Cybersecurity and Business Continuity in Pandemic Times
Miguel Hernández Bejarano2, Fredys A. Simanca H. 1, Jaime Paez Paez1, Mario Fernando Castro1, Jairo Cortés Méndez1
1 Fundación Universitaria los Libertadores, Bogotá - Colombia
2 Universidad Cooperativa de Colombia, Bogota - Colombia email correspondence: [email protected] Abstract
This document is framed in the context of the ongoing research project entitled "Design of a cyber resilience mechanism for business continuity in organizations", having as an objective to present the context of cybersecurity in this time of pandemic, where cybercrime seeks new ways to attack organizations and individuals. Cybersecurity strategies must be adapted to the situational context. Organizational resilience is also present in organizations to ensure business continuity, where the continuity plans of organizations are considering the pandemic as a scenario of disruption that has compromised the internal or external activities of companies.
Keywords.Cybersecurity, COVID-19, Business continuity, cyber-attacks, resilience.
Introduction
In January 2020, the World Health Organization (WHO) declared that the outbreak of COVID- 19 was a public health emergency of international concern (ESPII), which has had a significant impact on society in many ways and has caused a digital transformation, generating the need for organizations to protect one of the most critical and valuable resources: information, a scenario where cybersecurity makes presence for information systems from cyber-attacks, likewise organizational resilience is the ability of a system to adapt to change, also assuming greater relevance in the cyber context.
Likewise, Business Continuity Planning seeks to prepare, provide and maintain control and capabilities for managing the overall ability of organizations to continue operating during disruptions, being a crucial element in times of uncertainty. A continuity and resilience plan is a necessary tool for organizations to overcome the crisis caused by high impact external events, such as COVID-19, increasing the value of the organization by improving its level of resistance to this impact.
The Covid-19 crisis has given rise to unprecedented confidence to: digital solutions, resilience as the ability of the system to react to negative situations to find solutions and turn the risk of this pandemic into an opportunity for the business continuity of organizations.
Cybersecurity in the pandemic
Nowadays, the development of cyberspace is rapidly increasing due to cloud computing, big data, Internet of things and software-based network development, likewise these developments have become a challenge for cybersecurity [1] .
Over the past decade, people have become as dependent on the virtual world for their daily activities as they are on the physical world for human activities. Global fiber-optic networks have enabled communication in an unprecedented way, connecting people in unique ways and driving global supply chains, thus providing consumers with access to a variety of data from around the world. Like the physical environment, the information environment is all-
encompassing and larger than hardware, such as networks, telecommunications lines and machines, and the information that travels through the network, such as data and media. Chinese and Russian influence operations highlight the importance of the cognitive realm how people understand their experiences by challenging the meaning of truth. When aggregated, cyberspace serves as a fifth dimension, where people can exist through alternate persons on blogs, social networking sites, and virtual reality games [2] .
In this sense, cybersecurity mainly prevents the hardware, software and data present in the system that has an active connection to the Internet from external attacks. Organizations mainly implement cybersecurity for their databases and systems to prevent unauthorized access.
Different forms of attacks such as phishing, SQL injection, access system attack, denial of service, etc. are responsible for these security issues [3]
Every day, societies, businesses and individual citizens are threatened by a wide range of cyber- attacks including malware, worms, Trojans, spyware, SQLI, XSS, ransomware and a significant variety of other dangers. The proliferation of cyberthreats may suggest that these malicious instances have become part of the daily routine of the contemporary citizen. [4] .
Likewise, extreme interruptions are events that interrupt the regular flow of goods or services within a system, for example, in pandemics companies have promoted security in organizations, being necessary for the company to have plans to ensure business continuity, defined by the identification and management of risks that threaten to interrupt the core business and associated services. [5] .
In this sense, the COVID-19 pandemic is a considerable and unprecedented event that altered the lives of billions of citizens around the world, resulting in what is commonly known as the new normality in terms of social norms and the way people live and work. Likewise, today's attacks have become more sophisticated and are targeted at specific victims depending on the motivation of the attacker, e.g., for financial gain, espionage, coercion or revenge; The cybercrime incidents that emerged from the COVID-19 pandemic pose serious threats to the security and global economy of the world's population. [6] As can be seen in Table 1, some of the attacks carried out during the pandemic are listed, as well as the first countries attacked at the beginning of the pandemic in Table 2.
Table 1. Attacks during the covid-19 pandemic
Attacks Description of attacks
Phising - 2020 Coronavirus Updates, Coronavirus Updates, 2019-nCov:
New confirmed cases in your, 2019-nCov: Coronavirus outbreak in your city (Emergency)
Malware - BabyShark, Miriari, Rammit, Matsnu, Necurs, Pizd, Simda, DirCrypt, Suppobox, Banjori
Ramsomware - CovidLock, Netwalker Online Meeting
Hijacking
- Zoom-bombing
Fake applications - Fake coronavirus maps Source: https://bit.ly/3e3Cj6a
Table 2.Attacks in pandemic times.
Country Type of attack Description Date
China Phishing (or smishing) malware
Chinese hackers
20/01
Mongolia
Phishing (or smishing malware
accused of distributing the Vicious Panda malware in Mongolia via e-mails allegedly from the Mongolian Ministry of Affairs.
20/01
Philippines
Phishing (or smishing) malware
Financial fraud
REMCOS malware
distributed to Philippine citizens
23/01 Singapore Phishing (or smishing) Phishing campaign steals
email login credentials USA
Phishing (or smishing) The email that supposedly lists COVID-19 cases in the victim's city takes the user to the website that steals credentials.
02/03
UK
Phishing (or smishing), Hacking, Financial Fraud
Free school meal SMS directs recipient to website that steals payment credentials
24/03 Italy Phishing (or smishing)
malware
Trickbot malware distributed
by email 02/03
Spain
Phishing (or smishing), Hacking, Financial Fraud
Email aims to remedy COVID-19 proposed by Israeli scientists days in advance
10/03 Source: https://bit.ly/3mFRBC0
Figure 1 presents the countries targeted by early cyber-attacks during the pandemic, organized by date of attack. As shown, China and the U.S. account for 39% of the reported attacks.
Graph 1Top countries that sufferedcyber-attacks.
Source: https://bit.ly/3mFRBC0
The COVID-19 crisis has, in turn, generated a pandemic of cyber-attacks worldwide as presented in Figure 2.
Figure 2. Countries attacked by cybercrime.
Source: https://bit.ly/3a31wfG
According to a report by the cybersecurity company Kaspersky Lab, In the United States and Colombia, users attacked by this type of online fraud were higher than 8.5%. On the other hand, China presented lower levels of incidence of this illegal practice, with a percentage of affected users lower than 3.5%. [7] ,as can be seen in Graph 3.
Figure 3.Phishing incidents by country.
Source: https://bit.ly/3s3Rb9u
Information technologies have played a strategic role in an industry that is characterized by product (or service) information intensity and/or information intensity in the value chain or process. The term process information intensity has been used to refer to the degree of information processing required to efficiently and effectively manage the activities in a company's value chain or business process. In this sense, companies that have successfully
transitioned to business models are those that have digitized is an exploration of their process, helped companies to capitalize on the potential for change in the face of the COVID-19 crisis, organizations have had to streamline and adapt to the changing environment, as a result of the crisis and, therefore, digitization and use of technologies have enabled them to ensure business continuity [8] . Since the adoption of digital technologies, organizations have moved online, from shopping and social interactions to business, industry and, unfortunately, also cybercrime, and this is how some technological changes such as digital banking, online education, work from home, telehealth, etc. have been strengthened in this time of pandemic. [9] .
COVID-19 business continuity
With the increasing number of attacks on systems, it is very likely that sooner or later an intrusion will be successful, having business continuity plans for system survivability to deal with a successful intrusion, i.e., being able to balance the need to be up and running with the potential damage an intruder can cause.
That is why, cyber criminals are taking advantage of the COVID-19 outbreak and offering COVID-19-related scams to unsuspecting people. Currently, there is a lack of studies that focus on protecting people from COVID-19-related cybercrimes. Online technologies, such as websites and social networks have become the communication channel for governmental and multinational organizations such as the World Health Organization (WHO) to disseminate information and recommendations to individuals, as well as for cybercrime [10] .
Critical infrastructures (CI), sometimes defined as the nervous system of society, is not exempt from the consequences of the COVID-19 pandemic. The global escalation of the crisis forced these systems into uncharted operating conditions. The COVID-19 outbreak challenges society, both domestically and across borders. Given the widespread emergency and associated risks, the potential short- and long-term impacts must be assessed. One aspect to consider is business continuity for public and private companies, agencies and institutions, from the local to the international scale. Business continuity is about the ability of organizations to cope with threats and keep resources available and operations in place. Key elements are disaster prevention and recovery, and business continuity planning plays a critical role in operational risk management.
In the wake of the pandemic outbreak, this survey serves to measure the business continuity status of critical infrastructure (CI) sectors. [11] .
The COVID-19 emergency has urged companies to operate in new ways to address supply chain disruptions, changes in customer demand, and workforce health risks. Since the early months of 2020, the world has experienced an unprecedented health emergency generated by the global spread of a coronavirus pneumonia epidemic (COVID-19), which has rapidly spread from China to most countries around the world. The World Health Organization (WHO) declared COVID-19 a pandemic on March 11 and, as of November 30, the WHO website reported 62M confirmed cases; 1.5M confirmed deaths; and 220 countries, areas or territories with cases. In addition to representing an extraordinary health and social emergency, the pandemic is also a major threat to companies and the continuity of their business processes. While business continuity represents a strategic organizational capability also associated with resilience, so it is also a major threat to business continuity. [12]
Below, some examples show how some organizations have coped with the pandemic and reported attacks. [12] :
Toyota began to face the COVID-19 emergency shortly after its president announced the transformation of the company's business model for the CASE (Connected, Autonomous,
Shared, Electric) era and the evolution of the organization into a mobility company that provides resources and services for the connected city.
Amazon has updated 150 processes, from social distancing measures to new efforts such as spraying disinfectants and temperature controls.
Drug wholesaler AmerisourceBergen has increased inventory of items related to COVID-19 treatment and supportive care.
The change in AXA's business profile due to the pandemic has been remarkable. The company began providing its customers with video medical consulting applications and new processes for online incident reporting.
The immediate impact of the COVID-19 pandemic on European airlines has been unprecedented. Between March and May, airlines across the continent scaled back or suspended operations and introduced rapid changes to their operations to reduce costs and protect their business. Temperature controls, face masks, social distancing, one-way systems, screens, hand disinfection stations and UV (ultraviolet) cleaning in aircraft cabins, security screening bins and search areas have been suggested as a way to protect travelers and staff.
[13]
Video-teleconferencing platforms make it possible to stay connected in the COVID-19 pandemic. However, Zoom-bombing is a worldwide attack that occurs when a conference call is hijacked to share offensive images, hate speech, and hate speech [14] .
Attackers in web phishing use URL personalization through including words related to COVID-19 or coronavirus, such as the following URLs: covid19mobile.app, covid19- stats.co.za, coronavirusnotalone.com, sars-cov2numbers.com, limpiezascovid.com, coronademic.net, coronavirusalerts.com, coronavirus.technology, coronavirusmedicine.com [14] .
The most common and popular attacks during a pandemic are a group of social engineering attacks, which use people's fears or sympathy. Social engineering attacks during COVID-19, which used the Alozurt malware, were selected for analysis. [15]
Likewise, over the last century, world economies have faced recessions, triggered by sudden changes in policies, oil prices or even financial bubbles. At the same time, governments around the world are issuing policies and implementing action plans that include restrictions (blocking countries, temporarily shutting down companies' physical operations) to prevent the spread of the Covid-19 outbreak. These restrictions have implications for sustainable business operations, including reduced business activities, human resource issues related to staffing, and supply chain disruptions [5] .
According to the Organization for Economic Cooperation and Development (2020), the COVID- 19 pandemic is considered one of the largest simultaneous economic and public health crises of modern times, culminating in a sharp decline in consumption and consumer confidence.
Likewise, organizations prior to the 21st century, the challenges facing businesses revolved around how to mitigate business failures Recent events, including the rise of right-wing populism in mature liberal markets, climate change and, most recently, the new coronavirus pandemic (COVID-19) have challenged these assumptions and root of the this pandemic, business failure is a situation in which the business can no longer operate as a sustainable entity and, therefore, is forced to cease operations and lay off any employees [16] .
Standards and best practices for business continuity in the event of unexpected events.
The Covid-19 pandemic generates a rethinking of the approach to security strategies.
Organizational infrastructures designed with layers of security are challenged to move away from centralized designs and pursue distributed cybersecurity approaches.
ISO 22301:2019 international standard for Business Continuity Management (BCM), contemplates that business continuity is the ability of an organization to continue marketing products or services within an acceptable period of time at a predefined capacity during a disruption. It is a comprehensive management process that identifies potential threats to an enterprise and the impacts on business operations that those threats, if realized, could cause, and provides a framework for building the organization's [17] .
For the purposes of the operation of the organizations, regardless of size or sector, they must have a business continuity plan, oriented to the case in which the organization can continue to present its services in the event of a possible event, whose information must be documented and oriented to respond to an interruption and resume, recover and restore the marketing of products or services for which the organization must identify the process in which the impact of the interruption is analyzed as time progresses, in the entity, is where the impact of the event that happens is analyzed, how the organization was affected by the health emergency. By covid-19, taking into account the types of impact (financial, economic, social, on the corporate image, on the market) and the criteria relevant to the context of the organization. Likewise, key activities must be identified for business continuity, allowing to continue developing the organization's mission activities. Having a maximum tolerable period of interruption to resume activities, identification of priority activities, resources and dependencies (suppliers, partners, customer).
Organizational capabilities in enterprises, within IT environments, can be strengthened through an incident-based approach from ISO 22301:2019 including actions to manage the immediate consequences of a disruption (prevention of further losses, unavailability of priority activities), as well as the detailed description that teams will perform to continue or recover vital activities and monitor the impact, as well as with the implementation of contingency plans providing a scenario of recoverable organizations and non-recoverable organizations.
In the face of possible events such as COVID-19, having business continuity plans in place will allow organizations to constantly review business risks and have the knowledge to respond to unexpected situations, minimize the impact on the business of possible interruptions, allow the construction of a more resilient and reliable supply chain, maintain and improve the corporate image, as well as generate a climate of trust with stakeholders and better prioritize risks.
For ISO 22316:2018, Organizational resilience provides a framework to help organizations future-proof their business, which details the fundamental principles, attributes and activities that have been agreed upon by experts around the world.
According to ISO 22:316, organizational resilience is the capacity of an organization to absorb and adapt to a changing environment, which enables it to meet its objectives, survive and progress. In addition, organizations with greater resilience can anticipate and respond to threats and eventualities that arise from gradual or sudden changes in the internal and external context.It should be noted that there is no business continuity without adequate organizational resilience.
As larger disruptive events increase globally as is the case with COVIT-19, building resilience has become a priority for many organizations. Where organizational resilience can be proactive and reactive proactive refers to the act of anticipation and active waiting to build an organization's readiness for change and reactive organizational resilience is to respond and recover from unexpected events. [18]
Since the outbreak of COVID-19 (coronavirus disease 2019), daily life has changed significantly. A global pandemic has evolved due to the international spread of the disease companies facing the threats of COVID-19 could develop coping mechanisms to mitigate the threats of the epidemic. Resilience refers to the ability to recover their performance after absorbing the disruptive effects, sothe COVID-19 outbreak has tested the resilience and robustness of organizations. [19] .
Organizations can use different measures to prevent successful cyber-attacks, one of the most highlighted security solutions during COVID-19 is having a secure infrastructure, having a clear incident response plan. Access to systems should be in the priority of employees' duties; regular updates of operating systems, software applications provided by the manufacturer to improve the security [20] .
It should be noted that The NIST Cybersecurity Framework (CSF), which consists of identification, protection, detection, response, and recovery functions, provides a lightweight model for enterprises to address emerging threats and the attack surface presented in cybersecurity in the face of COVID-19. The NIST CSF Recover function, which identifies appropriate activities to maintain resiliency plans and restore capabilities or services that were affected due to a cybersecurity incident.
Discussions and conclusions
A culture of cybersecurity is essential to minimize the potential impact of cyber-attacks organizations have developed real-time awareness of the impact of the pandemic through advanced data collection and monitoring capabilities.
Companies have been urged to develop an immediate reaction to operational disruption and infection risks within and outside the organization.
Cybercriminals use the COVID-19 pandemic as a way to enhance their activities, from social, economic and unique circumstances the emergence of COVID-19 has brought about an increase in cyber-attacks.
In these atypical times, it has forced companies to reinvent themselves, digitize their processes as business continuity strategies, extending a coverage that involves cybersecurity, business continuity, communication and cyber resilience.
References
[1] M. Chen, S. Mao, and Y. Liu, "Big data: A survey," Mob. Netw. Appl. vol. 19, pp. 171-209, 2014.
[2] D. S. Reveron and J. E. Savage, "Cybersecurity Convergence: Digital Human and National Security," Orbis, vol. 64, pp. 555-570, 2020.
[3] P. Dixit and S. Silakari, "Deep Learning Algorithms for Cybersecurity Applications: A Technological and Status Review," Computer Science Review, vol. 39, p. 100317, 2021.
[4] M. Choraś and M. Pawlicki, "Intrusion detection approach based on optimised artificial neural network," artificial neural network, 2020.
[5] T. Papadopoulos, K. N. Baltas, and M. E. Balta, "he use of digital technologies by small and medium enterprises during COVID-19: Implications for theory and practice," International Journal of Information Management, vol. 55, p. 102192, 2020.
[6] H. S. Lallie, L. A. Shepherd, J. R. C. Nurse, A. Erola, G. Epiphaniou, C. Maple, and X.
Bellekens, "Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic," Computers & Security, vol. 105, p. 102248, 2021.
[7] Statista, "FRAUD ONLINE," 1 09 2020. [Online]. Available:
https://es.statista.com/grafico/18427/intentos-de-phishing-durante-la-pandemia/. [Last access: 11 04 2021].
[8] P. Seetharaman, "Business models shifts: Impact of Covid-19," International Journal of Information Management, vol. 54, p. 102173, 2020.
[9] C. Pandit, H. Kothari, and C. Neuman, "Privacy in time of a pandemic," from 2020 13th CMI Conference on Cybersecurity and Privacy (CMI) - Digital Transformation - Potentials and Challenges(51275), IEEE, 2020, pp. 1-6.
[10] Z. Tang, A. S. Miller, and M. Warkentin, "Does government social media promote users' information security behavior towards COVID-19 scams? Cultivation effects and protective motivations,,," Government Information Quarterly, vol. 38, p. 101572, 2021.
[11] L. Galbusera, M. Cardarilli, and G. Giannopoulos, "The ERNCIP survey on COVID-19:
Emergency & Business Continuity for fostering resilience in critical infrastructures,,,"
Safety Science, p. 105161, 2021.
[12] A. MARGHERITA and M. HEIKKILÄ, "Business Continuity in the COVID-19 Emergency: A Framework of Actions Undertaken by World-Leading Companies," Business Horizons, 2021.
[13] L. Budd, S. Ison, and N. Adrienne, "European airline response to the COVID-19 pandemic - Contraction, consolidation and future considerations for airline business and management,,,"
Research in Transportation Business & Management, vol. 37, p. 100578, 2020.
[14] R. O. Andrade, I. Ortiz-Garcés, and M. Cazares, "Cybersecurity Attacks on Smart Home During Covid-19 Pandemic," 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4), pp. 398-404, 2020.
[15] V. Susukailo, I. Opirskyy, and S. Vasylyshyn, "Analysis of the attack vectors used by threat actors during the pandemic," from 2020 IEEE 15th International Conference on Computer Sciences and Information Technologies (CSIT), IEEE, 2020, pp. 261-264.
[16] J. Amankwah-Amoah, Z. Khan, and G. Wood, "COVID-19 and business failures: The paradoxes of experience, scale, and scope for theory and practice," European Management Journal, vol. 39, p. 179,184, 201.
[17] W. N. Zechariah Wong, "Transforming corporate performance: A business continuity management approach," Organizational Dynamics, vol. 48, pp. 29-36.
[18] X. Jia, M. Chowdhury, G. Prayag, and M. M. Hossan Chowdhury, "The role of social capital on proactive and reactive resilience of organizations post-disaster," International Journal of Disaster Risk Reduction, vol. 48, p. 101614, 2020.
[19] J. El Baz and S. Ruel, "Can supply chain risk management practices mitigate the disruption
impacts on supply chains' resilience and robustness? Evidence from an empirical survey in a COVID-19 outbreak era," International Journal of Production Economics, vol. 23, p.
107972, 2021.
[20] L. Tawalbeh, F. Muheidat, T. M., M. Quwaider, and G. Saldamli, "Predicting and Preventing Cyber Attacks During COVID-19 Time Using Data Analysis and Proposed Secure IoT layered Model," from 2020 Fourth International Conference on Multimedia Computing, Networking and Applications (MCNA), Valencia, Spain, IEEE, 2020, pp. 113- 118.
