During the ISACA Cybersecurity Day, our presentation focused on the surge in cybercrime precipitated by the COVID-19 pandemic. Through a comprehensive analysis, we explored the correlation between the global health crisis and the escalation of cyber threats. By shedding light on the intricate dynamics at play and the vulnerabilities exposed during this period, we aimed to deepen attendees' understanding of the evolving threat landscape and underscore the imperative for robust cybersecurity measures in the face of unprecedented challenges.
2. Whoami?
❖ Kharim Mchatta
❖ CEO of HACK IT CONSULTANCY
❖ Cybersecurity professional (Pen tester & Digital Forensics expert)
❖ Founder of H4K-IT (Cybersec community inTZ)
❖ CTF player
❖ Blogger
❖ Author at eForensics and Pentets Magazine
❖ DW Swahili Subject matter expert (cybersecurity)
3. Before Diving in today's topic,we need to understand the
following terminologies
1.What is cybersecurity?
2.What is cybercrime?
4. What is cybersecurity?
Hacker
Virus/worms
PC Database Applications
Anti-virus
Firewall
Organization
Security
Thief
PROTECTING
From unauthorized access
From Malicious program
From unauthorized access
5. What is cybercrime?
These are crimes that involve
Networks Computers
Hacking
What crimes are these?
Phishing Ransomware Viruses Website Spoofing Online Fraud
PII –Theft (e.g National ID, Passport number,bank account number etc)
6. Cybercrime in Covid 19
In December 2019WHO reported the first outbreak of Covid 19
China
On 30th Jan 2020, the virus was announced as a global pandemic and part of counter measures
On stopping the virus lockdown started worldwide.
7. Cybercrime in Covid 19
Due to the pandemic, there was a huge change in the way the world operated, and this was due
to the lock down and social distancing.This led to
1. Companies introducing remote working (work from home)
2. E learning
3. People working from home
This led to various implication’s and some of them being
➢ A huge increase of number of internet users
➢ A huge increase in cybercrime
8. Cybercrime Trends in Covid 19 Era
During lockdown online activities have tremendously increased where people engage in different
Activities like
❖ Online shopping
❖ Streaming (movies, gaming etc)
❖ Chatting on social media
❖ Online meetings (zoom, skype etc)
❖ Online conference’s
❖ Remote working
❖ E-schooling
and many other more which has led to an increase of attack surface and vulnerabilities
Interpol have reported that in a period of 4 months (Jan to April 2020) there had been
➢ 907,000 spam messages (737 incidents related to malware and 48,000 malicious URLs )
and all were related to COVID 19
9. Cybercrime Trends in Covid 19 Era
Companies are rapidly deploying remote systems so that they can assist their employees in working
from home and criminals are taking advantage of this.
Interpol Secretary General Mr Jurgen Stock said
“Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting
the fear and uncertainty caused by the unstable social and economic situation created by COVID-19.”
10.
11. Cybercrimes accelerated by COVID 19
PHISHING andVHISHING
This attack vector makes use of a technique called social engineering where the attacker tries to
manipulate human emotions like
1. Empathy
2. Sense of urgency
3. Sense importance
4. Excitement
5. Economical problems
Phishing - Is a technique used by attackers where they try to get sensitive information like a user login
Credentials by sending emails pretending to be a trusted party or individual.
13. Cybercrimes accelerated by COVID 19
PHISHING Cont …….
Hacker Internet Employee MaliciousWebsite
Credentials sent to
Inserts Credentials
Malicious Email
Gains access to Gets Redirected to
14.
15.
16. Vhishing - this is a voice elicitation technique used by attackers where they try to get sensitive
information like a user login credentials using the phone.
Cybercrimes accelerated by COVID 19
18. Cybercrimes accelerated by COVID 19
Malicious programs
Ransomware - Is a malicious program that infects your systems and lock all documents in the system
and requests for payment in order to unlock them.
In 2021 a rough estimation of 1097 organizations were hit by ransomware attack and an estimation
Recovery cost from a ransomware attack is $1.85 million
Online Harassment - Is whereby an individual sends threatening messages, offensive name calling
Purposeful embarrassment, stalking or cyberbullying
Online Harassment
Due to the increase of online users the number of harassment has also increased drastically, online
harassment can be found in
➢ Social Media
➢ Comments of a website
➢ Online gaming
➢ Personal email
➢ Discussion site
➢ Dating site or app
19. Online Scam/Fraud
Online Scam/Fraud - Is whereby an attacker tries to get information or steal money from a victim
This can be either be done through
❖ Phone
❖ Email
❖ SMS
Cyberstalking
Cyberstalking - Is the use of the internet to stalk or harass an individual group of people or organization.
This may include
❖ False accusations
❖ Monitoring
❖ Threats
❖ Identity theft
Cybercrimes accelerated by COVID 19
20. ❖ Trust but verify
❖ Report offensive posts
❖ Don’t be part of the bullies game
❖ Always browse on website that have https
❖ Don’t click on links Don’t open pop ups
❖ Use anti spam software
❖ Awareness training
❖ Keep your browser up to date
❖ Run anti virus scan before downloading any program
❖ Don’t re-use passwords
❖ Read privacy policy
❖ Turn on browser pop up blocker
❖ Keep your system up to date (patch)
Counter Measure