discover our V.D.R.

Cyber security and coronavirus: attacks, smart working and contact tracing  

May 2020

Cyber security and coronavirus: attacks, smart working and contact tracing

The latest striking case was in Vietnam: cyber-intrusions from Vietnam towards Chinese ministries and institutions involved in the management of the health emergency. Furthermore, the attacks on health care facilities in the Czech Republic that brought tensions with Russia and raised the concerns of the White House.

Massive increase of threats and cyber security as an asset

In these two unpredictable months of global health emergency, cybercrime is one of the silent actors on a global scale, giving cyber security a significant role, not only financially, which will not be reduced in the post-Covid world. According to FireEye Inc., in the month of March cyber attacks have quadruplicated. According to a report of the Security Operations Center of Leonardo Group, there have been 230.000 coronavirus spam campaigns worldwide between the end of January and end of March, 6% of which in Italy.
In March, the UK National Cyber Security Centre reported it had blocked 2.000 sites and online fraud systems, among which there were 500 false e-commerce websites selling health material. This massive escalation of attacks is a consequence of the lockdown, and the new “lifestyle” adopted due to the emergency in approximately 90 countries, that has forced people to use the network for every activity: in the first weeks of lockdown in Italy, the TIM Study Center (First TLC operator in the country) registered a 90% increase of traffic in fixed networks an 30% in mobile networks.
 

Benefits and charity funds: fertile ground for scams

As summarized by Samuele Dominioni of ISPI (Italian Institute for International Political Studies), there are three macro sectors where the connection between internet and data protection has experienced significant stress: cyber-attacks, privacy and fake news. Cyber threats such as intrusion attempts are not limited to international hackers supported by governments to gather sensitive information from other countries, and not even to smart working. For example, the support measures offered by the various countries to help the population have been the perfect occasion for internet scams. FireEye has reported several attempts to scam US citizens via web through the so-called “Covid-19 Payment”, ie. government financial aid to stimulate the economy, while Malware Hunter Team discovered frauds similar to phishing in Russia through emails offering social subsidies. Other risks have been reported in relation to the great number of charity funds taking place these days.

Smart working: the challenges for cyber security officers

Smart working has been a fertile ground for cyber attacks and is putting a strain on cyber security administrators: “Mass work from remote connections means mass remote login activity, especially from unsafe private machines, with user accounts that have never operated like this before: this has made remote access credentials an easy target for hackers”, as pointed out by a Cynet study that not only found out that Italy, the first country hit massively by the virus after China, recorded a peak of attacks between February and March compared to the others, but also that companies with remote workers were the most affected.
For the management consultancy giant McKinsey, the challenge for Chief Information Security Officers is unusual compared to past crises: the large scale and long duration, for example, are two highly problematic factors. There are four best practices suggested for IT security teams: focus on the technological and security aspects that are most crucial for corporate activities. Test the IT security plans. Monitor tools, networks and employees. Define a balance between the prohibitions for workers who access the systems remotely and some concessions that allow a more fluid performance of the activities.
 

An app at the limit between privacy and public health

Another issue on data protection that was put at the center of the scene by the pandemic regards privacy. In particular, the need to monitor and track people affected by the virus in order to reconstruct the map of potential infected persons, raised the debate on sharing sensitive data, social control and compliance with privacy regulations. Close Contact Detector, Corona100m, Coronamap, TraceTogether – tracking apps first introduced in China, South Korea and Singapore - and most recently the app Immuni in Italy, are the "symbol" apps of this clash between the protection of personal data and public health.
Speaking about the guidelines for the introduction of apps to fight the pandemic, the European Data Protection Committee has provided strategies for a balanced solution, expressing a preference for an instrument that has three characteristics: use of the tracking system must be voluntary for users, no to geo-location, data storage on the local device (with respect to centralized collection), data anonymization.
 

The risk of disinformation in the coronavirus emergency

The third aspect that is under stress from the explosion of the health emergency is that of fake news. Leonardo's article, for example, reports disinformation campaigns on countries willing or unwilling to help those most in need for the extending of the infection. The main social networks, immediately identified as the primary vehicle for disseminating incorrect news and information, have moved towards containing this phenomenon: for example, by deleting profiles, limiting the "chain" messages and other functions. 
Alongside this, there have been many collaborative initiatives by social networks with organizations, institutions and health structures to provide reliable and official information channels.