We need to rethink cybersecurity for a post-pandemic world. Here’s how

cyber

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Leonardas Marozas, Security Research Lab Manager, CUJO AI


  • The pandemic has created a new set of opportunities for cybercriminals.
  • From remote working to phishing scams, we need to rethink our approach to cybersecurity across the board.
  • Here are three areas on which we should be focusing.

Fear and a sense of urgency are some of the most powerful vectors of human exploitation when it comes to cybersecurity, and this was clearly visible in the first days of the COVID-19 pandemic.

It all began in March with scams and phishing efforts related to the COVID-19 emergency, such as impersonations of authority figures like the WHO and other global and governmental institutions. The start of the pandemic also clearly showed how unpreparedness around protecting home users and remote workers can strike back.

The pandemic has definitely changed the world, and that includes cybersecurity. While reflecting on the past three months in a post-pandemic world, three specific highlights emerge.

Challenges in a post-pandemic world

During lockdown, people at home started spending far more time online than before. Our data shows that the volume increased by 20% for the average household in March through May. This would suggest a resulting increase of entities generating internet traffic, but surprisingly there was a decline of almost 50% in the number of new devices appearing in end-users’ homes, since users stopped buying unnecessary equipment. Public behaviour and quarantine recommendations for isolation together with halted or slowed postal operations added to the overall decline (See figure below).

Corporations and small and medium-sized enterprises (SME) had to quickly adapt their business processes to fit the new ‘all-remote’ reality. Businesses had usually prioritized uninterrupted service delivery over the security of remote workspaces and devices, which meant people began working from home protected only by consumer-oriented solutions (or not protected at all).

People on lockdown bought fewer new devices than you might expect
People on lockdown bought fewer new devices than you might expect
Image: CUJO AI

Accessing corporate resources remotely through virtual private networks (VPN) has traditionally led to stricter remote access policies; however, the shift to remote work has resulted in more permissive VPN access policies, which is creating security risks that indirectly compromise corporate networks.

And although new device growth has slowed, the most recent data suggests it has returned almost to its previous volume. The growing number of internet of things (IoT) devices in home networks and the lack of security can create opportunities for access by outsiders. When we add together diverse home environments with loose security policies, shared wifi passwords, IoT and quickly-built infrastructure to ensure uninterrupted business continuity, we get to the point where a single vulnerability or misstep in configuration can open the door to malicious actors.

New waves of more complex malware that use devices or users as proxies in order to reach more valuable assets in corporate networks are some of the biggest potential threats in the post-pandemic world. The situation is also very convenient for advanced persistent threats (APT) or industrial espionage actors planning targeted attacks against selected victims. And while we are listing future problems, ensuring home networks are secure while also remaining segmented and transparent for regular family users is a challenge of the highest importance.

AI: Closing the gap between real time and reactive threat intelligence

While numerous protection schemes have proved to be useful and effective in certain situations against known attack vectors and threats, one of the biggest challenges is to cope with the unknowns. AI is one of the vehicles that can be used to close the gap between knowledge-based threat detection and protection and unknown or rapidly changing threats. While collected intelligence and knowledge are usually the indisputable source of truth for protection, they are currently mostly successful in stating the known: a certain threat has happened (now or before) and here is how to protect against it.

One example of how AI is used in rapidly changing pandemic and post-pandemic landscape is in recognition of uncategorized or unlabelled websites with illicit intentions that are related to the usual triggers, such as fear. According to MarkMonitor, there are more than 100,000 COVID-19-registered domains. Our AI analysis of uncategorized websites that were accessed by people over a period of 50 days shows that for between 20% – 35% of websites contain content which, while not directly dangerous, is at least misleading or shows signs of possible illicit intent.

While threat intelligence is a source of confirmation for threat actor maliciousness, AI usage will foresee potential maliciousness in actors before they are known or registered in knowledge bases. And while there are certain well-defined policies in place (the principle of least privilege, for example), there may be few to no problems here. However, in a world with mixed rights and rules regarding remote work – or at least in ensuring that risks do exist (and not only in disaster recovery drills) – AI has great capabilities to overcome and help solve numerous challenges.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum Platform for Shaping the Future of Cybersecurity and Digital Trust aims to spearhead global cooperation and collective responses to growing cyber challenges, ultimately to harness and safeguard the full benefits of the Fourth Industrial Revolution. The platform seeks to deliver impact through facilitating the creation of security-by-design and security-by-default solutions across industry sectors, developing policy frameworks where needed; encouraging broader cooperative arrangements and shaping global governance; building communities to successfully tackle cyber challenges across the public and private sectors; and impacting agenda setting, to elevate some of the most pressing issues.

Platform activities focus on three main challenges:

Strengthening Global Cooperation for Digital Trust and Security – to increase global cooperation between the public and private sectors in addressing key challenges to security and trust posed by a digital landscape currently lacking effective cooperation at legal and policy levels, effective market incentives, and cooperation between stakeholders at the operational level across the ecosystem.Securing Future Digital Networks and Technology – to identify cybersecurity challenges and opportunities posed by new technologies and accelerate solutions and incentives to ensure digital trust in the Fourth Industrial Revolution.Building Skills and Capabilities for the Digital Future – to coordinate and promote initiatives to address the global deficit in professional skills, effective leadership and adequate capabilities in the cyber domain.

The platform is working on a number of ongoing activities to meet these challenges. Current initiatives include our successful work with a range of public- and private-sector partners to develop a clear and coherent cybersecurity vision for the electricity industry in the form of Board Principles for managing cyber risk in the electricity ecosystem and a complete framework, created in collaboration with the Forum’s investment community, enabling investors to assess the security preparedness of target companies, contributing to raising internal cybersecurity awareness.

For more information, please contact us.

Post-pandemic tendencies among emerging threats

Over the previous months, the cybersecurity community has observed numerous attack vectors that use a COVID-19 theme either as bait or as a way to conceal malicious activity from easy identification and detection. Therefore, as COVID-19 infections now seem to be decreasing in some countries, changes in the most common attack patterns are inevitable. However, it seems that these changes are not inspired by attempts to quickly and easily exploit the pandemic theme (as in the beginning, when threat actors swiftly created scam campaigns), but by using sophisticated and well-developed campaigns at carefully chosen times.

The cybersecurity community has lately become aware of numerous attempts to mimic informational applications, and that malicious activities can occur underneath a good-looking infection map or fictitious ‘infection radar’. In other words, such apps act as remote access trojans (RAT) in users’ devices. When a RAT is installed on a device, the threat actor is not only able to capture and manipulate sensitive data but can also perform a whole range of spying activities. Even though such campaigns have been observed worldwide, it seems that attempts to launch these kinds of attacks increase only in specific regions and only when that region experiences another surge of COVID-19 infections. In other words, threat campaigns directly correlate to the number of infections and public perception of the pandemic – when people are more anxious, threat actors increase their exploitation of the COVID-19 theme.

It is expected that as long as COVID-19 is eradicated in at least one region (as an epidemic) and until the general public becomes less anxious about the threat it poses, we will likely still see a variety of even more sophisticated cyber-threats using COVID-19 as a cover for performing malicious activities.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

UN refugee agency presses States to aid 49 refugees stranded on Mediterranean

The impossible end of the war in Syria

UN blue helmets in South Sudan use Sustainable Development Goals to help build peace

If on a summer’s night: is UK businesses’ “new deal” the only key to the “best of all worlds”?

Independent UN rights expert calls for compassion, not sanctions on Venezuela

Technology as an inclusion method while facing the COVID-19 pandemic: the “Coronavirus-SUS” app

Education in Emergencies: EU announces record humanitarian funding for 2019 and launches #RaiseYourPencil Campaign

What slums can teach us about building the cities of the future

Turkey: Commission continues humanitarian support for refugees

10 predictions for the global economy in 2019

The world’s most expensive places to own a home

UN chief welcomes formation of unity government in Madagascar

2019 EU Budget: Commission proposes a budget focused on continuity and delivery – for growth, solidarity, security

The technologies – and thoughtful collaborations – that can build resilience in the food system after COVID-19

Agreement reached on new EU Solidarity Corps

EU job-search aid worth €9.9m for 1,858 former Air France workers

EU to spend €135.5 billion in 2014 or 6.5% less than this year

The new general election will secure Greece’s position in Eurozone; at least for some time

UN Environment Assembly 2017: where the world convenes to #BeatPollution

India’s economy is growing fast, but its poorest areas lag behind. Here’s why this could be about to change

Greener economies and investment to reduce unemployment and increase global growth

Bringing justice to the people: how the UN is helping communities deal with disputes in remote and dangerous areas

Coronavirus: EU supports Member States with transport of essential supplies

The European Youth raises their voices this week in Brussels at Yo!Fest 2015

State aid: Commission approves €380 million German rescue aid to Condor

Are we at a turning point for tackling online extremism?

‘Harmonized’ plan launched to support millions of Venezuelan refugees and migrants

UN ‘regrets’ new US position on legality of Israeli settlements

Niger population’s suffering ‘increasing with each passing month’: UN Refugee Agency

Why the future for cars is connected

EU and World Health Organisation team up to boost access to health services in developing countries

Mobile technology: health in your hands

Venezuela’s needs ‘significant and growing’ UN humanitarian chief warns Security Council, as ‘unparalleled’ exodus continues

Global Citizen-Volunteer Internships

Open, inclusive and diverse cities are better for business and economic growth

The EU seals CETA but plans to re-baptise TTIP after missing the 2016 deadline

Drought in Europe: Commission presents additional measures to support farmers

Austria: reforms will be necessary to uphold high well-being levels

EU Budget 2019 deal: EP boosts support for researchers and the young

Global aid needed for healthcare

EU plans to exploit the Mediterranean Sea and the wealth beneath it

The future of energy is being shaped in Asia

How public transportation provides key lifelines during COVID-19

One Day in Beijing

Does the West play the Syrian game in Egypt?

These are the top 10 emerging technologies of 2019

Reckless Prescriptions: Lunatic Ideas Put By Great People Are Genius

High-technology manufacturing saves the EU industry

Agreement reached on screening of foreign direct investment for EU security

Politics is failing to protect the Amazon. It’s time for finance to step up instead

Mergers: Commission opens in-depth investigation into proposed acquisition of GRAIL by Illumina

Almost there: Equal healthcare for LGBTQI+

EU Commission and ECB rebuff Germany on the Banking Union

This Belgian start-up allows anyone to become an urban farmer

5 surprising ways to reuse coffee grounds

Is your smart home as safe as you think?

A Sting Exclusive: “The competitiveness of Europe depends on a digital single market”, EPP President Joseph Daul highlights live from European Business Summit 2015

How industrialisation could future-proof MENA’s Gulf economies

How the future of computing can make or break the AI revolution

Integration of migrants: Commission launches a public consultation and call for an expert group on the views of migrants

More Stings?

Comments

  1. It’s so interesting that the shift to remote work has resulted in more permissive VPN access policies, but that makes sense. I would have guessed it was the other way around. I had noticed on Google Trends that there has been a surge this year in demand for VPN judging by the number of organic queries. Daniel Agnew wrote a post for Namecheap that observed a spike earlier this year when many places were locking down, and then another bumb in the last two months.

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s