Skip to main content

Cybersecurity Attacks During COVID-19: An Analysis of the Behavior of the Human Factors and a Proposal of Hardening Strategies

Abstract

During the COVID-19 pandemic, fake news has increased considerably. Although fake news is a social problem that has existed for a long time, in the COVID-19 context, it has put people’s lives at risk. Nowadays, a massive amount of information is available, and organizations attempt to send official statements to citizens. However, some factors can support people’s decision to accept an idea as real even though it will be risky. This study is exploratory and descriptive research that aims to establish the human factors that make the standard user susceptible to cyber-attacks in times of pandemic. A literature review of cybersecurity attacks and conflict scenarios registered during the COVID-19 pandemic was first applied during the investigation. After coding them, the Diamond Model was applied, representing the analysis of cybersecurity intrusions, which emphasizes the relationships and features of the four main elements of an intrusion: adversary, infrastructure, capacity, and victim. With this input, several innovative strategies are proposed to minimize attacks by advanced threat actors and their impact on users. These strategies are useful for governments to improve communication with citizens and develop critical thinking on citizens to face fake news.

Keywords

  • Fake news
  • Human factor behavior
  • COVID-19
  • Hardening strategies

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-71381-2_3
  • Chapter length: 17 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-71381-2
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   79.99
Price excludes VAT (USA)
Hardcover Book
USD   109.99
Price excludes VAT (USA)
Fig. 3.1
Fig. 3.2
Fig. 3.3
Fig. 3.4
Fig. 3.5
Fig. 3.6
Fig. 3.7
Fig. 3.8
Fig. 3.9

References

  1. Tesar, M. (2020). ‘Towards a Post-Covid-19 ‘New Normality?’: Physical and social distancing, the move to online and higher education. Policy Futures in Education, 18(5), 556–559. https://doi.org/10.1177/1478210320935671

    CrossRef  Google Scholar 

  2. Interpol (2020). INTERPOL Report Shows Alarming Rate Of Cyberattacks During COVID-19. Available at: https://www.interpol.int/en/News-and-Events/News/2020/INTERPOL-report-shows-alarming-rate-of-cyberattacks-during-COVID-19. Accessed 8 Aug 2020.

  3. UNESCO. (2020). Combating The Disinfodemic: Working For Truth In The Time Of COVID-19. Available at: https://en.unesco.org/covid19/disinfodemic. Accessed 8 Aug 2020.

    Google Scholar 

  4. Sadio, A., Gbeasor-Komlanvi, F., Konu, R., Bakoubayi, A., Tchankoni, M., Bitty-Anderson, A., et al. (2020). Assessment of self-medication practices in the context of Covid-19 outbreak in Togo. BMC public health, 21, 1–9. https://doi.org/10.21203/rs.3.rs-42598/v1

    Google Scholar 

  5. Benedictine University. (2021). Research Guides: Fake News: Develop Your Fact-Checking Skills: Examples Of Fake News. Available at: https://researchguides.ben.edu/c.php?g=608230&p=4220071. Accessed 6 Jan 2021.

    Google Scholar 

  6. Escalante, A., (2020). Research Shows How To Spot Fake News About Coronavirus. Available at: https://www.forbes.com/sites/alisonescalante/2020/07/07/research Shows how to spot fake news about coronavirus/. Accessed 8 Aug 2020.

  7. Harvard (2020). Developing Public Health Communication Strategies And Combating Misinformation During COVID-19. Available at: https://www.hsph.harvard.edu/ecpe/public-health-communication-strategies-covid-19. Accessed 8 Aug 2020.

  8. Kim, R. Y. (2020). The Impact of COVID-19 on consumers: Preparing for digital sales. IEEE Engineering Management Review, 48, 212–218. https://doi.org/10.1109/EMR.2020.2990115

    CrossRef  Google Scholar 

  9. Lima, C. K. T., de Medeiros Carvalho, P. M., Lima, I. D. A. A. S., de Oliveira Nunes, J. V. A., Saraiva, et al. (2020). The emotional impact of Coronavirus 2019-nCoV (new Coronavirus disease). Psychiatry Research, 287, 112915. ISSN 0165-1781. https://doi.org/10.1016/j.psychres.2020.112915

  10. Domingo, C. J. M., Gabucio, C. F., & Lichtenstein, T. F. (2005). Psicología del pensamiento, Editorial UOC, Barcelona. Available from: ProQuest Ebook Central. 19 Aug 2020.

    Google Scholar 

  11. Peters, A., McEwen, B. S., Friston, K. (2017). Uncertainty and stress: Why it causes diseases and how it is mastered by the brain. Progress in Neurobiology, 156, 164–188. ISSN 0301-0082. https://doi.org/10.1016/j.pneurobio.2017.05.004

    CrossRef  Google Scholar 

  12. Khosravi, M. (2020). Neuroticism as a Marker of Vulnerability to COVID-19 infection. Psychiatry Investigation, 17, 7. https://doi.org/10.30773/pi.2020.0199

    CrossRef  Google Scholar 

  13. World Economic Forum. (2020). 10 Tech Trends Getting Us Through The COVID-19 Pandemic. Available at: https://www.weforum.org/agenda/2020/04/10-technology-trends-coronavirus-covid19-pandemic-robotics-telehealth/. Accessed 28 Aug 2020.

  14. Europol (2020). No More Ransom – Do You Need Help Unlocking Your Digital Life? Available at: https://www.europol.europa.eu/activities-services/public-awareness-and-prevention-guides/no-more-ransom-do-you-need-help-unlocking-your-digital-life. Accessed 28 Aug 2020.

  15. American Hospital Association (2020). Ransomware Attacks On Hospitals Have Changed. Available at: https://www.aha.org/center/emerging-issues/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed. Accessed 28 Aug 2020.

  16. Securitymagazine (2020). Available at: https://www.securitymagazine.com/articles/92575-increase-in-reports-of-ransomware-attacks-on-health-care-entities. Accessed 28 Aug 2020.

  17. BBC (2020). Google Blocking 18M Coronavirus Scam Emails Every Day. Available at: https://www.bbc.co.uk/news/technology-52319093. Accessed 29 Aug 2020.

  18. Microsoft (2020). Cybercriminals are taking advantage of COVID-19. https://news.microsoft.com/en-nz/2020/07/08/cybercriminals-are-taking-advantage-of-covid-19-with-new-attack-methods-microsoft-security-endpoint-threat-report/

  19. Federal Trade Commission (2020). Scammers are using COVID-19 messages to scam people. (2020). Retrieved October 30, 2020, from https://www.consumer.ftc.gov/blog/2020/04/scammers-are-using-covid-19-messages-scam-people

  20. Fbi.gov (2020). FBI Warns Of Teleconferencing And Online Classroom Hijacking During COVID-19 Pandemic — FBI. Available at: https://www.fbi.gov/contact-us/field-offices/boston/news/press-releases/fbi-warns-of-teleconferencing-and-online-classroom-hijacking-during-covid-19-pandemic. Accessed 29 Aug 2020.

  21. European Parliament (2020). Available at: https://www.europarl.europa.eu. Accessed 29 Aug 2020.

  22. Cybersecurity and Infrastructure Security Agency (2020). Identifying Critical Infrastructure During COVID-19 — CISA. Available at: https://www.cisa.gov/identifying-critical-infrastructure-during-covid-19. Accessed 29 Aug 2020.

  23. BBC (2020). US Charges Chinese Covid-19 Research ’Cyber-Spies’. Available at: https://www.bbc.com/news/world-us-canada-53493028. Accessed 29 Aug 2020.

  24. National Cyber Security Center (2020). Cyber Aware. Available at: https://www.ncsc.gov.uk/cyberaware/home. Accessed 29 Aug 2020.

  25. Cybersecurity and Infrastructure Security Agency (2020). COVID-19 Disinformation Toolkit — CISA. Available at: https://www.cisa.gov/covid-19-disinformation-toolkit. Accessed 28 Aug 2020.

  26. Khan, R., McLaughlin, K., Laverty, D., & Sezer, S. (2017), STRIDE-based threat modeling for cyber-physical systems. In 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), Torino (pp. 1–6). https://doi.org/10.1109/ISGTEurope.2017.8260283

  27. Hagan, M., Siddiqui, F., & Sezer, S. (2018). Policy-based security modelling and enforcement approach for emerging embedded architectures. In 2018 31st IEEE International System-on-Chip Conference (SOCC), Arlington, VA (pp. 84–89). https://doi.org/10.1109/SOCC.2018.8618544

  28. Cho, S., Han, I., Jeong, S., Kim, J., Koo, S., Oh, H., et al. (2018). Cyber kill chain based threat taxonomy and its application on cyber common operational picture. In 2018 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA), Glasgow (pp. 1–8). https://doi.org/10.1109/CyberSA.2018.8551383

  29. Al-Mohannadi, H., Mirza, Q., Namanya, A., Awan, I., Cullen, A., & Disso, J. (2016). Cyber-attack modeling analysis techniques: An overview. In 2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), Vienna (pp. 69–76). https://doi.org/10.1109/W-FiCloud.2016.29

  30. Abu, M. d., Rahayu, S., Ariffin (DrAA), Dr Aswami, & Robiah, Y. (2018). An enhancement of cyber threat intelligence framework. Journal of Advanced Research in Dynamical and Control Systems, 10, 96–104.

    Google Scholar 

  31. King, Z. M., Henshel, D. S., Flora, L., Cains, M. G., Hoffman, B., & Sample, C. (2018). Characterizing and measuring maliciousness for cybersecurity risk assessment. Frontiers in Psychology, 9, 39. https://doi.org/10.3389/fpsyg.2018.00039

    CrossRef  Google Scholar 

  32. Branley, D. B., & Covey, J. (2018). Risky behavior via social media: The role of reasoned and social reactive pathways. Computers in Human Behavior, 78, 183–191. https://doi.org/10.1016/j.chb.2017.09.036

    CrossRef  Google Scholar 

  33. Tandoc, E. C., Lim, Z. W., & Ling, R. (2017). Defining “Fake News.” Digital Journalism, 6(2), 137–153. https://doi.org/10.1080/21670811.2017.1360143

    CrossRef  Google Scholar 

  34. Frauenstein, E. D., & Flowerday, S. (2020). Susceptibility to phishing on social network sites: A personality information processing model. Computers and Security, 94, 101862. https://doi.org/10.1016/j.cose.2020.101862

    CrossRef  Google Scholar 

  35. Lee, C. S., & Ma, L. (2012). News sharing in social media: The effect of gratifications and prior experience. Computers in Human Behavior, 28(2), 331–339.

    CrossRef  Google Scholar 

  36. Kouzy, R., Abi Jaoude, J., & Kraitem, A. (2020). Coronavirus goes viral: Quantifying the COVID-19 misinformation epidemic on twitter. Cureus, 12, e7255.

    Google Scholar 

  37. Laato, S., et al. (2020). What drives unverified information sharing and cyberchondria during the COVID-19 pandemic? European Journal of Information Systems, 29(3), 288–305.

    CrossRef  Google Scholar 

  38. Jacks, J. Z., & Cameron, K. A. (2003). Strategies for resisting persuasion. Basic and Applied Social Psychology, 25(2), 145–161. https://doi.org/10.1207/S15324834BASP2502-5

    CrossRef  Google Scholar 

  39. Molina, M. D., Sundar, S. S., Le, T., & Lee, D. (2019). “Fake News” is not simply false information: A concept explication and taxonomy of online content. American Behavioral Scientist, 65, 180–212. https://doi.org/10.1177/0002764219878224

    CrossRef  Google Scholar 

  40. Sharevski, F., Jachim, P., & Florek, K. (2020). To tweet or not to tweet: Covertly manipulating a Twitter debate on vaccines using malware-induced misperceptions. arXiv:2003.12093 [cs]. http://arxiv.org/abs/2003.12093

  41. Chu, Z., Gianvecchio, S., Wang, H., & Jajodia, S. (2010). Who is tweeting on Twitter: human, bot, or cyborg? In Proceedings of the 26th Annual Computer Security Applications Conference (pp 21–30). New York, NY, USA: ACM.

    CrossRef  Google Scholar 

  42. Broniatowski, D. A., Jamison, A. M., Qi, S., AlKulaib, L., Chen, T., Benton, A., et al. (2018). Weaponized health communication: Twitter bots and Russian trolls amplify the vaccine debate American Journal of Public Health, 108, 1378–1384. https://doi.org/10.2105/AJPH.2018.304567

    Google Scholar 

  43. Sutin, A. R., Luchetti, M., Aschwanden, D., Lee, J. H., Sesker, A. A., Strickhouser, J. E., et al. (2020). Change in five-factor model personality traits during the acute phase of the coronavirus pandemic. PLOS ONE, 15(8), e0237056. https://doi.org/10.1371/journal.pone.0237056

    CrossRef  Google Scholar 

  44. Schirrmeister, E., Göhring, A.-L., & Warnke, P. (2020). Psychological biases and heuristics in the context of foresight and scenario processes. Futures Foresight Science, 2, e31. https://doi.org/10.1002/ffo2.31

    CrossRef  Google Scholar 

  45. Kasulis, K. (2020). S Korea’s smartphone apps tracking coronavirus Won’t stop buzzing. Al Jazeera, 9 April 2020. https://www.aljazeera.com/news/2020/04/korea-smartphone-apps-tracking-coronavirus-won-stop-buzzing-200408074008185.html

  46. Shah, A. U. M., Safri, S. N. A., Thevadas, R., Noordin, N. K., Rahman, A. A., Sekawi, Z., et al. (2020). COVID-19 outbreak in Malaysia: Actions taken by the Malaysian government. International Journal of Infectious Diseases, 97, 108–116. https://doi.org/10.1016/j.ijid.2020.05.093

    CrossRef  Google Scholar 

  47. Yusof, A., Muuti, M., Ariffin, L., & Tan, M. (2020). Sharing Information on COVID-19: the ethical challenges in the Malaysian setting. Asian Bioethics Review, 12, 349–361. https://doi.org/10.1007/s41649-020-00132-4

    CrossRef  Google Scholar 

  48. McDougall, J., Brites, M.-J., Couto, M.-J., & Lucas, C. (2019). Digital literacy, fake news and education/Alfabetización digital, fake news y educación. Culture and Education, 31(2), 203–212. https://doi.org/10.1080/11356405.2019.1603632

    CrossRef  Google Scholar 

  49. Staff, S. (2020). This Cambridge University Game Wants You To Build A Fake News Empire For Science. ScienceAlert. Available at: https://www.sciencealert.com/cambridge-university-game-vaccinate-against-fake-news-hilarious-fun. Accessed 20 Aug 2020.

Download references

Acknowledgements

We want to thank the resources granted for developing the research project entitled “Detection and Mitigation of Social Engineering attacks applying Cognitive Security, Code: PIC-ESPE-2020-Social-Engineering.” The authors would also like to thank the financial support of the Ecuadorian Corporation for the Development of Research and the Academy (RED CEDIA) in the development of this study within the Project Grant GT-Cybersecurity.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Roberto O. Andrade .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Verify currency and authenticity via CrossMark

Cite this chapter

Andrade, R.O., Cazares, M., Fuertes, W. (2021). Cybersecurity Attacks During COVID-19: An Analysis of the Behavior of the Human Factors and a Proposal of Hardening Strategies. In: Daimi, K., Peoples, C. (eds) Advances in Cybersecurity Management. Springer, Cham. https://doi.org/10.1007/978-3-030-71381-2_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-71381-2_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-71380-5

  • Online ISBN: 978-3-030-71381-2

  • eBook Packages: Computer ScienceComputer Science (R0)