The COVID-19 pandemic brought about unprecedented global challenges, reshaping the way people live, work, and interact. At the same time, cybercriminals swiftly adapted to exploit the chaos and vulnerabilities resulting from the pandemic, capitalizing on anything from phishing campaigns to ransomware attacks.

The outbreak of the COVID-19 pandemic forced societies around the world to rapidly adapt to remote work, online education, and increased digitalization. The sudden shift in daily routines and the surge in online activities provided fertile ground for cybercriminals to exploit new vulnerabilities, and the interconnectedness of the digital world magnified the impact of cybercrimes, making it imperative to understand the evolving trends and strategies employed by cyber adversaries. The sudden transition to remote work introduced numerous security challenges. Organizations struggled to secure remote endpoints and maintain consistent security policies. Cybercriminals exploited unsecured home networks, inadequately patched devices, and the lack of strong authentication methods. The blend of personal and professional activities on shared devices created opportunities for data breaches and unauthorized access.

Phishing attacks is one of the few types of attacks that is sure to come to mind in context of COVID. They surged during the pandemic, preying on the heightened anxiety and uncertainty, as malicious emails were disguised as health advisories, government communications, or financial relief offers. The cybercriminals leveraged emotional triggers to deceive individuals into clicking on malicious links or sharing sensitive information. Remote work vulnerabilities further exacerbated the effectiveness of phishing attacks, as employees were isolated from immediate support and collaboration. One of the areas that saw a surge of phishing attacks in particular was global supply chains. By compromising the email accounts or credentials of key personnel among manufacturers, distributors, and logistics partners, cybercriminals gained unauthorized access to sensitive information, disrupted communications, and manipulated processes, causing delays and confusion within the supply chain. For instance, cyber offenders used fraudulent emails (impersonating legitimate business partners, suppliers, or clients) to alter payment instructions or redirect funds, resulting in financial losses for both businesses and individuals. They could also aim at stealing sensitive data, trade secrets, and intellectual property, or even impersonating legitimate suppliers.

Another type of attacks that reached indeed alarming levels during the pandemic was Ransomware, targeting healthcare institutions, educational establishments, and various industries. The healthcare sector, strained by the pandemic, became a prime target due to the critical nature of its operations. Cybercriminals exploited the urgency of the situation, crippling hospitals’ systems and demanding hefty ransoms in exchange for restoring access. These attacks raised ethical concerns, as they directly impacted patient care and public safety.

As people sought information and supplies related to the pandemic, cybercriminals launched a wave of online scams and fraudulent websites. Counterfeit medical supplies, fake vaccines, and misleading information became rampant, leveraging the human factor (fear, despair, stress, fatigues) and making the potential victims susceptible to falling for these scams. The darknet, for example, became a platform for the sale of counterfeit medical supplies, including masks, testing kits, and medications. This not only endangered public health by providing ineffective or substandard products but also eroded trust in legitimate sources of medical supplies. It also played a role in spreading false information and conspiracy theories related to COVID-19. Misinformation campaigns on the darknet and other online platforms contributed to confusion, fear, and reluctance to follow public health guidelines.

Darknet marketplaces continued to facilitate the sale of cybercrime tools and services, including ransomware-as-a-service, malware, and hacking tutorials, and as remote work and online activities surged, cybercriminals never lacked tools they needed to exploit vulnerabilities. At the same time, the darknet ecosystem underwent changes due to the pandemic, and in some cases made it difficult to predict and combat illegal activities effectively. And looking forward, and preparing for the next time the world get disstabilized (isn’t our world a fragile place? 🙂 ) organizations should look at develop comprehensive incident response plans tailored to remote work scenarios, run regular simulations and drills to ensure a swift, coordinated response, and continue investing in advanced threat detection. Is this easier said than done?
Or is the main challenge not in getting equipped with the proper of cybersecurity solutions per se, but in predicting the context of the next world crisis which will dictate their use and efficiency?