Cybercrimes in times of corona: National spurt in cybercrimes, warns experts

Ritu Yadav.
The world is in war against the contagious COVID-19 pandemic, from nations shutting borders to the global economic crisis. Undoubtedly, the virus has rapidly changed the way business is being on done on the dark web. Cyber security experts have highlighted the constant increase in cybercrimes and hacking activities as people all over the globe are currently highly dependent on the virtual world. Cybercriminals have seized the opportunity to exploit the crisis.
The cyberspace has become highly threatening for individuals as the cybercriminals are going all in, trying to reach as broad audience as possible. A recent study by cyber security firm Uniken has revealed India under lockdown is witnessing an alarming rate of cybercrimes over the past few weeks. During this unprecedented times of COVID-19 pandemic the people are highly dependent on the cyberspace for various reasons and its increasing gradually as majority of people are finding innumerable ways to earn money or to find new job opportunities unaware of fact that they are burying one’s head in the sand as cybercriminals are hiding behind unraveling vulnerabilities and making benefit out of it.
“With almost all the sectors in India practicing work from home, this has put a humongous strain on the security teams who are responsible for safeguarding the backend data and files. This risk is higher for organizations that deal with customer-sensitive data such as banks/NBFCs, healthcare companies, government agencies, etc. Such companies are at the forefront battling these threats,” said Uniken CEO Bimal Gandhi.
The research firm Memoori revealed that cyber-attacks against the WHO have increased in the past month during the crisis. The CISO at the WHO admitted that the organization faced an increase in cyber threats since the pandemic.
Cybercriminals are well aware that people nowadays are spending most of their time online and have been targeting them with creative and innovative tactics favoring the current situation of crisis.
The CloudSEK, another cyber security firm, supports the increased risk of institutions or systems at the forefront of the fight against coronavirus. CloudSEK’s analysis has revealed that “threat actors have changed their tactics and lures to capitalize on the COVID-19 outbreak.”
There is a spike in the COVID-themed attacks since January. The number of COVID-related high risk domains, scams, and phishing lures detected every week, has spiked since January. While the COVID-related high risk domains have risen from zero to more than 1.2 million between January and April, the number of scams has touched more than 1.6 million during the same period.
“The main targets (of these cyber fraudsters) are remote workforces and hospitals and COVID-19 testing facilities,” says Deepanjali Paulraj, the lead cyber intelligence editor at CloudSEK. Scams targeting Microsoft’s cloud tools have increased 72 per cent from January to March, while Skype counterfeiting has risen 31 per cent during February-March.
Cybercriminals see the COVID-19 pandemic as an opportunity to target people working from home. “Big organizations already have some cyber security preparedness. The MSME is one of the most affected sectors because they might have had to switch to internet platforms overnight without much preparation,” says Nandakishore Harikumar, CEO of Technisanct, big data and cyber security startup.
Harikumar’s team is frequently engaged in exposing a number of fake SIM card scams, a threat to both individual and national security, run via Telegram and the dark net. “These scams happen because there are enough consumers for these. People need to be informed and hence, there is a need to create more awareness,” he says.
The Paytm doubling scam is another common scam via telegram the cybercriminals in specific Telegram groups lure Paytm Wallet customers to double their wallet amount by clicking on a few links. While many are getting deceived and are not reporting such incidents due to fear and shame, there might be even individuals who have not even realised that they have been conned due to lack of online experience and awareness. Harikumar’s company has been constantly flagging these threats with the CERT and the home ministry.
During these unprecedented times work from home has become an essential part in our daily lives at the same time cyber security threats cannot be eliminated completely. The company should be up to date to contain such threats. Encrypt and secure all devices and connections. If possible, companies should ask employees to use corporate-issued devices, since they are likely to be already secured.
There are many ways to ward off potential threats changing passwords, two factor authentication, anti-virus, and secure VPNS.
Also, the government should take proactive measures and issue frequent advisories and reveal the cybercriminals on regular basis and keep a check on the daily cyberspace activities.