COVID-19 SPECIAL

Keep guard up online: Don't be a target in time of the coronavirus

This is the fourth of 12 primers on current affairs issues that are part of the outreach programme for The Straits Times-Ministry of Education National Current Affairs Quiz

The coronavirus has been dominating headlines worldwide for months, with more than 1.7 million people infected and at least 108,000 deaths.

The death toll, which will continue to rise, has forced nations to adopt disruptive measures to contain the spread of the virus - schools have been closed, offices shuttered and workers forced to take their meetings online.

But the current anxiety and uncertainty among people have allowed a different kind of virus - of the online variety - to spread and thrive.

Hackers, criminals and other online bad actors are using the crisis as an opportunity to infect targets with malicious software, or malware, and coronavirus-themed attacks are on the rise.

According to security company Proofpoint, four out of five scam e-mails it has detected since it started tracking malicious activity associated with the outbreak are using coronavirus themes to trick people.

Singapore's own cyber-security response team, the Singapore Computer Emergency Response Team (SingCert), has warned of this danger.

In an advisory published on its website on March 27, SingCert, which is part of the Cyber Security Agency of Singapore, said: "Opportunistic cyberthreat actors are capitalising on the situation to conduct malicious cyber activities by exploiting vulnerabilities in solutions or unsecured networks to gain unauthorised access to users' data or the organisation's network."

In February, the World Health Organisation (WHO) issued a warning stating that scammers were disguising themselves as WHO representatives via phishing e-mails and fake websites, among other means, to con people out of personal information and money.

Reports say one such phishing attack involved e-mails allegedly sent from a WHO staff member luring users to download an e-book on how to protect children and keep business centres safe during the Covid-19 crisis.

Anyone who clicked on the link, however, would end up downloading an information-stealing trojan Formbook.

To prevent such cyber attacks, SingCert said users should always refrain from clicking on attachments or links from unknown sources. Even if the e-mail or text message appears to be from a familiar source, always double-check details for authenticity, such as in the spelling and grammar of the language.

Hackers, criminals and other online bad actors are using the coronavirus crisis as an opportunity to infect targets with malicious software, or malware, and coronavirus-themed attacks are on the rise. There might be no cure for these online viruses,
Hackers, criminals and other online bad actors are using the coronavirus crisis as an opportunity to infect targets with malicious software, or malware, and coronavirus-themed attacks are on the rise. There might be no cure for these online viruses, but the risk they pose can be managed if individuals practise good cyber hygiene and organisations prioritise cyber security. ST FILE PHOTO
  • About The Big Quiz

  • On Mondays, for 12 weeks until July 27 in the Opinion section, this paper's journalists will address burning questions, offering unique Singaporean perspectives on complex issues.

    The primers are part of the outreach of The Straits Times-Ministry of Education National Current Affairs Quiz, or The Big Quiz, which aims to promote an understanding of local and global issues among pre-university students.

    The primers will broach contemporary issues such as the arts in the digital age and journalism in the age of disinformation.

    Other issues include the rise and future of e-sports and an examination of how user-centric design and data-driven decision making are changing the way non-profit organisations reach out to the public.

    Each primer topic will give a local perspective to help students draw links back to the issues' implications for Singaporeans.

    For the third year, The Big Quiz will be online, allowing all pre-university students to take part in the current affairs competition, this time over six online quiz rounds.

    The first started on March 30, while the next begins today. The upcoming ones are on April 27, May 11 and July 13 and 27.

    The online quizzes are based on the primer topics and will be available for two weeks from the start date of each quiz.

    This nationwide event is jointly organised by The Straits Times and the Ministry of Education.

    Students can take the second round of The Big Quiz at https://str.sg/bigquiz2020 from today.

Mr Ilya Sachkov, chief executive and founder of Group-IB, a Singapore-based cyber-security company, said global crises usually stimulate cyber criminal activity, and this pandemic is no exception.

"The coronavirus outbreak has caused a plethora of issues around the globe and forced public and private companies to rethink their operations and switch to remote work, which creates additional cyber-security risks, such as financially motivated and espionage attacks via unprotected home devices used by employees outside of the corporate network security perimeter," he said.

Acronis, a cyber-protection firm, has also seen an uptick in hacking attempts during the ongoing crisis.

Mr Serguei Beloussov, its founder and CEO, said his team blocked about 1,000 cyber attacks a day in the first week of this month - a rise of 25 per cent over the past three months.

He said: "Stressed over the outbreak, people are becoming an easy target for criminal hackers and scammers.

"This encourages them to carelessly open coronavirus-themed e-mails and attachments - this is the reason why socially engineered attacks have much higher success rates during a crisis."

PERENNIAL THREAT

But Mr Beloussov added that while online threats and malware have become more dangerous due to the coronavirus situation, these threats will always be present as long as cyber criminals can make money from their attacks.

"The threats employed around Covid-19 are not new. They're the same ransomware, phishing, donation scams and info-stealing attacks, but now they're a known menace in new colours," he said.

"We have been seeing attackers adapt to protection methods over the last 30 years: As cyber attacks become more sophisticated, prevention methods get better - it's a classic arms race."

Furthermore, these threats are often rooted in social engineering, where a bad actor will research victims and use their weaknesses or "blind spots" to launch their attack.

Take, for instance, business e-mail impersonation attacks, one of the most common methods used by hackers to launch cyber attacks or carry out crimes.

In a business e-mail impersonation attack, a kind of phishing attack, the hacker impersonates someone the victims would trust to trick them into giving up their data, user names, log-in details or other information.

The Singapore Police Force received more than 200 reports of business e-mail impersonation scams between January and July in 2018, an increase of 9.7 per cent from the same period in 2017.

Such tactics are lucrative.

Businesses here lost around $43 million in 2017 due to e-mail impersonation scams. The figure was $25 million in 2016.

Besides phishing attacks, tactics such as threatening a user with malware rely on social engineering to succeed.

Remote video URL

Mr Sid Deshpande, director of security strategy in Asia-Pacific and Japan for Internet services firm Akamai, said these methods yield maximum output for these criminals, often with minimum effort.

"Defenders have to be right every time, but attackers have to be right only once. The sudden move to a highly distributed workforce is a culture and technology shock to many individuals and enterprises, but from a hacker's perspective, it is the perfect storm," he said.

NO CURE?

Experts continually say that there is no way to prevent cyber attacks from happening.

There might be no cure for these online viruses, but the risk they pose can be managed if individuals practise good cyber hygiene and organisations prioritise cyber security.

SingCert advises that employees working from home should use a secure Wi-Fi network, and send sensitive information only over a virtual private network.

It has also said they must change the default password of home routers, check that security settings are set to enable automatic updates, and disable UPnP (universal plug-and-play), which refers to the feature of allowing devices to discover each other on the network.

Businesses need to put cyber security at the forefront and assess how robust their defences are in order to minimise the risk of an attack from occurring and contain its potential effects as best as possible, said Mr Sachkov.

But small habits on an individual level can go a long way as well, he added, urging individuals to always check senders' e-mail addresses, and not to click on links in suspicious e-mails or download attachments from unfamiliar contacts.

Mr Beloussov recommended the use of data backups and multi-factor authentication, which requires users to authenticate their identity via another verification method, such as an SMS or a security token.

He said: "If every user would use strong unique passwords with multi-factor authentication and backed up all their data automatically, a lot of attacks would be avoided, and even if successful, effortlessly and quickly recovered from.

"The fight against cyber criminals is not futile, so keep your guard up and practise good cyber hygiene."

Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Straits Times on April 13, 2020, with the headline Keep guard up online: Don't be a target in time of the coronavirus. Subscribe