Cyber security in the age of COVID-19: a timeline and analysis of cyber-crime and cyber-attacks during the pandemic

Harjinder Singh Lallie; Lynsay A. Shepherd; Jason R.C. Nurse; Arnau Erola; Gregory Epiphaniou; Carsten Maple; Xavier Bellekens

doi:10.1016/j.cose.2021.102248

Cyber security in the age of COVID-19: a timeline and analysis of cyber-crime and cyber-attacks during the pandemic

Harjinder Singh Lallie^*, Lynsay A. Shepherd, Jason R.C. Nurse, Arnau Erola, Gregory Epiphaniou, Carsten Maple, Xavier Bellekens

^*Corresponding author for this work

Electronic And Electrical Engineering

Research output: Contribution to journal › Article › peer-review

374 Citations (Scopus)

89 Downloads (Pure)

Abstract

The COVID-19 pandemic was a remarkable, unprecedented event which altered the lives of billions of citizens globally resulting in what became commonly referred to as the new-normal in terms of societal norms and the way we live and work. Aside from the extraordinary impact on society and business as a whole, the pandemic generated a set of unique cyber-crime related circumstances which also affected society and business. The increased anxiety caused by the pandemic heightened the likelihood of cyber-attacks succeeding corresponding with an increase in the number and range of cyber-attacks. This paper analyses the COVID-19 pandemic from a cyber-crime perspective and highlights the range of cyber-attacks experienced globally during the pandemic. Cyber-attacks are analysed and considered within the context of key global events to reveal the modus-operandi of cyber-attack campaigns. The analysis shows how following what appeared to be large gaps between the initial outbreak of the pandemic in China and the first COVID-19 related cyber-attack, attacks steadily became much more prevalent to the point that on some days, three or four unique cyber-attacks were being reported. The analysis proceeds to utilise the UK as a case study to demonstrate how cyber-criminals leveraged salient events and governmental announcements to carefully craft and execute cyber-crime campaigns.

Original language	English
Article number	102248
Journal	Computers and Security
Volume	105
Early online date	3 Mar 2021
DOIs	https://doi.org/10.1016/j.cose.2021.102248
Publication status	Published - 30 Jun 2021

Funding

Dr Gregory Epiphaniou currently holds a position as an Associate Professor of security engineering at the University of Warwick. His role involves bid support, applied research and publications. He led and contributed to several research projects funded by EPSRC, IUK and local authorities totalling over 3M. He was previously holding a position as a Reader in Cybersecurity and acted as deputy director of the Wolverhampton Cybersecurity Research Institute (WCRI). He has taught in many universities both nationally and internationally a variety of areas related to proactive network defence with over 80 international publications in journals, conference proceedings and author in several books and chapters. He holds several industry certifications around Information Security and worked with several government agencies including the UK MoD in Cybersecurity related projects. He acts as a technical committee member for several scientific conferences in Information and network security and serves as a key member in the development of WS5 for the formation of the UK Cybersecurity Council

Keywords

attack timeline
coronavirus
COVID-19
cyber security
cyber-attack
cyber-crime
home working

Access to Document

10.1016/j.cose.2021.102248

Lallie-etal-CS-2021-Cyber-security-in-the-age-of-COVID-19-A-timeline-and-analysisAccepted author manuscript, 5.87 MBLicence: CC BY-NC-ND 4.0

Cite this

@article{4e14d52c4d3c467682852bf837d35724,

title = "Cyber security in the age of COVID-19: a timeline and analysis of cyber-crime and cyber-attacks during the pandemic",

abstract = "The COVID-19 pandemic was a remarkable, unprecedented event which altered the lives of billions of citizens globally resulting in what became commonly referred to as the new-normal in terms of societal norms and the way we live and work. Aside from the extraordinary impact on society and business as a whole, the pandemic generated a set of unique cyber-crime related circumstances which also affected society and business. The increased anxiety caused by the pandemic heightened the likelihood of cyber-attacks succeeding corresponding with an increase in the number and range of cyber-attacks. This paper analyses the COVID-19 pandemic from a cyber-crime perspective and highlights the range of cyber-attacks experienced globally during the pandemic. Cyber-attacks are analysed and considered within the context of key global events to reveal the modus-operandi of cyber-attack campaigns. The analysis shows how following what appeared to be large gaps between the initial outbreak of the pandemic in China and the first COVID-19 related cyber-attack, attacks steadily became much more prevalent to the point that on some days, three or four unique cyber-attacks were being reported. The analysis proceeds to utilise the UK as a case study to demonstrate how cyber-criminals leveraged salient events and governmental announcements to carefully craft and execute cyber-crime campaigns.",

keywords = "attack timeline, coronavirus, COVID-19, cyber security, cyber-attack, cyber-crime, home working",

author = "Lallie, {Harjinder Singh} and Shepherd, {Lynsay A.} and Nurse, {Jason R.C.} and Arnau Erola and Gregory Epiphaniou and Carsten Maple and Xavier Bellekens",

year = "2021",

month = jun,

day = "30",

doi = "10.1016/j.cose.2021.102248",

language = "English",

volume = "105",

}

TY - JOUR

T1 - Cyber security in the age of COVID-19

T2 - a timeline and analysis of cyber-crime and cyber-attacks during the pandemic

AU - Lallie, Harjinder Singh

AU - Shepherd, Lynsay A.

AU - Nurse, Jason R.C.

AU - Erola, Arnau

AU - Epiphaniou, Gregory

AU - Maple, Carsten

AU - Bellekens, Xavier

PY - 2021/6/30

Y1 - 2021/6/30

N2 - The COVID-19 pandemic was a remarkable, unprecedented event which altered the lives of billions of citizens globally resulting in what became commonly referred to as the new-normal in terms of societal norms and the way we live and work. Aside from the extraordinary impact on society and business as a whole, the pandemic generated a set of unique cyber-crime related circumstances which also affected society and business. The increased anxiety caused by the pandemic heightened the likelihood of cyber-attacks succeeding corresponding with an increase in the number and range of cyber-attacks. This paper analyses the COVID-19 pandemic from a cyber-crime perspective and highlights the range of cyber-attacks experienced globally during the pandemic. Cyber-attacks are analysed and considered within the context of key global events to reveal the modus-operandi of cyber-attack campaigns. The analysis shows how following what appeared to be large gaps between the initial outbreak of the pandemic in China and the first COVID-19 related cyber-attack, attacks steadily became much more prevalent to the point that on some days, three or four unique cyber-attacks were being reported. The analysis proceeds to utilise the UK as a case study to demonstrate how cyber-criminals leveraged salient events and governmental announcements to carefully craft and execute cyber-crime campaigns.

AB - The COVID-19 pandemic was a remarkable, unprecedented event which altered the lives of billions of citizens globally resulting in what became commonly referred to as the new-normal in terms of societal norms and the way we live and work. Aside from the extraordinary impact on society and business as a whole, the pandemic generated a set of unique cyber-crime related circumstances which also affected society and business. The increased anxiety caused by the pandemic heightened the likelihood of cyber-attacks succeeding corresponding with an increase in the number and range of cyber-attacks. This paper analyses the COVID-19 pandemic from a cyber-crime perspective and highlights the range of cyber-attacks experienced globally during the pandemic. Cyber-attacks are analysed and considered within the context of key global events to reveal the modus-operandi of cyber-attack campaigns. The analysis shows how following what appeared to be large gaps between the initial outbreak of the pandemic in China and the first COVID-19 related cyber-attack, attacks steadily became much more prevalent to the point that on some days, three or four unique cyber-attacks were being reported. The analysis proceeds to utilise the UK as a case study to demonstrate how cyber-criminals leveraged salient events and governmental announcements to carefully craft and execute cyber-crime campaigns.

KW - attack timeline

KW - coronavirus

KW - COVID-19

KW - cyber security

KW - cyber-attack

KW - cyber-crime

KW - home working

UR - http://www.scopus.com/inward/record.url?scp=85103086389&partnerID=8YFLogxK

U2 - 10.1016/j.cose.2021.102248

DO - 10.1016/j.cose.2021.102248

M3 - Article

AN - SCOPUS:85103086389

SN - 0167-4048

VL - 105

JO - Computers and Security

JF - Computers and Security

M1 - 102248

ER -

Cyber security in the age of COVID-19: a timeline and analysis of cyber-crime and cyber-attacks during the pandemic

Abstract

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this