The pandemic outbreak of COVID-19 has caused many changes in our everyday lives, from social distancing and self-isolation to working remotely and total lockdown. Due to the nature of COVID-19, the current situation tends to change at a really quick pace, making it harder to keep updated and leaving people with more confusion, uncertainty and frustration. In this period of uncertainty, communities are relying on online resources to be informed, and are producing information on their own. This leads to a massive generation of online content, blending information coming from official channels (media outlets, international organization bodies, governments), private communication entities and user’s generated content.
According to the World Health Organization’s situation report of February 2nd, “COVID-19 outbreak and response has been accompanied by a massive ‘infodemic’ - an overabundance of information –some accurate and some not – that makes it hard for people to find trustworthy sources and reliable guidance when they need it."
Looking at the past, Infodemics are not a new phenomenon. Malicious actors have always crafted their attacks to exploit tragedies or natural disasters, from the Charlie Hebdo attack to previous viral epidemics, such as Ebola outbreaks and the Zika virus epidemic. These events were vastly exploited by malicious actors as vector of cyberattacks. The situation for COVID-19 is not different in nature but in scale, because of a higher level of Internet penetration and the growing application of the social distancing measure, populations are more vulnerable to cyber operations which are blended in the flow of disinformation.
How is Infodemic linked to cyberattacks?
Malicious actors, state and non-state, are weaponizing legitimate online communication services from e-mail, website and blogs to social media and videos as vectors for cyberattacks. They produce large scale of disinformation, aimed to spread fear and confusion among the society, in order to facilitate cyberattacks campaigns. By doing so, they are abusing the COVID-19 crisis to demand ransom for users’ files, to infect devices, to steal financial credentials and personal information, and to disrupt ordinary and essential services.
Beyond pursuing political or criminal agendas, these actors are worsening the global healthcare situation and putting human lives at risk. Indeed, these actors have been not only attacking civilian communities or small and medium enterprises, but also targeting healthcare providers and emergency services. From phishing and spearphishing campaigns to online scams, the Infodemic turned out to be an incredibly effective attack vector used by malicious actors and criminal gangs to launch cyberattacks.
The CyberPeace Institute seeks to increase awareness on how this unstoppable Infodemic of online disinformation is facilitating and accelerating cyberattacks. In light of this, the Institute is directing its efforts to stop the COVID-19 Infodemic as accelerator of cyber-operation. With a series of CyberPeace Labs called “Infodemic: A Threat to Cyberpeace”, the Institute brings together field experts from academia, the public and private sector, international organizations, and civil society to create actionable insights and best practices which can be leveraged by civil society, government and the private sector to counter act the Infodemic. Particularly, the CyberPeace Institute introduced this topic hosting the first CyberPeace Lab, which gathered high-level experts in order to discuss the nexus between disinformation and cyberattacks. Currently we are working on the upcoming CyberPeace Labs, and you will find additional information on our website soon.
Stay tuned and Join the CyberPeace Institute in its effort to #stopinfodemic!