In March 2020, AI and technology were a very useful tool for the South Korea to survive new Coronavirus (COVID-19), the country used all their technological efforts and advanced digital platform for big data to control in a short term the raising of stress and detect possible clusters of the virus and areas in risk.[1] However, Technology is a two-edged sword. Nowadays, technology has also been misused by cyber criminals who maximize their efforts in crisis. Therefore, 2020 was expected to be a year of massive cyberattacks, where the hackers were supposed to enhance their capabilities by more sophisticated technologies and Artificial intelligence (AI), that might not be just simple viruses but to be more precise attacks with social engineering or psychological manipulation. Then even after the beginning of a worldwide quarantine, the technology and the internet are been perused as a savior for the human being, by being a useful tool that provide different possibilities of entertainment, more options and mechanisms to work and study remotely, to be concluded by the words of Mohamed Yehia, a business coach at the AUC Venture Lab: “Stay home, stay connected”. Thus, while the physical spaces are being attacked by the pandemic new Coronavirus (COVID-19), the virtual spaces have been also targeted by a very dangerous viruses, to introduce to the world new arena of cyberattacks, which a huge amount is taking place in a very systematic organized way focusing on (1) collecting more sensitive data from governmental entities, big compagnies and in parallel seeking more personal data from the internet users and (2) hacking the world by fake disinformation campaigns and news. The reality is both kind of precautions should be taken now to stay safe; the first is to follow the World Health organization advices and all the protective measures against the new Coronavirus (Covid-19) and the second is to protect your business, your data and yourself from cyberattacks; phishing[2] campaigns or scams.[3]
I. USA, Iran and Saudi Arabia: International Fears of Cyberattacks Before Coronavirus (Covid-19)
The cyberattacks are usually targeting a computer, severs, tablets and smartphone device, and recently they are able to target infrastructure, vital services, companies with strong economic returns, financial systems and internal networks of any country, communications and others while seeking to create a state of political and economic instability. It may be undertaken by states, governmental or non-governmental institutions or individuals, especially with technological advances, availability of knowledge and technology conflict at the same time that connects the military forces with computer networks connected to the Internet. Therefore, governments are now struggling to have offensive capabilities to use against the enemy as a weapon of war and as a defensive one to counter cyberattacks. Currently, 15 of the world’s countries with huge military budgets are investing in specialized fields in order to enhance their offensive capabilities electronically through the Internet and their development for use in military affairs as a proactive step to disrupt the enemy’s networks and disrupt their movement. The Stuxnet attack in 2010 was one of the most impactful ones, as it caused the disruption of Iran’s uranium enrichment capabilities in which the United States and Israel were involved, prompting Iran to invest in and develop its cyber security.[4] Currently, countries have announced their launching cyberattacks and nullify their targeted attacks, however, before the current outbreak of new Coronavirus, the warning of Iranian attacks has been increased in particular after the assassination of Qassim Soleimani.
With the beginning of 2020, the USA had warned that Iran could strike national infrastructure, such as electricity networks, electronically, which could cause disasters. Therefore, some articles started to draw attention to the possibility of the manipulation of the American State towards this topic, by capitalizing the fears of cyberattacks as an attempt to attract the battlefield to a cyberwar instead of a real military conflict. It was expected at that time, that Saudi Arabia will be exposed to some electronic attacks in the coming period, and accordingly, it is assumed that Saudi Arabia and its close allies in the region will develop an integrated secret plan to address the attempts of the electronic attack on Aramco in particular and the Saudi Arabia in general, in addition to its importance of putting all its efforts In developing and possessing offensive capabilities to use against enemies. It is also expected that other parties use cyberattacks to achieve some interests, especially with the possibility of public opinion attributing these attacks to Iran. It is expected that Iran will not be satisfied with this type of cyberattacks unless it guarantees that it will achieve significant economic and political damage. Then again, Saudi Arabia must strengthen its diplomatic activity and improve its relationship with countries that are likely to escalate crises with them in order to avoid entering in a cyberwar instead of the United States of America, also Saudi Arabia most adopt a budget to develop technology, raise security awareness and increase shipping insurance, because it is expected that Iran will invest in deception through the global positioning system (GPS) to try to deliver Saudi shipping to Iranian waters.[5] Vince Warrington, the CEO of Protect Intelligence said in a published article “Iran can target American and British interests in the Middle East, especially those companies that have ties to Saudi Arabia.”.
Therefore, before the outbreak of new coronavirus and with more warnings about increasing attacks on Saudi oil companies in particular, and despite the difficulty of anticipating the attacking country or entity that might launch attacks on Saudi Arabia, the expected scenarios were the following: 1) A cyberattack from only Iran or with the support of Qatar and / or Turkey – with the aim of destabilizing national economic security and hence the position of Saudi Arabia in the Islamic world and the leadership of Arab countries. 2) Iran and Russia – with the aim of undermining the position of the United States of America and threatening its interests in the region, and this scenario may be linked to military operations or a missile attack on some sites with American interests. Especially with the use of Russia used by Iran in the testing of weapons, the position may also lead to its proxy to test electronic weapons. Cooperation may be through coordinating attacks and identifying some sites so that attacks are more effective and impactful. 3) The United States of America or Israel – with the aim of destabilizing the petroleum oil market in Saudi Arabia and opening the way for other oil-exporting countries more broadly. Especially with the leadership of both of them in the technology field and their enjoyment of the right to access the transatlantic cables and their relationships with most of the global service providers that serve them in the event of an electronic attack on one of the points of American importance.[6]
II. More Examples and Accusations of Nations Cyberattacks
Since the beginning of 2020, cyberattacks reached some countries in the Middle East region and the Arab neighborhood; (1) Israel and Iran: In February 2019, a general in the Israel Defense Forces (E-Defense Forces) announced to Bloomberg that his unit had thwarted an Iranian penetration operation targeting the anti-missile alert system, which had been initiated by Iran since 2017. Although there are reports that Iran is developing its cyber-offensive capability and indicates that it possesses a wide and sophisticated capabilities that can target vital national infrastructure, financial institutions, educational institutions, and government companies, the recent strikes of the United States of America have made clear the real capabilities of Iran and its weak technological capabilities. It is reported that last June of 2019, Iran shot down an unmanned US spy plane RQ-4A Global Hawk in international airspace over the Gulf, and the United States of America retaliated by correcting and controlling a successful cyberattack against Iranian air defense sites and command.
(2) Turkey and Greece: In January 2020, cyberattacks erupted between Athens and Ankara, where Greek media reported that some Turkish cybercriminals attacked the sites of the Greek Parliament, the Ministry of Foreign Affairs, the National Intelligence Service, the Treasury and the Athens Stock Exchange. The Turkish hackers’ group “Anca Needler” has claimed responsibility for the attacks. Anonymous Greece, an online organization that defines itself as a non-governmental organization, launched a counterattack by targeting specific state-owned communication servers. Then, the Greek government spokesman, Stiles Peats, announced other attacks on the websites of the Ministries of Interior and Foreign Affairs, Shipping and Finance and the Prime Minister’s website on the Internet, as this happened on the sidelines of the signing of the Turkish-Libyan Memorandum of Understanding.[7]
III. Modifications to Cyberattacks’ plans on the sidelines of Coronavirus Panic
On the sidelines of Coronavirus panic that came with more social distancing measures and self-quarantine, the world starts to confront severe cyberattacks that aims to sow panic in the world (populations and States’ entities), and it moved to be a direct attack to the “enemy” internally instead of just focusing on attacking the enemy’s interests outside of his homeland.
Both countries and populations are facing more cases of cyberattacks: (1) The Czech Republic’s second-biggest hospital was hit by cyberattack on March 13 and the U.S. Health and Human Services Department in the USA also suffered a cyberattack on its laptop system on Match 16 night.[8] (2) USA: The US population faced one of the most serious attacks in the beginning of March; one of these attacks gained access to the cellphones systems by permeated MMS and SMS text-messaging and send out warnings about shutdown of public and government services. These attacks took place in the NYC area, Washington, D.C., Boston, Kanas and the West Coast.[9] (3) France: The operators of the Cybermalveillance.gouv.fr platform explain that “as with every exceptional event, one must be aware that cybercriminals seek to take advantage of haste and the decrease in vigilance of the people directly or indirectly concerned to abuse them and which will be amplified by the increase in digital use linked to containment measures”.[10] The French businesses was also affected by cyberattacks, since January 30, the French company Bouygues Construction company, which affected its activity without paralyzing it. The company specified, in a press release sent on Friday, January 31 in the afternoon: “A ransomware-type viral attack was detected on the Bouygues Construction computer network on January 30. As a precaution, information systems have been shut down to prevent spread.”[11]
[1] For more information, please consult the Daily Star link and CNN link.
[2] IT governance’s definition for Phishing is the following: A type of cyber-attack in which scammers send malicious messages that appear to be from a trusted source. In link.
[3] Please consult Zdnet for more practices for a safe remote work link.
[4] For more information, please consult Forbes Link.
[5] For more information, please consult Stratfor Link.
[6] For more information, please consult Stratfor Link.
[7] For more information, please consult Euro-Active In Link.
[8] For more Information, please consult Cyber-scoop In link and Los Angeles Times In link.
[9] For more information, please consult ABC News In link
[10] For more information, please consult zdnet In link.
[11] For more information, please consult the link.
