Cybercrime and its relation to COVID-19

The onset of COVID-19 across the world in 2020 has elicited novel conversations about health security as an emerging issue in global security. As an increasing number of people resort to working virtually, more and more information, knowledge, skills and resources are channelled and exchanged through the online spaces. For this reason then, criminals have resorted to targeting the cyber spaces in coordinated efforts to hack, scuttle or gain unauthorised access to information that they would otherwise not have access to. This paper looks at the phenomenon of COVID-19 as a global health security issue and the proliferation of cybercrime in the age of the pandemic

Background

COVID-19 has rendered individuals, organizations and society in general vulnerable in every aspect. During the period of the crisis, individual entities, businesses, corporations and organizations have relied more on computer systems, mobile phone devices and the internet to shop, socialize, work, communicate, share and receive information. More than ever before, the worldwide web has been relied on to keep individual businesses and world economies going. All these have been done to mitigate the adverse effects caused by the realities of social distancing. Consequently, criminals and malicious players have sought to exploit these vulnerabilities in an effort to benefit from the increased interaction within the internet spaces (Rennie, 2020).

As a result of the evident malice and rise in cybercrime within the duration of the pandemic, criminal justice authorities have to fully cooperate across geographical and administrative boundaries to detect, investigate and prosecute these numerous offences and bring to justice those that seek to exploit the COVID-19 pandemic for their individual and malicious purposes. More than just prosecute these offences, there is need to build mechanisms to ensure that institutions and individual accounts are protected from the realities of those who advance cybercrime attacks.

The Evidence of Cybercrime and its Relation to the COVID-19 Pandemic

Criminals have perfected the art of ransomware in the context of information and research on COVID-19. While in the physical world the phenomenon of ransom is fairly well-known from the global or domestic issues of terrorism and kidnappings in which criminals take people or property in their custody and demand ransom, this phenomenon is fairly new in the world of the digital media. In the virtual space, ransomware is promoted and executed by criminals who shut down medical, scientific or other health related facilities and websites which have data on the testing of people or those that have information on the vaccine development in order for them to extort ransom. People and organizations, fearing the potential of the release of sensitive information by these masters of the dark media arts, pay these ransoms before their use of various websites and user profiles are restored. During this time too, the hijacking of individual accounts and public profiles of famous people has been reported from criminals whose sole aim is to get ransom before they offer the accounts back (Rennie 2020). When criminals get access to information on research that has been going on for a potential vaccine, they can also use this data by selling it to other players who may need it.

Secondly, these cybercrime attacks are seen targeting critical infrastructures or international organisations such as the World Health Organization (WHO). During this time of the COVID-19 pandemic, the role that the WHO plays has been heightened. From the early days of the initial outbreaks, the body provided preliminary information on the disease, providing warnings and offering critical advice on what could be done to protect people from potential infections. It offered information and in some instances, resources that could be used to protect the vulnerable and stem the infection tides in epicentres across the world. Their advisory and active role in research has not gone down well with some online criminal elements. The cybercrime that has been a beneficiary of the COVID-19 pandemic sees the return back to normal as a threat to their thriving activities. They, therefore, target global and regional bodies that coordinate efforts to mitigate the effects of the virus and flatten infection curves. There have been efforts to hack into the WHO websites maybe with the intention of jeopardising operations or actively promoting false narratives about the pandemic for selfish or political reasons.

The criminals have also been using the spread of information on COVID-19 to target individual mobile phones for ransomware. The onset of the virus brought about the spread of conflicting information about the realities of the spread and facts about the virus. The nature of the novel virus has made the sharing of shady information and fake news peddled as facts across the internet. Because of the scant nature of information on the virus, it becomes easy for the criminals to take fake information and share it to unsuspecting people and in the process, demand for ransom from them (Rennie 2020). The cybercriminals make use of apps that claim to provide genuine information on COVID-19 and in the process extort ransom.

Cybercrime offenders also access company information by getting access to their systems (Abbasi et al. 2010). The COVID-19 pandemic has necessitated the virtual work from homes and remote places. The disadvantage in this is that the connections become more vulnerable when the employees have to telework far away from their places of work. The offenders then target the workers who work remotely through telework services. Through them, the offenders can gain access to critical company and organization information that would be dangerous for the existence of the organization or that may undermine competition for those organizations.

In addition, the emergence of COVID-19 has encouraged the proliferation of fraudulent schemes from those who seek to unfairly take advantage of people’s vulnerability for their own benefits. The cybercrime offenders have actively promoted fake schemes where people are tricked into buying protective equipment like face masks, hand sanitizers and even fake medicines. Unsuspecting people are then duped into contributing to these schemes which in the end cause them to lose money and distrust the reliability of the internet.

Finally, the impacts of misinformation or fake news created by these online trolls have been felt by healthcare organizations and governments globally. Within the social media spaces, there are numerous fake accounts created to advance false narratives and create panic in the process. The misinformation leads to social instability and distrust in governments. What the fraudsters seek to achieve is to undermine the measures that are taken by their health authorities.

Mitigating the Problem of Cybercrime

With the increasing cases of online crime, those within the criminal justice system have to work in collaboration to detect, respond to and prevent cases of cybercrime in future (Anderson & Agarwal, 2019).  Those who use the COVID-19 pandemic for their selfish interest by either spreading fake news or gaining access to vulnerable people and organizations have to be brought to book. The challenge is that cybercrime can easily span across national boundaries (D’Arcy et al., 2015). Prosecuting these crimes therefore require regional and global collaboration. Regional collections of governments and world bodies have to cooperate to detect and refer the cases that they discover for immediate and swift action. These governments have to agree that using the COVID-19 pandemic to advance personal gain unfairly across the internet through cyberattacks constitutes a global health security issue.

With the increased hours that many people use while working from home, it is essential even beyond this pandemic that these people strive and make the home a cyber safe stronghold. This can be done by always changing the default Wi-Fi router password that can be breached. The apps have to be reviewed occasionally for the permissions so that those that are not used are deleted. Electronic devices have to be secured with passwords, pins and Biometric information. These passwords have to be strong and different for the email and social media accounts so that unauthorised access, if any, is kept at a minimum. The privacy settings of the social media accounts also have to be reviewed. Besides these safety measures, the pandemic has increased the need for online shopping. To protect the devices and people from fraud, dealing with reliable online vendors is recommended. Customer protection online is also stronger with the use of credit cards. When offers are too good and suspicious bank account activities are detected, the owners have to take extra caution.

Workers who have to transact company business from home as a result of the consequences of COVID-19 also have to take caution to ensure that they engage in safe teleworking. Caution should be taken to ensure that company data is only accessed through company provided equipment. These should be laced with strong passwords. The users should also ensure that they familiarise themselves with corporate devices, policies and procedure. The equipment has to be protected and remote access secured. Using protective measures like antivirus in private devices also helps to disable illegal access to the data. The use of personal emails for transacting company information ought to be discouraged too because of the vulnerability that such information is exposed to. Finally, the teleworking devices ought not to be used for other leisurely activities.

Governments and regulators have to strengthen protections for online markets. With the onset of COVID-19, most business activities have shifted online and are operating within the available online markets. Because these online markets are the ones targeted by many criminals within the online spaces, there have to be specialized investigators in cybercrime and counterterrorism who can pay close attention to crimes within the online markets and prosecute those involved (Algarni, XU, & Chan, 2014). It has been discussed that these criminals operate with no regard to administrative boundaries. In this regard, there has to be more collaboration through bodies like Interpol in an effort to tame those crimes that affect online markets from all over the world.

There has to be capacity building for criminal justice authorities. The prosecution of cybercrimes require that the criminal justice system is empowered and trained on the technicalities of crimes and the complexities involved (Boss et al. 2015). This involves prosecuting cases in which ignorant users provided even consent before getting exploited by the fraudulent people. Capacity building also involves the provision of financial resources needed to follow up, dismantle and build capacities for preventing future cases rather than waiting to mitigate the effects of the disaster.

Citizens have to be wary and only trust information from official sources on the nature of COVID-19. The dissemination of information has to be done from official organizations like the WHO, regional health bodies and national ministries and departments of health. The verification of any information on health is necessary before decisions are made. With the extensive online buying and selling, people who rely on such methods have to only make use of reliable online marketing channels to shop and transact business. In addition, workers ought to be sensitized on safe teleworking practices to protect themselves and company data from fraudulent people.

As discussed above, COVID-19 has been a matter of global health security. In many ways, the disease has revolutionized how people work, interact and even do business. With an increased number of people working from the safety of their homes, online criminals have sought to target institutions that coordinate efforts to control the disease and the many transactions that are ongoing in the online markets. Criminals have perfected ransomware, distributing fake information on the virus with an intention of getting financial benefits. Governments, individuals and organizations have to protect themselves from such cyber-attacks.