Gueltoum Bendiab, Stavros Shiaeles, Gohar Sargsyan
The COVID-19, also known as the coronavirus pandemic, was an unprecedented event that altered the lives of billions of people globally and greatly increased the risk of cyber-attacks. The pandemic pushed organisations to adopt remote working method and forced employees to work from their homes, which bring new security risks. Due to this new working model, personnel computing devices have been extensively utilised for work purposes. Video conferencing tools have become the primary environment for meeting, reliance on remote connectivity services, and corporate VPNs have augmented, and cloud services have justified their usefulness, which generate an increased risk of data breaches and expose the companies’ critical IT systems to malicious content.
Recent security reports reveal that cybercriminals are currently exploiting the remote working model and COVID-19 pandemic problem to initiate extremely advanced cyber-attacks. During the first six months of 2020, various Fortune 500 businesses were the victim of major data breaches where hackers stole and sold their account credentials, sensitive confidential and confidential data as well as financial records in the Dark web. The following table reveals the most high-profile data breaches that we have witnessed this year, till now.
From its side, Webroot announced a 40% increase in unsecured Remote Desktop Protocol (RDP) machines for remote working during the COVID-19 pandemic. Another recent report by the Deloitte Cyber Intelligence Centre affirmed that email phishing attacks were the most common source of data breaches while working from home. The report stated a huge spike in phishing, Malspams and ransomware attacks where employees are the first target, taking advantage of the unfamiliar ways of working and heightened stress levels. The report confirm that attacks are also exploited this situation to trick end-users to download malicious COVID-19 related applications. For instance, a large number of malicious Android app claim to help track the spread of the virus, but instead infect the smartphone with ransomware and demands payment to restore the device. Moreover, Intertrust confirm that 85% of COVID-19 tracking apps leak personal data.
In April 2020, Google blocked more than 18 million daily malware and phishing emails related to Coronavirus, in addition to more than 240 million COVID-related daily spam messages. According to Google, the coronavirus is now the biggest phishing topic as it is a highly emotional issue and cyber-criminals take advantage of it.
Clearly, the 2020 year was quite challenging for organisations and individuals in terms of cybersecurity along with the adoption of new working habits, especially since the COVID-19 outbreak in March 2020. The rapid and unexpectedly broad disruption to businesses around the world has let companies struggling to maintain security and business continuity. In this new environment, cybersecurity efforts must aggressively confront the risks. Organisations should secure their newly implemented remote working practices and maximise their ability to prevent, detect and respond to threats. They should also prioritise reducing reliance on people, as well as maximising the use of process and technology to perform key cyber security activities to ensure continuity.
In this context, the Cyber-Trust project provides a robust security solution for that new environment by proposing a new Intrusion Prevention System able to detect and mitigate attacks using Machine Learning (ML) and Graph Theory for an optimal decision on the threat detected. The combination of ML Intrusion Detection Systems (IDS) and Graphical Cyber Security Models (GCSMs) can lead to an innovative class of intelligent intrusion response systems (iIRS) providing dynamic security risk assessment and intelligent mitigation strategies to defend against adaptive multi-stage cyber-attacks on IoT platforms, including smart homes, optimally and autonomously. This is done by building upon advanced game-theoretic security approaches, where accurate model of attackers and defenders (players), their interactions and the IoT network parameters would be able to calculate all the possible scenarios and provide the optimal solution to be applied by IDS. This will generate a positive impact on small and medium-sized enterprises, but also to critical infrastructures and industrial IoT facilities as will be able to mitigate even (unknown) sophisticated cyber-attacks, especially in the case of large-scale crises like the COVID-19 pandemic. It will also help individual users to maintain a comfortable and safe environment in their smart homes, where any compromised device will be easily identified and prevented from gaining access to critical network resources and services.
In order to help the users to be more aware on sophisticated attacks creating serious game for security awareness. The game will aim for learning, raising awareness of risks, motivating to be up to date on potential risks and empowering users and communities on be active and safe from potential issues as a result of those risks. To do this, Game Thinking and Game Dynamics will be applied for better engage audiences and solve problems. The game will also be a very good method at teaching and training. The players will be gradually presented with information, and ensure they know the skills they need to know. The game teams will collaborate during their sprint event to tackle different risk challenges. Squad based data-driven strategy game will be designed to increase DevOps squads’ risk awareness and Secure-By-Design mindset. In a nutshell, this game will offer data-driven security Gamification impacted by real-world performance, integrated in regular sprint cycle for sustained effect and will leverage squad competition and peer pressure to motivate players. This approach will facilitate faster and more effective security awareness for the users especially in the times of crisis, such as COVID-19.