Cybercriminals take advantage of health crisis
From ransomware attacks on hospitals to the deliberate spread of fake news on social media, South Africa has seen an increase in digital crimes during the lockdown period, writes Jamaine Krige.
During the Covid-19 pandemic, there has been an uptick in cybercrimes and criminal activity via digital means, according to a panel of researchers from the Council for Scientific and Industrial Research (CSIR). The panellists spoke at a briefing on the impact of cybercrimes and misinformation during the Covid-19 pandemic.
Speaking to Health-e News, Thabo Mahlangu, a cybersecurity researcher at CSIR, says the lockdown has resulted in many cybersecurity challenges that carried the potential to bring immense harm to individuals, companies and government institutions. According to the CSIR, there has been a marked increase in ransomware attacks against critical infrastructure and response institutions like hospitals and medical centres, which are already overwhelmed with the current pandemic.
“Obviously ransomware has a huge potential for damage because they won’t steal data, but they lock your data, they lock your system,” Mahlangu explains. This stops the owner of the system from being able to access its data or functions. “As a result, you then can’t render services,” he says, adding that for a medical institution this could have fatal consequences.
‘Quick to adapt’
Due to close monitoring and early interventions, no ransomware attacks were successfully executed on their watch.
“We have also seen a spike in new malware, which basically shows that cybercriminals are taking advantage of the crisis that we are facing and they are quick to adapt.”
Operational and cybersecurity teams had to adapt faster. Mahlangu says in response to Covid-19, a data-driven security approach was adopted to forecast potential malware attacks and fight against phishing scams. Using different data and data sources, the team gets a holistic security view of the environment that they are monitoring and trying to protect.
Networks left vulnerable
With employees working from home, another challenge is that company networks and systems have been left vulnerable.
“People use different technologies and devices to connect to their work environment and to their company,” Mahlangu explains, adding that there has been a marked increase in attempts to steal user data, increases in malware and phishing attempts, increases in breaches of video conferencing platforms and in scams and fraudulent activities using digital means.
Scammers use old tricks
Despite technological advances, the most vulnerable point in any network, system or device still seems to be the person using it.
“There was a need to train our users so that they can be cyber savvy and aware of the threat that is out there, because cybercriminals still use the old tactics of social engineering to trick the user into retrieving an infected file or offer up their details.”
The team at CSIR has been using data to help identify user behaviours that could increase the risk of falling victim to attack.
“A very important and interesting insight that we picked up from the data is that the source of the malware-related infections come from specific files and the majority of those files are entertainment files like music or movies.”
He says malware is also being transmitted more and more through work-related files
“People who are locked down at home – as much as they work during work hours, there is still a need for entertainment.”
He says the pandemic has created a new way for cybercriminals to hook unsuspecting victims – creating fake websites related to Covid-19 to trick users into opening malicious attachments or fishing links, which results in illegal access to personal accounts.
“The main purpose of this malware is to compromise the company’s network, steal data, and even transfer or steal money from your account.”
Fake news flourishes
Majority of the attacks were a result of user behaviour, which is why educating users is key. Education and digital literacy are the first steps in combating the spread of disinformation and fake news – another cybercrime that is on the rise since the start of the pandemic.
Neliswa Dlamini is an information security researcher focusing on combating fake news. She says that the “spread of fake news during the Covid-19 pandemic has resulted in a lot of damage.”
“The spreading and publishing of false information about Covid-19 is actually a criminal offence, according to the regulations that were made in terms of the Disaster Management Act,” she explains.
But this is a crime, she says, that is hard to enforce.
“Fake news replicates rapidly on platforms such as social media, and the mainstream media is not exempt from this,” she warns.
Like other cyber criminals, those who publish fake news are adaptable and opportunistic, and the novel coronavirus pandemic and subsequent lockdown have given them the fuel they need to ensure that their misinformation and disinformation spread like wildfire.
“What we also realise is that after an announcement about the lockdown or regulations there would be a flood of fake news which we then had to dispel,” Dlamini said.
She says misinformation about health is particularly worrying. One of the false stories doing the rounds was that faulty Covid-19 testing kits resulted in false positive test results. This meant that many people were hesitant to get tested.
Fake news stories which wrongly warn against medical interventions, Covid-19 prevention strategies or that perpetuate conspiracy theories can all lead to less people seeking help when they are ill or not taking precautions to prevent themselves from getting infected, or from infecting others.
And while technology brings several challenges, researchers also know that it may offer solutions. CSIR biometric researcher Kedimotse Baruni says facial recognition technology can be utilised to reduce the spread of Covid-19.
This could prove particularly useful for access control at hospitals and other public spaces, reducing the need for contact-based biometric devices such as fingerprint scanners that are touched by multiple people.
The benefits of facial recognition technologies, however, are not limited to access control; they can also be used to enforce compliance in public spaces.
“Facial recognition can also be used by law-enforcement to check whether a person is wearing a mask or not,” Baruni explains. “If a person is not wearing a mask then there will be an alert.” – Health-e News