There was a 131 per cent increase in viruses detected in March this year compared to the same month last year, one cybersecurity company says

Internet

Che Panin Beijing

Published: 6:45pm, 21 Apr 2020

Why you can trust SCMP

The coronavirus pandemic is not only a major health threat for the world, but is also exposing internet users to a whole new level of risk online as remote working software, telemedicine and online education become more common globally, according to researchers.

“More businesses in traditional industries are accelerating their digital transformation by using remote-working technologies to ensure business continuity, resulting in a spike in cyber threats arising from data leakage, phishing scams, ransomware and internet frauds,” the National Computer Network Emergency Response Technical Team and Coordination Center of China (CNCERT) said in a report on Monday.

The Chinese government cybersecurity agency added that remote working apps, online medical consultations and e-learning are complex systems harbouring vulnerabilities hackers could exploit.

Distributed denial-of-service attacks (DDoS) aimed at online education platforms as well as phishing attacks have also been rampant since the beginning of the coronavirus outbreak in January, CNCERT said in the report.

DDoS attacks are designed to crash internet servers by bombarding them with vast numbers of requests, while phishing attacks are attempts by hackers to obtain sensitive information – such as usernames, passwords and credit card details – through electronic communications such as emails while pretending to be legitimate entities.

With schools in many countries still closed and organisations asking employees to work from home to prevent the spread of the novel coronavirus, more people than before are vulnerable to cyber threats through remote working and learning systems. Online security experts have also warned that phishing scams are exploiting heightened fears about the coronavirus among consumers and organisations.

Last month, elite hackers tried to break into the World Health Organisation (WHO)’s internal system, in part of what a senior agency official said was a more than twofold increase in cyberattacks. The same group, East Asia-based DarkHotel, is suspected to be behind a coordinated cyber espionage campaign against multiple Chinese agencies and diplomatic missions through virtual private network (VPN) systems.

“Cyber threats often emerge during times of transition and disruption and the Covid-19 pandemic is no different,” Fortinet, a cybersecurity solutions provider, said in a press release last week.

“People working from home, children engaged in remote learning or connecting with friends, multiplayer games, online chat rooms, social media, streaming music and video – [these] are all opportunities for cybercriminals,” the California-based company said.

Fortinet said its global threat intelligence arm FortiGuard Labs is currently seeing an average of 600 new phishing campaigns per day.

There has also been a significant rise in the number of computer viruses detected in the first quarter of 2020. In January, February and March this year, FortiGuard Labs documented a 17 per cent, 52 per cent and 131 per cent increase in viruses respectively compared to the same months last year, Fortinet said.

At the same time, it said, there have been fewer attacks using more traditional methods such as botnet and IPS-based triggers, “which seems to indicate that cybercriminals are adjusting their attack strategies in order to take advantage of the current crisis”, the cybersecurity software firm added.

Post