As we enter the tenth month of the pandemic, the cases of COVID-19 infection continue to soar worldwide with no peak in sight, people around the world are longing for an end. While researchers and medical experts across the globe continue to learn more about the novel contagion and its bizarre array of symptoms, it is becoming clear that the battle with COVID-19 is not an easy one. The virus has infected both the personal computer and epidemiological end points are at the point of crisis. Most countries have deferred the hope of achieving herd immunity until the arrival of a vaccine. The timing of the end point will vary by country and will be affected by a number of factors.
The global events of the past ten months have brought unprecedented change to the physical and digital worlds. We have seen that cybercriminals continue—and sometimes escalate—their activity in times of crisis. The year 2020 has brought major disruptions to both the physical and digital worlds, and these changes are also evident in the cyber-threat landscape. Certain types of attacks have escalated as cybercriminals change tactics, leveraging current events to take advantage of vulnerable targets and advance their activity through new channels. Cybercrime is an ongoing and escalating challenge for both the public and private sectors around the globe.
Secondly, the criminals behind these attacks are now spending significant time, money, and efforts to develop scams that are sufficiently sophisticated to victimize increasingly savvy professionals.
E-Learning Platforms are at Risk, there has been a surge in the usage of online learning platforms during the ongoing pandemic. In the recent past, hackers targeted multiple e-learning portals to steal users’ personal information. India-based online learning platform Unacademy also suffered a data breach that exposed details of 22 million users. The unknown hackers kept 21,909,707 user records for sale at 2,000 dollars on darknet forums. The compromised information included usernames, hashed passwords, date of joining, last login date, account status, email addresses, first and last names, and other account profile details. Earlier, a Spanish e-Learning platform 8Belts suffered a data breach that exposed personal data of over 100,000 e-learners across the globe. Data Breach Affected 2Mn Users of Indian E-Learning Platform. An unsecured Elastic search server belonging to an Indian e-learning platform Edureka, exposed the personal information of around 2 million users.
Surprisingly, the server was left online without password protection, allowing open access to the information in it. of their devices and prompt them to install certain software which has no real benefit or is malware itself. The Spanish e-learning platform 8Belts affected 150,000s of people across the globe. The breach originated from a misconfigured Amazon Web Services S3 bucket, exposing the private data of 8Belts users, and making them vulnerable to dangerous cyberattacks. Despite sophistication and diversity of the attacks, the methodology is often the same, whether the actors use large-scale attacks for financial gain or targeted attacks to support geopolitical interests. An example of this usage is “Micr0soft.com” where the first “o” is replaced by a zero and can be easily overlooked by human readers as per the Beyond Security’s report.