CYBER CRIMES AMIDST COVID 19 - BY L.K. RITA

INTRODUCTION 

The magnificent growth of the technologies involved with innovation and invention increases all type of work possible in fraction of a second. This paves way for malicious practices as well in every sector. That execution of a malicious practice with help of a computer or similar gadgets of that is termed as cyber crimes, commonly known as computer crimes. There are victims affected individually as well as in group. Most common cyber security threats are Trojan horse attacks. Trojan attacks like Dana Bot which can swipe banking account credentials, arose 160% over this covid-19 period. The corona virus originated in Wuhan city of china not only kills people but also increases the cyber threats.

LAWS ON CYBER CRIMES

Cyber criminals don’t have to go around committing a crime hence no boundary limits for it. A person who performs cyber crime needs to know some hacking skills and computer gadgets hacks all over the world. There is some international and regional legislation on cyber security to combat cyber crimes and also each country has their own cyber laws to deal with. Group of eight (GE) were initially formed between 8 industrialized countries such as US, UK, Russia, France, Italy, Japan, Germany and Canada to protect data and fight against cyber crimes. United Nations General Assembly initially adopted resolution deals with computer crime legislation in 1990 and later adopted second resolution to combat criminal misuse of information technology in 2002. The International telecommunications union (ITU), as a specialized agency within the United Nations, plays a leading role in the standardization and development of telecommunications and cyber security issues and was the lead agency of the World Summit on the Information Society (WSIS). In 2003, Geneva Declaration of Principles and the Geneva Plan of Action were released, which highlights the importance of measures in the fight against cybercrime. In 2005, the Tunis commitment and the Tunis Agenda were adopted for the Information Society. Council of Europe is an international organization among 47 European states formulated a convention on cyber crimes to fight cyber crimes and provisions for law enforcement and international cooperation. In India, cyber crimes are dealt with information security act, 2000. Recent cyber crimes fall out are information stealing activities like

1. Data breaches- Section 65 tampering with computer source documents.

2. Identity theft- Section 66C punishment for identity theft

3. Phishing, money laundering, credit card skimming- 66D punishment for cheating by personation by using computer resource

4. Cloud based attacks and distributed denial-of-service (DDOS) attacks - Section 66 read with section 43 deals other computer related offences. 

5. Section 66B deals with punishment for dishonestly receiving stolen computer resource or communication device. Section 71 and 74 dealt with penalty for misrepresentation and publication for fraudulent purpose respectively.

DIVERSE CYBER THREATS AMIDST COVID PERIOD

In the corona outbreak, working culture have been totally changed into work from home makes great difficulties for both employer and employee. It became easy for the cyber criminals to target the companies since work from home involves less security level. This placed the companies in higher risk position. 

Cyber Threats Organization

In January 2020, MacAfee reports the beginning of dramatic shift to work from home increases the threats targeting the cloud accounts. It also states that attacks from outside on cloud accounts have raised seven fold since first six months of 2020. Most of the attacks are collaborated services like Microsoft 365, and large scale attempts to steal credentials. The video conferencing is the killer application used for education purposes, conducting a workshop and even for office meetings and other client meetings. Applications like Cisco WebEx, Zoom, Microsoft Teams, Slack Saw, and Google Meet increased up to 60% of usage. Even the education sector and adoption of distance learning practices conduct classes over online paves way for stealing the information of people involved as well as about the organization. While the cloud attacks increasing, all the industries and other organization need to evaluate their security posture in order to protect against account takeover and data exfiltration. Considered the global pandemic declared after WHO, the impact on attack models and trends, based on data generated by the security company’s threat monitoring tools continuously in very high rate. The largest distributed denial of service attack was encountered in the first week of June by akamai’s edge virtual summit 2020. It was identified as clicking 1.44 terabits per second and 385 million packets per second as largest attack ever on Prolexic Routed. However, they managed to maintain the customer operations and instantly mitigate the major attacks. Online market deliveries have disrupted during the pandemic because of change in working practices. A report says, World Economic Forum (WEF) reveals the fear of cyber attacks, data fraud, geographical disruption, tighter restrictions on movement of people and goods.

Cyber Threats on Individuals

Covid-19 themed hacking against Chinese speaking people were the initial cyber attacks on individuals. The Vietnamese threat actors have performed cyber espionage attacks on the Chinese government. Vietnamese hacking campaigns targets Chinese people to collect intelligence on covid -19 crisis by sending spear phishing messages to china’s ministry of emergency management. The cyber criminals taking advantage of this covid -19 crisis, they steal sensitive data by sending a phishing messages through mail with capturing keystrokes like “covid-19 new order face masks.doc.rtf, covid-19 suspected affected vessel.doc, covid-19 suppliers’ notice.zip or .jpg.exe”. The cyber criminals have preyed on people fear; uncertainty surrounding the global corona virus pandemic streams a malware named “Ave Maria” which is a Remote Access Trojans (RATS) targeting windows system. it has the capability to cover surveillance, gains unauthorized access, live desktop access, steal passwords and acts as key logger etc. These types of malware have double during one month period (February to March). Credit card skimming activity was also another attack on both consumers and business folks. Cyber criminals does money laundering illegally using crypto currencies, later transmit it into real money.

CYBER CRIME TACTICS AND COMBATING CYBER THREATS

“Where there is a covid virus spread, there is a cyber criminal”

Criminals keep moving, changing their games, coming up with new innovative way to make money. They notice all the governments’ schemes and other financial payouts given during the pandemic crisis. The American federal government announces a payout for the people whose livelihood was affected due to this pandemic. These cyber criminals make use of this and get payout in some other name and get benefited. This was initially reported in Europe, UK, and USA as the corona virus spread, criminals follow them. There is covid-19 cyber threat intelligence league (CIT LEAGUE), a group of volunteers from more than 40 countries offered pro bono and volunteers in protecting healthcare facilities, emergency organizations from cyber threats. The CIT league provides 4 safe guards:

1. Active Cyber-attack Neutralisation

2. Cyber attack Prevention

3. Cyber supporting the life- saving and Health-related Sectors

4. Monitoring Cyberspace for Potential Danger to Public Health and Safety.

Victims can raise a complaint in these forums or government have already cyber sector that prevents the crime and give some remedies for the victims. Google have teamed up with US cyber crime support network to combat covid-19 based scams. Israel has signed an agreement with India that fights on cyber security threats enhanced over covid-19 crisis. Israel has also signed an agreement with Romania, a similar cyber security partnership. During the partnership, the two countries computer emergency response teams (CERT-IL AND CERT-RO) committed to share information and best practices. In India also CERT-IN serves as national agency during the cyber security incidents. Basic measures to be taken to combating cyber threats are:-

1. Educate about the cyber securities and employee must undergo proper training in handling the cyber security issues.

2. During the remote work practices, the companies must orderly arrange all the working arrangements with foreseeable future and comprehensive teleporting and telecommunicating policies. 

3. Organization and individuals must keep complete track of all data backups at regular intervals.

4. Organization and individuals also keep monitoring every data on their system and always be updated.

5. Companies should maintain incident response and disaster recovery plans that can be implemented immediately, with adequate resources, in the event of a data breach or cyber-attack.

CONCLUSION

Cyber criminals usually hold back for the right target and time to attack, such kind of era is that covid virus spread. The corona virus which originated in Wuhan city in December 2019 has spread all over the world. This puts the whole world under lockdown situation and made the ordinary work force into work at home practices. Cyber criminals make use of this situation for various security breaches. Existing cyber threats also new cyber threats arose massively during this pandemic. All the people are frightened to handle the crisis but those criminals use such opportunity to make money. It is the time to confront the cyber crimes and safe guard the data or information being looted by following some basic measures as mentioned in this article.