CyberPeace Lab: The Nexus Between the COVID-19 Infodemic and Cyberattacks

CyberPeace Institute

The COVID-19 caused infodemic is spreading much faster than the virus itself. Misleading data, info manipulation, and conspiracy theories trick people into an endless and irrational search for new information. Cybercriminals are exploiting confusion and fear to launch cyberattacks against individuals and civilian infrastructure.

The first CyberPeace Lab of the series “Infodemic: A Threat to Cyberpeace” was focused on the nexus between disinformation and cyberattacks. Discussion on how COVID-19 has changed the cyberattack campaigns against vulnerable population and what we should learn from it was moderated by Marietje Schaake, president of the Cyberpeace Institute.  Speakers: Laura Rosenberger – Director of the Alliance for Securing Democracy; Camille Francois – Chief Innovation Officer at Graphika, Nathalie Van Raemdonck – Associate Analyst at the EUISS.  

CyberPeace Lab highlights: the nexus  between disinformation and cyberattacks  

Covid-19 Infodemic: Since early 2019, there has been an increase in viral mis/disinformation about COVID-19 hand in hand with anti-immigrant, racist messages and conspiracy theories about the origin of the pandemic. It has all happened in an environment of people not trusting public data and instead setting up their own information trackers and maps. Recently, media platforms have started to moderate COVID-19 news to double-down on disinformation.  

Global tensions: We are living in times of tension. Tensions are the breeding ground for information operations (IO). The goal of State Actors employing IO is to manipulate audiences, increase uncertainty and deepen the divide between different groups, countries and political leaders. #Covid-19 infodemic has put new and creative tools in the hands of malicious actors.   

Foreign and domestic players: The information space has been abused not only by malicious foreign actors but also by democratic governments who cover up data, send out conflicting reports, and spread misinformation. This has made civilians more vulnerable and created additional options for external actors to attack.  

Cyberattacks against civilians: Disinformation not only destabilizes democracies, but it also facilitates cyberattacks against civilians. Exploiting confusion and an urgency to search for accurate information, cyber criminals spread messages to plant malware, phish for credentials and ask for bitcoin donations.   

Geopolitical attacks: Attacks against civilians are not only done by criminal groups but also by nation-state actors. Russia has used Covid19 disinformation as a threat multiplier in Ukraine to compromise Ukrainian healthcare services and spread malware. There has been similar news also from North Korea, China and Mongolia.  

Changing tactics: China appears to be experimenting with Russian information operation techniques, such as spreading multiple explanations and conspiracy theories around the origin of the virus to re-write the narrative of the coronavirus crisis. The aim of this Chinese propaganda is to portray the country as the ultimate partner for fighting the pandemic.  

Increasing surveillance: Covid-19 disinformation is used as an excuse to launch more surveillance activities against civilian populations. Iran has asked its citizen to install a software to “monitor” coronavirus symptoms. The software turned out to be spy-ware to track people’s movements. Israel has allowed its secret service to track people who are infected and their contacts. Some tech firms have tried to sell their surveillance technology for civilian purposes.   

Accountability gap: Cyber criminals always exploit tragedies, pandemics or natural disasters. Their tactics have been the same – information manipulation by state actors and malware attacks by criminal groups. There exists evidence, yet thin, that binds Ebola disinformation campaigns with Russia, Iran, Venezuela and Bangladesh. But nobody has ever been held accountable for these actions. Attacking civilians must bear consequences.  

Greater resilience: The key skills to navigate disinformation and avoid cyberattacks are quite simple: when in doubt, stop, investigate, cross-reference, don’t spread and report! Empowering regular internet users to detect threats and take the right action during attacks, transforms potential victims to active members of a cyber-resilient community.  

The CyberPeace Institute is an independent, non-profit organization with the mission to enhance the stability of cyberspace. It does so by supporting vulnerable communities, analysing attacks collaboratively, and advancing responsible behaviour in cyberspace.

Copyright: The CyberPeace Institute

© Copyright 2023: The concepts and information contained in this document are the property of the CyberPeace Institute, an independent non-governmental organization headquartered in Geneva, unless indicated otherwise from time to time throughout the document. This document may be reproduced, in whole or in part, provided that the CyberPeace Institute is referenced as author and copyright holder.


Support the CyberPeace Institute

Individual lives can be changed dramatically by the acts of cyber criminals. We need your support to assist victims of cyberattacks in the NGO, humanitarian and healthcare sectors.


Subscribe to our newsletter

Receive monthly news on what’s happening at the Institute: our impact, publications, events and important milestones.