User talk:Dephiant08/sandbox

The COVID-19 pandemic's impact on cybercrime Dephiant08 (talk) 21:41, 27 June 2021 (UTC)Dephiant08

INTRODUCTION

In the years 2020-2021, the world was hit by a deadly pandemic caused by Covid 19, with many people dying due to a range of factors such as poverty, corrupt governments, and ineffective policies. It has also been noted that crime rates have decreased in some countries while they have doubled in others, and after some research, we learned about the business risk during Covid.

Malware and ransomware attacks are common in various businesses. Many companies have reported higher rates of data breaches during the pandemic due to employees working from home on different networks, which increases the risk of a data breach. Additionally, email spamming is on the rise, and cybercriminals increasingly target vulnerable people and covid19 patients. Mafia uses weak people like drug addicts and individuals victimized by human trafficking to defraud people. Because the rate of physical crimes has decreased due to the lockdown, these mafias are turning to cybercrime to exploit people worldwide. On the other hand, cybercriminals also target Covid 19 patients by tracking their information through data breaches from hospitals and then offering fake and bogus services.

In this policy brief, we will quickly explore the effects of COV 19 on cybercrime and possible prospects for this issue, as well as regulations and ramifications. The information in this brief comes from our networks and civil society groups. It is based on a careful evaluation of existing data on the subject by field partners.

The COVID-19 pandemic's impact on cybercrime

The Nature of Cybercrime Is Changing

There is no reason to believe that after the epidemic, cybercrime will be rampant. Cybercrime has evolved from a malicious distraction pursued by some hackers to a well-organized global corporate network covering all aspects of cyberattacks, including black markets for stolen data. With the widespread adoption of the cybercrime paradigm as a service, a broad attack of "service" may gain little technical expertise across the cybercrime market in the dark web or hacking forums. Traditional physical theft of money, such as entering a house or company, leaves traces of DNA, fingerprints, shoe tracks, and security footage. On the other hand, a cybercriminal hides his identity and faces a slight risk of being detected or imprisoned. Cybercriminals target attacks targeting human vulnerabilities and take advantage of new opportunities created by the rapid growth of work at home and pandemic-related anxiety. Machine learning, for example, can be used by hackers to generate false information such as text, fake images, videos, and speech or to avoid CAPTCHAs. Table 1 shows the many types of cybercrime often targeted by individuals. The drastic growth of medical cybercrime, which has caused a global epidemic, is of great concern. More than 116,000 new domain names with coronavirus issues were registered between February and March 2020, with more than 2000 malicious registrations and more than 40,000 high-risk registrations with indications related to malicious (Sultana, 2021).

Type of cybercrime Description

Phishing Consumers are influenced to submit sensitive personal information through communications sent via email, social media, text, or voice communications (such as passwords, credit card numbers, bank details, social security numbers). Messages frequently include links and attachments. Phishing scammers send out emails posing as well-known firms, non-profit organizations, charities, and government bodies. Spear phishing is spam that targets specific groups of individuals (monteith, 2021). Malware Malicious programs/viruses are concealed in email connections or applications meant to steal sensitive personal information or harm the machine (monteith, 2021). Fraudulent eCommerce Websites sell counterfeit items, do not ship orders, or unlawfully sell regulated items (monteith, 2021). Romance scams Before stealing or influencing victims, cybercriminals build a dummy on the Internet to acquire confidence (monteith, 2021).

Tech support scams Cybercriminals, posing as well-known companies, send emails or pop-up messages claiming to have computer issues or infections. The cybercriminals then seek remote access to give ineffective technical help and/or install malware to steal sensitive data (monteith, 2021).

Extortion/blackmail Cybercriminals will accuse the victim of unlawful behavior and threaten to tell family members, employers, and social media connections if the ransom is not paid quickly, generally in Bitcoin, within 48 hours (monteith, 2021).

Work from home scams A wide range of scams aims to collect sensitive personal information or extort money from family members (communication, video conferencing, remote data exchange, etc.) (monteith, 2021).

Denial of service Destructive assaults on a large scale can render government institutions or services unavailable (monteith, 2021). As those who are in quarantine spend a lot of their time online, cyber fraud, disinformation, and other internet-related crimes will become a growing industry.

As millions of individuals become homeless, isolated, bored, and financially limited because of coronavirus lockdowns, there may be a new demand for criminal businesses, especially those that are cyber-enabled. Cybercriminals have impersonated trusted sources of information, such as the World Health Organization, to spread malware or capture personal information in a series of coronavirus-related phishing schemes already underway. INTERPOL has issued a warning against medical supply scams that deceive victims into purchasing non-existent medical items and depositing cash intended for medical care into criminals' accounts. Victims of such fraud are estimated to have lost millions of dollars. People will be more exposed to purchased, counterfeit, and illegally traded items, which are very prominent on major e-commerce platforms and small sites, if they are unable to do business - or if some online therapy stores arouse boredom. The U.S. Government Accountability Office (GAO) discovered an unusual frequency of counterfeit items online in a 2018 study: In a random test of third-party sellers, 43 percent of products purchased from the GAO were counterfeit.

A long-term blockchain could benefit the internet sex industry: The Pornhub website has already witnessed a significant increase in demand worldwide, attracting new customers by subscribing to premium for free. 46 While this site is legitimate, the desire for new content from viewers with more free time than usual may lead criminal organizations to incite sex workers, drug addicts, or other vulnerable people to commit live and recorded sexual exploitation. Those with more arrogant tastes might take the opportunity to search for sites that offer live music. There is a turnkey facility for child sexual exploitation (CSE) online when children are kept home from school. Both criminal organizations and underprivileged families are looking for new sources of money. Because they spend so much time online, children who go home to school, play online games or use social media during school closures may be attacked and cured by sexual predators, the FBI said. Finally, a lot of information about the sexual exploitation of children is disseminated in groups of private users and forums.

Those with CSE interests who failed to act on them during the lockdown can now contact these online forums and become active members long after the pandemic urgency has subsided, posing a long-term risk. Advanced rights fraud, such as romantic scams, lotteries, and 419 other scams, is another online criminal profession expected to increase customer numbers. These attacks target middle-aged, middle-income, and socially isolated people. People and the pool of people vulnerable to such attacks are expected to grow due to the isolation that blockade and social distancing techniques bring. Fake emails from CEOs, suppliers, or other reputable sources are sent to financial or administrative staff to look for significant money transfers in a commercial email (BEC) compromising scam. BECs are the equivalent of 419 schemes in the business world. Because they focus on businesses, they often strive to win higher sums of money in a shorter amount of time. With most organizations asking their employees to telecommute during shutdowns, there is more scope for BEC scams.

For example, because employees have less physical contact, administrative staff may be less likely to check with management whether a payment order has been issued. A supplier, or a company, is accurate. There is a lot of room for error here. Small and medium-sized businesses, which would be the most brutal hit economically by the shutdown, are likely to be outraged at such a counterfeit. Criminal groups of all sizes and scales will be able to replace money lost from traditional criminal operations with cybercrime and cybercrime-assisted crimes, which will be controlled by the virus-checking criteria outlined in the previous section. According to a recent article, this could also include cash-strapped countries whose national economies depend on transnational crime and illicit financial flows to support them and circumvent North Korean and foreign regulations. important participants in the world. The criminal economy, it is said, is looking for ways to alleviate economic woes and could turn to cybercrime as a solution (Lucia Bird, 2020).

Policy options

Current policy

Cyberattacks and cybercrime are on the rise in Europe, both in terms of volume and sophistication. Given that 22.3 billion devices are predicted to be connected to the Internet of Things by 2024, this tendency is projected to continue. In view of these cyber-threats, the EU is working on several fronts to: strengthen cyber resilience (commison, 2020) •	combating cybercrime •	Increase cyber diplomacy •	Strengthen cyber defends •	Boost research and development •	safeguarding vital infrastructure

Citizens will have more faith in digital products and services if there is a better cybersecurity response aimed at creating open and safe cyberspace.

EU leaders urged for improving the EU's ability to protect itself against cyber threats, providing a secure communication environment, particularly through quantum encryption, and ensuring access to data for judicial and law enforcement reasons during the Special European Council in October 2020 (commison, 2020).

In June 2019, the EU Cybersecurity Act went into effect, bringing with it • an EU-wide certification programmed • a new and more powerful mission for the EU Cybersecurity Agency

EU-wide cybersecurity certification scheme

Certification is essential for guaranteeing that ICT goods, services, and procedures meet high cybersecurity requirements. Market fragmentation and regulatory hurdles result from the fact that multiple security certification systems are being employed by various EU members.

The EU has developed a unified EU-wide certification mechanism with the Cybersecurity Act that will (commison, 2020): • establish confidence • accelerate the expansion of the cybersecurity market • Facilitate cross-EU commerce A full collection of regulations, technical requirements, standards, and processes will be provided by the framework.

EU Agency for Cybersecurity

The new EU Cyber Security Agency is based on the architecture of its predecessor, the EU Cyber and Information Security Agency, but has a greater role and a longer mission. It also uses the same acronym (ENISA) to help member states, EU institutions and other stakeholders by responding to cyber-attacks.

Network and Information Systems Directive the Network and Information System Security (NIS) Directive was launched in 2016 and is the first legislative action within the European Union to promote cooperation among member states on key issues of cyber security. It establishes security requirements for key service operators (such as energy, transportation, healthcare, and banking) and digital service providers (online markets, search engines, and cloud services). The European Commission recommended in December 2020 to update the NIS Directive (NIS2) to replace the 2016 Directive. The revised plan takes into account the ever-expanding dangerous environment and the digital transformation of our society, and COVID-19 has accelerated this process. The new law will (commison, 2020)l: • Improve the security obligations of companies • Solve supply chain security issues. • Increase the number of national authorities subject to stricter supervision. • Expand information exchange and cooperation. Currently, the Security Council is discussing this idea.

Countering cyberattacks

The EMPACT cyberattack action plan intends to disrupt criminal operations using cyberattacks on information systems, particularly those who use a crime-as-a-service business model and function as facilitators for online crime (commison, 2020).

Encryption

The EU is attempting to build an active dialogue with the technology industry in order to strike the proper balance between supporting the ongoing use of strong encryption technology while also ensuring that law enforcement and the court have the same authorities as they do in the offline world (commison, 2020). The Council issued a resolution on encryption in December 2020, emphasizing the need of both security through encryption and security notwithstanding encryption (commison, 2020).

Policy recommendations

This shows that the basic concepts and procedural-level knowledge of all private sector professionals in the field of cybersecurity that are equivalent to EU values are being questioned and have long-term consequences. In fact, there are now two trajectories of discourse addiction at risk: one is that the private sector that provides In cyberspace governance, cybersecurity is a reliable partner., and the other is that social media platforms pose a security threat. The European Union, because it is unwilling or unable to effectively combat false information. Therefore, additional follow-up actions are required. The latest publication that includes a cybersecurity component at the time of writing is the committee's conclusion on shaping the European digital future agenda. These conclusions emphasize the importance of cybersecurity based on the principles of flexibility and public-private cooperation to the EU's economy and security, and encourage the continuation and expansion of these activities, agreeing that "accelerating digital transformation will be the EU's response to the economic crisis caused by the Covid-19 pandemic The EU believes that social media platforms do not share the same principles or concepts in this controversial way of communication in response to misinformation.

According to the Council's Covid-19 Risk Mitigation Plan, a significant policy response is to try to limit the spread of misinformation about the virus. This was responded to in a communication from the Commission and the High Representative regarding the EU's global response to Covid-19, which regarded false information about the virus as a threat to the EU's fundamental values and health and safety. According to Europol, there is a lot of misinformation about the outbreak and the response to Covid 19. Since the initial outbreak in Wuhan, the virus has spread rapidly. Reported sources include foreign governments, state-sponsored actors, political opportunists, and criminal organizations. The Council's conclusions reaffirmed the diverse approach of social media platforms. In this section, online platform providers are separated from experts and national authorities. These platforms are described as part of the threat of false information and targets for greater openness and accountability requirements. Based on the Council's conclusions, the committee and senior representatives issued a joint newsletter on the fight against Covid-19 false information, reiterating that the nature of incorrect information is a severe threat to health and democracy. Although it pointed out that various actors, including national authorities, journalists, fact-checkers, and platform operators, must work together to identify and combat false information, the narrative on the platform is that "in the current public health incident, the platform has not received Sufficient improvement. The crisis requires more significant effort and information exchange as a policy concept here. This prompted the platform to redouble its efforts to cooperate with national authorities and fact-checkers to expose misinformation and its source and expose the manipulations on its platform. Some successful viruses have been achieved in the fight against false information; EEAS pointed out that The platform is still easy to become a tool for the viral spread of incorrect information, which means that the platform needs additional and continuous efforts to exceed the code of conduct. In addition, the vice-chairperson of the China Securities Regulatory Commissioner Vera Churova emphasized in the joint newsletter introduction that "although online platforms have taken necessary measures during the epidemic, they must redouble their efforts. For example, we only know what the platform tells us; this is not enough. The changing perception of the role of private actors in governance is at the core of the EU's divergence at the level of fundamental ideas and follow-up actions. Planning and political cybersecurity, cybersecurity, and the private sector can be trusted to contribute to the success of EU security and economic development. This is not a serious challenge to the unit formed from the beginning and the formalization of EU cybersecurity. As a result, slow and layered changes have taken place in most areas of network security. On the contrary, the loss of trust in sure network participants, social media platforms result from destruction and global instability. The EU authorities believe that social media platforms have contributed to this and refuse to accept accusations. Here, we have seen discourse adjustments and changes in plans and policies regarding the role of social media platforms in combat (Farrand, 2020).

Citations:

Commison, E. (2020). The Cybersecurity Strategy. Retrieved from European commison : https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-strategy Farrand, H. C. (2020). Discursive continuity and change in the time of. Journal of European Integration, 17-25. Lucia Bird. (2020). CRIME AND CONTAGION. Retrieved from The impact of a pandemic: https://globalinitiative.net/wp-content/uploads/2020/03/GI-TOC-Crime-and-Contagion-The-impact-of-a-pandemic-on-organized-crime.pdf Monteith, S. (2021). Increasing Cybercrime Since the Pandemic: Concerns for Psychiatry. Springerlink. Sultana, N. (2021). cybercrime-the-hidden-side-effects-of-covid19. Retrieved from mondaq: https://www.mondaq.com/uk/security/1001518/cybercrime-the-hidden-side-effects-of-covid19 Weible, C. M., Nohrstedt, D., Cairney, P., Carter, D. P., Crow, D. A., Durnová, A. P., ... & Stone, D. (2020). COVID-19 and the policy sciences: initial reactions and perspectives. Policy sciences, 53(2), 225-241. https://link.springer.com/content/pdf/10.1007/s11077-020-09381-4.pdf Dephiant08 (talk) 16:00, 15 June 2021 (UTC)Dephiant08