The COVID-19 pandemic and cybersecurity: Lessons learned

Recent history has illustrated that humankind is very vulnerable to disruptive threats like pandemics, environmental calamities and cyberattacks, to name a few. Experts agree that it is critical to be prepared for a COVID-like global cyber-pandemic that could spread quicker than a wildfire and may have a wide-reaching and devastating economic impact.

The COVID-19 pandemic has forced all countries to adjust to a ‘new normal’ reality with millions of people under some level of lockdown and experiencing travel restrictions (Pew Research Center). 

While many think that a vaccine will soon be created and stability and normality will return, it is time to consider other taken for granted aspects that may be affected in future. Reviewing the lessons learned from the COVID-19 pandemic will assist in preparing for cyberattacks that resemble biological viruses that many predict lurk in our immediate future. In this article we discuss some of the lessons identified by Homeland Security Today.

  1. A cyberattack with characteristics like the coronavirus will spread faster and further than any biological virus.

It is estimated that the average reproductive number or ratio (Ro) of COVID-19 without any social distancing is between two and three. This means that a single infected person may infect two to three other people. However, based on a new study of Chinese data from the CDC, Forbes reports that “A single person with COVID-19 may be more likely to infect up to 5 or 6 other people, rather than 2 or 3.” 

Homeland Security Today states that the estimate of Ro of cyberattacks is 27. The 2003 Slammer/Sapphire worm, one the fastest worms in history, doubled in size approximately every 8.5 seconds, infecting more than 90 percent of vulnerable hosts within 10 minutes (Moore, et al., 2003). In 2017, Europol reported that the ransomware ‘WannaCry’ crippled more than 200,000 computers in 150 countries. MalwareTech, the pseudonym for a security blogger, hailed an ‘accidental hero’, accidentally stopped the rogue software’s code with a “kill switch”. The attack exploited a vulnerability in older Windows systems.

“The cyber equivalent of COVID-19 would be a self-propagating attack using one or more “zero-day” exploits, techniques for which patches and specific antivirus software signatures are not yet available” (Homeland Security Today: 2020). Indications are that all devices will be attacked at once with running a single, common operating system or application.

“If the vector were a popular social networking application with, say, 2 billion users, a virus with a reproductive rate of 20 may take five days to infect over 1 billion devices” (Homeland Security Today: 2020). ‘Zero-day’ attacks are difficult to detect and consequently, it would take time to identify the virus and concerted efforts to stop it from spreading. This was evident in the Stuxnet worm attack that nestled in Microsoft’s Windows operating system for 18 months before attacking. 

[us_single_image image=”37994″ onclick=”custom_link” link=”url:%2Fsolution-taken%2F%3Futm_campaign%3Dbusiness-solution%26utm_medium%3Dblog-113-cta-1|||”]
  1. A widespread digital shutdown will result in an economic impact similar or greater than COVID-19.

Homeland Security Today (2020) reasons that: “If cyber-COVID mirrored the pathology of the novel coronavirus, 30% of infected systems would be asymptomatic and spread the virus, while half would continue functioning with performance severely degraded – the digital equivalent of being in bed for a week.”. 15% of all devices will have a total data loss, requiring a complete system reinstall, 5% would be “bricked” and renderer inoperable, and millions would have to be taken offline in a matter of days (Homeland Security Today: 2020).

“The whole world could experience cyber lockdown until a digital vaccine was developed” since the solution to stop an infection would be to completely disconnect all vulnerable devices from one another and the Internet (Homeland Security Today:2020). The implications are that all business communication and data transfers would be prevented, and the only social contact would be limited to face-face encounters, and access through copper landline, snail-mail, or short-wave radio. “Just one day without the internet would cost the world more than $50 billion” (Homeland Security Today:2020).

  1. Challenges to recover will be extreme.

These implications would mean tremendous challenges for digitally dependent economies and the replacement of 5% of the world’s connected devices will require around 71 million new devices (Homeland Security Today: 2020). Given the current economic challenges and many organisations producing at reduced capacity, it would be impossible for manufacturers to produce at a level to meet demand. If manufacturing and logistics systems were affected, the surviving companies would experience severe backlogs in patching and reinstallation.

Additionally, geographic locations of electronics manufacturing would create other challenges. For example, HSBC economist Yun Liu, indicates that some of the biggest brands in technology, ranging from Nintendo to Google, are relocating to Vietnam, because the trade war that is making production in China more expensive. “In 2018, China produced 90% of mobile phones, 90% of computers and 70% televisions. Finger-pointing about the source and motive of the cyberattack, as well as competition to be first in line for supplies, would inevitably lead to geopolitical tensions. (Homeland Security Today: 2020).

The current pandemic provides the perfect opportunity for malicious actors to threaten organisations and users. The grand scale of a possible COVID-like cyberattack warrants renewed efforts in global collaboration in cybersecurity to circumvent massive losses.

Take your business connectivity guide to find the perfect solution for your business!


Homeland Security Today.US

Pew Research Center

Share on email
Share on facebook
Share on twitter
Share on linkedin
Share on pinterest