11 min read
Summary: One of the worst disease epidemics in history is currently sweeping the globe. Individuals, organizations, and society as a whole have been affected by the COVID-19 outbreak, which has been declared a pandemic by the World Health Organization. As a result of the crisis, many employees now work remotely from home using their cell phones, computers, and internet connection. These have contributed to a growth in the usage of the internet and, as a result, an increase in cybercrime. Cybercriminals have taken advantage of this opportunity to attack persons and organizations to commit a variety of crimes using a variety of methods. Hence, there is a need for the adoption of measures to curtail the damages of cyber threats.
INTRODUCTION
The outbreak of Coronavirus (COVID-19) pandemic has created a universal health crisis
which has affected a great number of people all over the world. The pandemic has not only
being life-threatening but has also endangered every aspect of our life and created fears in
individuals [1]. Although it was reported to have originated in china where it is believed to
have been regulated, other countries throughout the world have not been able to put the
pandemic under control. An estimate of over 28,500,000 confirmed cases and over 916,000
death cases has been reported as at September 2020 [2] hence most governments have
restricted movements across the country in the quest to control the spread of the virus. With
this reality, many academic institutions, government agencies and business establishments
have been forced to work from home and manage an absolutely remote workforce with the aid
of Information and Communications technologies[3].
Information Technology(IT) devices at homes are generally perceived to be poorly
configured compared to the work environment IT devices hence the IT devices at home are
highly prone by cyber-attacks [4].The increase in the use of these IT devices through the
internet has lead to an increase in cybercrimes. Cybercrime can simply be explained as a
crime carried out with the aid of a computer system[5]. These criminal acts are facilitated
through the use of the internet and it involves using specialized applications in computers
with the internet by technically skilled individuals to commit crime. Cyber security experts
estimate that the number of cyber crimes and attacks may have nearly doubled as a result of
the covid 19 pandemic[6]. Regardless of the current situation of the world, cyber criminals
have seized the opportunity to attack individuals and organizations to steal sensitive
information through various techniques. Hackers are taking advantage of the current
uncertainty to send out even more phishing messages than usual, with varying degrees of
sophistication [7].
Recently, the Central Bank of Nigeria(CBN) gave a strict warning to all Nigerians that the
Cyber Criminals are using the Covid-19 lockdown to unleash their cyber-crime skills to
exploit Nigerians[8]. According to CBN, a tremendous increase in the rate of Cyber related
crimes in phishing attacks, mail spams and ransomware attacks have been observed as
attackers are using COVID-19 as bait to impersonate brands thereby misleading their victims.
The cybercriminals seem to have more time to strategize their criminal attacks to unleash on
their victims without being noticed or recovered [9]. They defraud citizens, steal sensitive
information, or gain unauthorized access to computers or mobile devices using various
techniques.
REVIEW OF CYBER SECURITY DURING COVID 19 PANDEMIC
The cyberspace has not witnessed such high rate of cybercrime in time past and the effects
currently created by the menace can never be over emphasized[10]. A lot of businesses have
crumbled while a number of investments have been lost to these cyber criminals who would
spend the money gotten lavishly not minding the hard work put together to achieve such
businesses or investments [11,12]. The increase in this crime rate can be attributed to the
increase in internet traffic since almost everything is now done via the internet[13]. This
makes a lot of new users vulnerable to different attacks by cybercriminals. Another major
cause is idleness resulting from the stay at home orders during this period. In the absence of
palliatives to cushion the effect of sudden absence of revenue, a lot of daily income earners
are left with no alternatives than to engage in various crimes for sustenance. This section
gives an overview of the impact of cyber crimes on various sectors during this pandemic
Health-Care Sector
The health institutions have been the most targeted sector by cybercriminals in this covid -19
pandemic. Several hospitals have fallen victim of ransomeware, a type of malware that
demands payment of a certain ransom before users can access their system or personal files. A
number of hospital websites have been hacked into with the aim of making money from the
data stolen from their database [14].There are other conditions that makes the health sector
more at risk of falling victims of cybercrimes sector, these include an increase in the need for
protective masks and disinfectants, a reduction in the rate of movement both locally and
internationally and an increase in the use of telemedicine for management of patients during
this pandemic[15].
E-Commerce Sector Fraud
As a result of the global pandemic, several small and medium sized commercial stores have
gone digital in order to sustain their businesses. It was revealed that an estimate of 21%
increase in online transaction has been discovered in year 2020 compared with 2019[16].
Most of these websites were set up in such an hurry without much consideration to the
security requirements of online businesses which has made them gullible to cyber frauds and
attacks. E-Commerce crime entails all fake business deals performed through the internet.
Such transactions unlike physical payment do not necessarily needs the card at the point of
making payment rather; it only requires necessary information about the card. This
information can be extracted by hackers who either use the stolen data to make false
transactions or sell it to cybercriminals who defraud innocent people with this confidential
information in their custody. One of the challenges of e-commerce is the use of open source
software which can be accessed and modify by anyone including criminals [17]. An increased
in the vulnerabilities associated with this open software has been recorded as a result of this
global pandemic. Another common challenge with e-commerce is credit card skimming [17].
Criminals employ various card skimming malware most of which are hard to detect to
perform different transactions on business websites.
Banking Sector
The financial institutions also have their own share of the challenges experienced during this
covid 19 pandemic. With the need to curtail the spread of the corona virus, mobile banking is
being encouraged [18]. The application used for this purpose need to be very secured and
equipped with technologies that validates identity of users through the use of efficient
biometric technique and ensures transactions are not done by robots. A lot of phishing emails
are being sent to customers to validate their account by providing some sensitive information
about themselves [16]. Some other customers have been attacked by malware by mere
clicking on the links sent to them by fraudsters posing to be agents from their banks. Another
attack on banks payment systems is the swift attacks which targets small transactions that are
not likely to be investigated.
Educational Sector
The educational sector is also affected by the pandemics with billions of students forced to
stay at home due to school closures and restricted movement all over the world. In order to
cushion the impact of this on students, UNESCO has suggested the use of remote digital
learning platforms, massive open online courses, video lessons and radio and television
broadcast[19]. Although the use of these applications has greatly assisted the students by
constantly engaging their brains in educative activities however, the success of the application
depends on the availability of constant power and internet connectivity. According to recent report, cyber criminals have also found their ways to education website with the launching of
malwares into the schools‟ websites[20]. They later demand for ransom before the release of
affected data.
Social Sector
Several people of all ages have been forced to increase their activities on social media
platforms consequent of the stay at home order without taking much time to ensure they are
protected from cybercriminals. These criminals employed several methods to unleash attacks
on their victims without being noticed. A lot of phishing campaigns with enticing offers of
relief packages have been sent to individuals to steal their information or at times to drive
more traffic to their website by just clicking on an unsecured link[21]. Some criminals
through social engineering have made direct contacts with their victims gaining their
confidence to obtain confidential information about them which they use in carting away with
their money[22]. A lot of social media accounts have been hacked during this pandemic with
a lot of people scammed as a result of identity theft where criminals posed as real owners of
the account to dupe friends and family.
COMMON CYBER SECURITY THREATS DURING COVID-19 PANDEMIC
Cybercrimes are facilitated through the use of the internet and it involves using specialized applications in computers with the internet by technically skilled individuals. Some of the cyber security threats experienced during this pandemic are summarized in this section.
- Phishing is the scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly [23]. This type of attack has gone beyond the use of email and has increased gradually during this period of Covid-19. Attackers are now using SMS and phone calls to retrieve victims confidential information such as login details (usernames, passwords, pins among others). Moreover, confidential or sensitive information of users can easily be obtained when they visit fake websites or or download documents from insecure sites.
- Credit card fraud: this type of attack is carried out in conjunction with other attacks such as phishing. It aims at stealing people‟s credit card details and using it to defraud them. Attackers do not need to get the physical card for them to carry out their fraudulent activities, all they need is just the card details such as BVN (Bank Verification Number), card pin, account number linked to the credit card, expiry date, CVC/CVV (Card Verification Code/ Card Verification Value) and PAN (Primary Account Number)[17]. The criminals use these stolen card details to transact business online without being caught.
- Identity theft: it is the deliberate use of someone else‟s identity, usually for a financial gain or to obtain credit and other benefits in the victim‟s name to the victims‟ disadvantage or loss[24]. Several social media account have been hacked and hackers send messages and viruses to everyone linked to the account. Most times, people fall victim by clicking on a link to subscribe for free service without knowing their identity will be stolen.
- Ransomware: is a type of malware that prevents users from accessing their system or personal files until a ransom is paid to regain access [15]. Health facilities where COVID-19 testing on individuals are being carried out are being shut down due to ransomware attack. A lot of organization and individuals has been affected by this attack and it has disrupted their operations significantly.
- Online Dating Scams: There are several online dating apps that help people find their soul mates. However, not all ends well. The methods used by these romance scammers are not different from that of the domestic abusers and are extremely manipulative in nature. Thousands of people (men and women) fell into the snare of these scammers during this period of pandemic[7]. A lot of people lost money and other valuables to these fake online lovers. It is advisable never to send money to a stranger on the internet, no matter how convincing they might be.
ANALYSIS OF CYBERCRIME IN NIGERIA DURING COVID-19 PANDEMIC
This research was carried out to evaluate the impact of cybercrime on the general public during the covid-19 pandemic knowing well that Nigeria is ranked high in internet crimes globally. As at August 2020, the number of internet users in Nigeria was estimated at 99.05 million which accounts for 46.6% of the whole country’s population [25]. The study developed a web-based questionnaire using Google-Form to obtain responses from web users. The questions cut across various types of cybercrimes common in Nigeria as at the time of carrying out this analysis. Moreover, questions about gender, age range, employment status and some other specific questions were asked to further enhance the analysis to determine the level of vulnerabilities of each category of people to these crimes. Each question had 5 options from which only one can be selected at a time:
- All the time (ATT)
- Most times (MT)
- Sometimes (ST)
- Seldom (SD)
- Never (NE)
A total of nine hundred and sixty (960) respondents fully participated in the survey which lasted for a period of one week
Results
This section analysed the various responses obtained from the questionnaire. Out of the 960
respondents that filled the survey questions, 50.7% are in the range of 18-30 years, 47.9% are
in the range 30-50 years while the remaining1.4 % are above 50 years. Also the responses
gotten from the male folks were 64.4% while that of the female was 35.6%. This information
shown in Figure 1 assisted us to determine the age group and gender that are more prone to
cyber attack on the internet.
Another preliminary information that helped in shaping the analysis is the employment
status of each correspondent. 43.8% of the 960 respondent were fully employed as at the time
of taking part in this survey, 32.9% were students, 17.8% were business owners while 5.5%
were unemployed.
To analyze the activities that were mostly carried out using the internet, it was discovered
that 10.2% spent more time playing online games, 8.3% read news and other articles online,
50.3% browse through different social media platforms such as facebook, instagram, whatsap
and others, 15.6% shops online, 10.5% engaged in academic research activities while others
were involved in other online activities such as watching videos and listening to songs. The
following responses were revealed and a conclusion made from the results that people spend
more time on social media than others.
Moreover, it was discovered that 25.8% are victims of blackmailing scam, 22.6 % of
respondent have been victim of phishing attacks, 16.1% have fell for social hijacking, 12.9%
have been duped by BVN scammers, 9.7% by charity fund while the remaining 3.2% have
been victims of other cybercrimes.
To determine the reasons for the high vulnerabilities of respondents to cybercrimes, it was
discovered that only 62% have antivirus and firewalls protection on their systems, 10% use
identity theft protection monitoring, 15% freeze their credit when not in use while the other
13% have no protection at all against cybercriminals.
To further enhance this research, a comparison between the values obtained from this
survey was compared with a similar survey carried out before the outbreak of the corona virus
pandemic as shown in table 1[5]. The table revealed an increase in every of the crimes under
consideration in the new study. The increase in internet usage could be linked to the work
from home order of the federal government. Some also lost their jobs during the pandemic
which made them consider engaging in internet fraud as a source of livelihood. The close
down of tertiary institutions in Nigeria without alternative plans to keep the students busy also
led to an increase in internet crimes.
Moreover, T-test was employed to determine if there is significant difference between the
occurrences of these cybercrimes in the two studies. A t-test value was measured between the
number of occurrence of the different cybercrimes in the study before the pandemic and the
one during the pandemic. The result of the t-test analysis conducted confirmed that the
cybercrimes is statistically significant at . The t-test result further validates the fact
that more cybercrimes were experienced during the covid -19 pandemic than before the
pandemic.
As part of the measures to fight against cybercrimes in Nigeria, the National Information Technology Development Agency (“NITDA) advised Nigerians on the importance of data
backup as mitigation strategy during this era of COVID-19[26]. The recommended guidelines are highlighted below:
- Ensure you backup your data frequently and at relevant intervals;
- Consider using remote storage for your backups;
- Ensure that the files containing your data backups are encrypted and protected; and
- Use multiple methods and multiple media for your data backups.
Similarly, the Central Bank of Nigeria(CBN) urged the public to observe the following precautions while transacting business online [8]:
- Beware and verify emails or phone calls claiming to be from government agencies, especially when such emails request for banking information or to click on a link. It is better to visit official websites of relevant organizations for desired information;
- Avoid clicking on links or attachments in emails that claim to have more information regarding the COVID-19 pandemic;
- Avoid downloading mobile apps from untrusted sources; and
- Obtain relief package or other information from trusted online sources.
The United Nations Office on Drugs and Crime(UNODC) also proposed some guidelines that can help both government and individuals in the fight against cybercriminals[27]:
- Set up a multi-agency cyber vulnerability cell and monitor closely the complaints of cyber-frauds.
- Selectively monitor new apps which have emerged regarding the supply of medicines, essential commodities and health care products.
- Selectively track the online fund flows to accounts which have been dormant or low balanced till recent past.
- Launch a widespread awareness program among the public to avoid sharing personal details including banking details with unknown apps.
- Educate families who are dependent upon internet as the basic source of communication in the times of lock down on safe internet usage, including frequent change of passwords, etc.
In addition Abukari et al., [4] recommended that internet users should double check a suspicious domain with multiple services and use the payment service that allows money holding for all online shopping. It is also wise to be aware of any social engineering and block pop-ups from any URL. Another safe thing to do is to disable the feature of automatic International Domain Name (IDN) conversion in the web browser to avoid falling into fake websites.
CONCLUSION
This paper described the different cybercrimes common during the covid 19 pandemic and analyzed the effect it has on every sector in the world. An analysis of these crimes in Nigeria was carried out and the result obtained revealed an increase in cybercrime during the covid 19 pandemic. The unemployment rate in the country has increased with a lot of daily earners being out of job for a long time. This has forced them to seek for other ways of making quick money by taking advantage of innocent citizens through various cybercrimes. This research revealed the need for more sensitization to create awareness among internet users to protect them from falling victims of these internet criminals. Internet users should protect their computer devices from cyber attacks and ensure they stay safe whenever they are online.
Recommendation(s)
• There is a need for increased education and awareness among internet users to protect them from becoming victims of cybercriminals. Internet users should take precautions to safeguard their computers from cyber-attacks and be safe while online.
• Users should examine a suspicious domain with multiple services and utilize a payment service that permits money to be held for all online purchases. It’s also a good idea to keep an eye out for any social engineering attempts and to disable pop-ups from any URL.
• To avoid falling victim to fraudulent websites, turn off the feature of automatic International Domain Name (IDN) conversion in your web browser.
Source: International Journal of Advanced Research in Engineering and Technology (IJARET)
Keywords: COVID-19, Cybercrimes, Cybercriminals, internet Pandemic