Report on the “Impact of Covid-19 on Cybersecurity” Session

Report | GFCE V-Meeting “Impact of Covid-19 on Cybersecurity” | 16 April 2020

The aim of this GFCE V-Meeting session was to present the impact of Covid-19 on countries and organizations by highlighting existing cybersecurity vulnerabilities and discuss the steps that they can take to proactively address emerging malicious cyber-threats. The session began with Chris Painter, President of the GFCE Foundation Board, highlighting that cybersecurity and cyber capacity building efforts are now more important than ever.

The first presentation, by Ms. Kaja Ciglic, Senior Director of Digital Diplomacy at Microsoft, provided an overview of the cyber threat landscape during the Covid-19 pandemic. Many organizations had to start teleworking and found themselves more vulnerable than ever to cyberattacks. Ms. Ciglic pointed out that there is a change on the topics and themes of the attacks and that every country worldwide has experienced at least one Covid-19 related attack, while China, USA and Russia have witnessed more attacks. Among the rising attacks are phishing campaigns and cyber-attacks on medical centres and research facilities. Ms. Ciglic introduced Microsoft’s new tool, called “SmartScreen”, which has identified 20k malicious URLs and IP Addresses. Ms. Ciglic ended the presentation by pointing out that while the vast majority of attackers are normal criminals, it has not been a quiet period for more sophisticated actors.

The second presentation, by Mr. Aviram Atzaba, Executive Director of International Cooperation of the INCD, started with an overview of Israel’s situation during Covid-19 pandemic and the governmental measures taken. Mr. Atzaba then pointed out INCD’s role: an essential organization working with all ministries, providing cybersecurity services in critical infrastructure, protecting the supply chain, providing vulnerability checks to medical and research centres. He shared more about governmental initiatives such as the application ‘HAMAGEN’ created by the Ministry of Health, which tracks users’ whereabouts and compares them with known movements of people diagnosed with Covid-19. Another initiative is the “Marketplace” which lists all companies that provide cybersecurity solutions. Mr. Atzaba concluded the presentation by emphasizing the importance of information sharing and co-operation worldwide in order to exchange good practices.

The session continued with experiences from the GFCE Community. The first speaker, Ms. Kerry-Ann Barrett from the Organization of American States (OAS), stated all the measures that the OAS General Secretariat took when the Covid-19 was declared a pandemic – in order to protect the staff and ensure effective teleworking, focusing on delivering services securely and mitigating risks. A significant achievement for them was the issuance of a 17-pages report to respond to Covid-19. OAS also ensured that its members were equipped with the right tools to stay safe and secure online. Ms. Barrett also shared threats that Latin America and the Caribbean had been experiencing and closed her intervention by stating that this situation is an opportunity to be better equipped, to be secure online and to reinvest in cybersecurity.

The third speaker was Ms. Folake Olagunju, Program Officer Internet and Cybersecurity at ECOWAS, who stated that her organization was not immediately ready and prepared to quickly adapt to teleworking; however, this was an opportunity for the member states to increase the use of human competences to cope with the situation, by learning from other communities and developing a common benchmark for similar situations in the future. Another important aspect was to strengthen the legal and

organizational frameworks of ECOWAS by also using the GFCE to move this across. Ms. Olagunju highlighted that this is the time to focus on cybersecurity; ensuring that it becomes an important element in all sectors and create greater awareness of all people since the human factor is the greatest cybersecurity vulnerability. Three factors are important for the future: preparedness, readiness and precaution.

Ms. Carmen Gonsalves, GFCE Co-Chair and Head of International Cyber Policy at the MFA of the Netherlands, took the floor next by sharing the Dutch perspective on the Covid-19 crisis, naming the steps that cybersecurity authorities, such as the NCSC, are taking in order to monitor cyber-attacks and threats. Ms. Gonsalves highlighted the rise of human rights concerns and the acceleration of social propaganda preventing people from finding trustful sources of information, which can be dealt with providing transparent and accurate messaging of all national initiatives. Dutch initiatives include “Help the Hospitals”, a service with free cybersecurity advice to medical facilities, and the “Coronavirus Map” that tracks the spread of the virus. Her intervention closed by emphasizing that countries and organizations should focus on the UN and two important processes: the OEWG and the GGE in order to discuss the possibilities for moving forward.

The last intervention was delivered by Ms. Susan May, Branch Chief for International Affairs at the U.S. CISA, who talked about the shift in lures of cyber-attacks related to Covid-19, carried out by criminals and advanced persistent threat (APT) groups targeting individuals, enterprises and health facilities. Ms. May presented CISA’s response to Covid-19: providing guidance to the remote workforce, collaborating with partners to secure their environments, providing VPN hardening guidance, offering services such as Web Application Scanning, and offering CISA resources to other partners. CISA is also working on preventive efforts, by providing products to keep the public and stakeholders informed about cyber risks and defence recommendations. Ms. May closed by stressing the importance of international partnership to respond to the pandemic and work towards keeping all citizens safe, both physically and online.

At the end of the session different suggestions regarding another Covid-19 session were raised by the participants; the GFCE Secretariat is currently looking into the possibilities of organizing a Covid-19 follow up session. An important outcome was that all participants emphasized the importance of close cooperation between countries, organizations and companies, and the need to share best practices on different national emergency responses and cybersecurity measures. The GFCE Secretariat has already collected relevant material from this session and will continue to gather other relevant information to create an online repository on Covid-19, which will be communicated soon with the GFCE Community.