Cyber security in the age of COVID-19 : a timeline and analysis of cyber-crime and cyber-attacks during the pandemic

Lallie, Harjinder Singh and Shepherd, Lynsay A. and Nurse, Jason R.C. and Erola, Arnau and Epiphaniou, Gregory and Maple, Carsten and Bellekens, Xavier (2021) Cyber security in the age of COVID-19 : a timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers and Security, 105. 102248. ISSN 0167-4048 (https://doi.org/10.1016/j.cose.2021.102248)

[thumbnail of Lallie-etal-CS-2021-Cyber-security-in-the-age-of-COVID-19-A-timeline-and-analysis]
Preview
 Text. Filename: Lallie_etal_CS_2021_Cyber_security_in_the_age_of_COVID_19_A_timeline_and_analysis.pdf
Accepted Author Manuscript
License: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 logo
Download (6MB)| Preview

Abstract

The COVID-19 pandemic was a remarkable, unprecedented event which altered the lives of billions of citizens globally resulting in what became commonly referred to as the new-normal in terms of societal norms and the way we live and work. Aside from the extraordinary impact on society and business as a whole, the pandemic generated a set of unique cyber-crime related circumstances which also affected society and business. The increased anxiety caused by the pandemic heightened the likelihood of cyber-attacks succeeding corresponding with an increase in the number and range of cyber-attacks. This paper analyses the COVID-19 pandemic from a cyber-crime perspective and highlights the range of cyber-attacks experienced globally during the pandemic. Cyber-attacks are analysed and considered within the context of key global events to reveal the modus-operandi of cyber-attack campaigns. The analysis shows how following what appeared to be large gaps between the initial outbreak of the pandemic in China and the first COVID-19 related cyber-attack, attacks steadily became much more prevalent to the point that on some days, three or four unique cyber-attacks were being reported. The analysis proceeds to utilise the UK as a case study to demonstrate how cyber-criminals leveraged salient events and governmental announcements to carefully craft and execute cyber-crime campaigns.

CORE (COnnecting REpositories)