“Infodemic”, as coined by World Health Organization in 2020, is an over-abundance of information – some accurate and some not – that makes it hard for people to find trustworthy sources and reliable guidance.
The infodemic is not a byproduct of the COVID-19 pandemic, but rather a recurring epidemic that has been witnessed on previous occasions. Most notably, during the Ebola crisis in 2014 and 2018, as well as the Zika virus in 2015.
The infodemic has become a means to facilitate the exploitation of weaknesses in digital networks and launch cyber attacks against vulnerable communities and critical services.
Oftentimes, misinformation and disinformation are used interchangeably. However, misinformation refers to information that is unintentionally wrong, whereas disinformation refers to false information that was intentionally created for the purpose of deceiving others. Individuals remain a prime target of cyberattacks as the infodemic thrives on individual deception as well as the vulnerabilities of critical infrastructure, which lays the foundation for cyber criminals to launch attacks.
A typology of cyber attacks reveals the same tactics generally used by cyber criminals, yet with a coronavirus theme in order to lure victims to access malicious websites or open contaminated files. The use of malware includes “remote access Trojans, info stealers, spyware and banking Trojans to compromise networks, harvest data, divert money and build botnets”.
Among the victims of the infodemic related cyberattacks is the healthcare sector, which is already under the pressure of having to manage the surge in coronavirus patients. The sector is an attractive target due to the sensitive patient information they store, which equates to a sizeable profit for cyber criminals, and the critical need to provide continues medical care.
In the current landscape, actors are not held to account for their illicit behaviour in cyberspace, producing a vast accountability gap that must be filled. There are swathes of false information circulating on social media platforms and throughout the digital network without sufficient means to control it. Cybercriminals thrive on this accountability gap which must be stopped in order to stymie the number of cyberattacks against vulnerable individuals and critical services.
The discussion of cyber threats in the context of the infodemic and its devastating impacts on society is an avid reminder that this issue cannot be relegated to the side lines of international debate. Limiting the spread of disinformation and ensuring a secure cyber infrastructure must be a primary item on state agendas.
Multistakeholder engagement: Stifling the dissemination of mis- and disinformation will require the operationalisation of agreed norms and multistakeholder engagement. This is indispensable to address all of the facets of mis- and disinformation, much of which is circulated through social media and other unorthodox modes of communication in the digital network.
Human-centric approach: The most effective way to stem the growth of the infodemic is by taking a human-centric approach that seeks to engage victims of cyber attacks as well as countries from around the world to ensure an inclusiveness and global representation. There must be an effort to streamline information and ensure sufficient fact-checking bodies are in place to combat the spread of disinformation in cyberspace.
Private-public collaboration: Public and private actors must be cognizant of this existing threat and introduce procedures and mechanisms that strive to ensure human security in cyberspace and hold malicious cyber actors to account.