Trends

COVID-19 has changed global cybersecurity. What must nations do now?

People are more vulnerable to cyber intrusion, cybercriminals have honed their skills, and threats have skyrocketed. Eugene Kaspersky has three priorities.

Art by

Simeon Elson

Share article

During the pandemic, lockdowns and ‘shelter in place’ orders around the world have done much good. They’ve not only saved lives, they’ve shown us our cities without pollution and let businesses realize employees working from home can be more business benefit than business challenge.

While many were preoccupied with keeping the kids busy, perfecting their breadmaking skills or pulling relatives back from the conspiracy theory cliff, we saw cybercriminals doing their own kind of ‘working from home’.

I spoke about the growing cyberthreat landscape and what we must do about it as part of a high-level leaders discussion on international cybersecurity during the United Nations Internet Governance Forum (IGF) 2020.

During the pandemic, cybercriminals used new-found time to hone their skills and test out new methods. We saw a sharp rise in cybercrime of all kinds, from malware to advanced persistent threats (APT.) New hacking groups came on the scene, and with them, new kinds of attacks.

New attacks and actors unmasked

Here’s just a sample of the expansion of cybercrime our researchers detected since the coronavirus pandemic came into our lives.

This year we’ve seen unique malicious file detection rise 20 to 25 percent a day. Most threats, like malware, are relatively easy to deal with. But when what we’re seeing is a rise in more professional cybercrime gangs, that’s a different story. Kaspersky researchers are now monitoring more than 200 cybercrime gangs who’ve been launching hyper-targeted attacks against targets such as banks and governments. We’ve also seen more ‘juniors’ entering cybercrime. While they’re easy to stop now, many will graduate from hacker kindergarten and join the pros.

One of my biggest concerns is the potential for this new scale of cybercrime to become adept at damaging nations’ critical infrastructure.

With the increasing use of the internet of things, the number of points where cybercriminals can attack has grown exponentially. We know they’re willing and able. Take, for example, one of the most successful global attacks, the 2016 Mirai malware attack on domain name system provider Dyn. It took down hundreds of news websites around the world.

How should nations respond to the new threat landscape?

The cybersecurity impact of the pandemic has two parts. First, people are at greater risk of cyber-intrusion thanks to working from home and spending more time online. Second, there are more cybercriminals, and they’ve become better at what they do.

Meanwhile, the digital economy has been growing fast. Many businesses decided to use the breathing space and necessity of the pandemic to digitalize new parts of their business. So we’re at a place and time when organizations and their customers need to feel confident in these new ways of buying and delivering services. Building that confidence will help economies thrive. So how do we get there? I’ve got three priorities.

Leaders discuss international cybersecurity in the United Nations Internet Governance Forum (IGF) 2020

1. Secure technology by design

We can make technologies much more difficult and expensive to compromise, but they must be designed that way from the start. We have operating systems in devices already on the market that are so secure we had to devise a new way of talking about them – so we call this cyber-immunity. The chances of an attack on these systems succeeding means the cost to the criminal of a successful cyberattack is higher than the damage caused. To make critical infrastructure safer, we could deploy cyber-immune technologies across the network. The time to do it is now.

2. Enforcing cybersecurity law on an international level

International cooperation is crucial for hunting down cybercriminals, but it looks as though the world isn’t going in a ‘cooperation’ direction – it’s becoming more fragmented. We need a space in cybersecurity where nations can cooperate safely, without geopolitical fractures getting in the way.

3. High-level cooperation requires high-level cybersecurity education

As well as needing to overcome our differences, international cooperation against cybercrime will require ‘cyber diplomats’ to stay continually informed about the changing threat landscape.

Good news for those imagining a boring slide talk in a dark basement – cybersecurity education keeps pace with innovation and developments in learning science. For example, learning through immersive gamified simulations like Kaspersky Interactive Protection Simulation (KIPS) is popular and effective.

While the world recovers from the shocks of the COVID-19 pandemic, we must recognize much has changed, not least in cyberthreats. We need a new era of international cooperation to hunt cybercriminals. We need to make sure ‘cyber diplomats’ (those who develop and enforce national and international policy against cybercrime) fully understand the threats.

As professional cybercrime gangs hone their skills, I predict we’ll see cyberattacks grow at every level, harming business and governments. Thankfully, technology keeps evolving, and no one is powerless. Adopting cyber-immune systems will help nations keep the lights, water and internet running at times of crisis and beyond.

Kaspersky APT Intelligence Reporting

Exclusive and timely insights into high profile cyber-espionage campaigns.

About authors

Eugene Kaspersky is Kaspersky's co-founder and CEO. He has an Honorary Doctorate of Science from UK’s Plymouth University and regularly speaks on cybersecurity at universities, conferences and events. He also enjoys photography and expeditions into the wild.