CORONAVIRUS & CYBERCRIME
Young researchers call for vigilance regarding cybercrimes and misinformation
In a time when the focus should be on fighting the spread of a virus that has affected millions globally, and not on trying to curb the spread of cyber crimes and misinformation, young researchers from CSIR have reiterated what has been said by other experts especially during the Covid-19 pandemic: be positively suspicious when it comes to cybercrimes and misinformation.
In the Covid-19 era, one should be mindful that people have taken full advantage of the virus when it comes to both misinformation and cybercrimes.
This is evident in the research conducted by the young scientists from the Council for Scientific and Industrial Research (CSIR) who shared their research on Tuesday at a media briefing to present the impact of cybercrime activities and the spread of misinformation during the pandemic.
Since the beginning of the lockdown, which began on 27 March, 2020, there has been an increase in cybercrime activities that include enticing victims to open malicious attachments or clicking phishing links, resulting in identity impersonation or illegal access to personal accounts.
“Cybercriminals have quickly adapted to using the Covid-19 pandemic as an opportunity to launch themed attacks in vulnerable environments,” CSIR cybersecurity researcher, Thabo Mahlangu said at the briefing. “…But cyber criminals still use the same old tactics which are social engineering tactics to trick the user to click infected files.”
Mahlangu also stated that since most of the country has been forced to work from home or do remote working there has been a spike in security challenges.
“With employees now working remotely, connecting to employers’ networks via various online platforms brings about many security challenges. There is an increase in attempts to steal data from users, malware and phishing attempts, breaches on video conferencing platforms, and scams and fraudulent activities using digital means,” Mahlangu said.
CSIR has also noted how they have seen an increase in ransomware, which is a type of malware that threatens to publish a victim’s data or perpetually block access to it unless a ransom is paid, during the month of March 2020 and April 2020 where criminals are targeting critical infrastructures and response institutions such as hospitals and clinical centres.
“This for us is of great concern because these are already institutions that are already overwhelmed with the crisis of Covid-19,” Mahlangu said.
To mitigate the spread of malware and stop cybercriminals from targeting innocent people, CSIR established a Security Operations Centre (SOC). The main purpose of SOC is to “forecast potential malware” attachments by detecting, analysing and responding to cybersecurity incidents.
When it comes to ransomware and malware activity, Mahlangu advised that users “aggressively scan your machine” in order to remove the ransomware files from the machines. This will help as you will be notified of the files found on the machine that consists of malware.
At a Daily Maverick Webinar on 5 June with Outriders co-founder Jakub Gornick and Daily Maverick CEO Styli Charalambous, a recommendation was to use DNS History which allows you to see the history of that website. Mahlangu added to this saying that users should “scan machines for possible malware, if there is no malware detected, consider removing the browser tools (where possible malware was detected) on the machines
And the most obvious mitigation measure, he said, is that all systems on your machine need to be updated on a regular basis.
“We all know that covid-19 has been accompanied by the spread of fake news,” said Nelisiwe Dlamini, a young researcher at CSIR.
The spread of fake news has been more evident on social media but the spread has gotten worse during the rise of the pandemic, says Dlamini.
“Various studies show that fake news replicates on various social media platforms and mainstream media is not exempt from this,” Dlamini added.
Dlamini added that with Covid-19, people have to be more cognizant of disinformation disorder before pressing the share button on any social media platform.
“Some of the young people are becoming instigators of the spread of false information that has the potential to create panic during the pandemic in the country,” Dlamini said.
During the 5 June webinar, Charalambous explained that there are three types of information disorder: misinformation, disinformation and malinformation.
- Misinformation is false and inaccurate information, without the intention to cause harm. This is seen with captions on photographs which can sometimes be incorrect.
- Disinformation is a subset of misinformation where fabricated and deliberately manipulated content is distributed. “You can throw in conspiracy theorists and rumours here, and with Covid-19 we have seen this escalation and flood of information – we have seen a lot of this,” Charalambous had said.
- Malinformation is designed to inflict harm intentionally and to deceive the viewer or reader.
“Disinformation has the real potential to destroy democracy,” William Bird, Director at Media Monitoring Africa (MMA) said during a webinar hosted by Daily Maverick on 12 June, 2020. “This is false, inaccurate or misleading information that is designed, presented and promoted online to cause public harm.”
Dlamini added to this claim by reminding everyone that people need to be vigilant and also cautious as misinformation during this time is a criminal offence.
“The publishing of fake information, especially around and about Covid-19 is a criminal offence,” Dlamini said. “It’s very important to be vigilant, after all, you don’t want to end up on the wrong side of the law.” DM
"Information pertaining to Covid-19, vaccines, how to control the spread of the virus and potential treatments is ever-changing. Under the South African Disaster Management Act Regulation 11(5)(c) it is prohibited to publish information through any medium with the intention to deceive people on government measures to address COVID-19. We are therefore disabling the comment section on this article in order to protect both the commenting member and ourselves from potential liability. Should you have additional information that you think we should know, please email [email protected]"