Journal of Information Technology Services (한국IT서비스학회지)

Korea Society of IT Services (한국IT서비스학회)
권호 표지
DOI QR코드

DOI QR Code

An Analysis of Cyber Attacks and Response Cases Related to COVID-19

코로나19 관련 사이버 공격 및 대응현황 분석

  • Received : 2021.07.19
  • Accepted : 2021.09.30
  • Published : 2021.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

Since the global spread of COVID-19, social distancing and untact service implementation have spread rapidly. With the transition to a non-face-to-face environment such as telework and remote classes, cyber security threats have increased, and a lot of cyber compromises have also occurred. In this study, cyber-attacks and response cases related to COVID-19 are summarized in four aspects: cyber fraud, cyber-attacks on companies related to COVID-19 and healthcare sector, cyber-attacks on untact services such as telework, and preparation of untact services security for post-covid 19. After the outbreak of the COVID-19 pandemic, related events such as vaccination information and payment of national disaster aid continued to be used as bait for smishing and phishing. In the aspect of cyber-attacks on companies related to COVID-19 and healthcare sector, we can see that the damage was rapidly increasing as state-supported hackers attack those companies to obtain research results related to the COVID-19, and hackers chose medical institutions as targets with an efficient ransomware attack approach by changing 'spray and pray' strategy to 'big-game hunting'. Companies using untact services such as telework are experiencing cyber breaches due to insufficient security settings, non-installation of security patches, and vulnerabilities in systems constituting untact services such as VPN. In response to these cyber incidents, as a case of cyber fraud countermeasures, security notices to preventing cyber fraud damage to the public was announced, and security guidelines and ransomware countermeasures were provided to organizations related to COVID-19 and medical institutions. In addition, for companies that use and provide untact services, security vulnerability finding and system development environment security inspection service were provided by Government funding programs. We also looked at the differences in the role of the government and the target of security notices between domestic and overseas response cases. Lastly, considering the development of untact services by industry in preparation for post-COVID-19, supply chain security, cloud security, development security, and IoT security were suggested as common security reinforcement measures.

Keywords

References

  1. 고용노동부, "재택근무 종합 매뉴얼", 2020.
  2. 과학기술정보통신부, "K-사이버방역 추진 전략", 2021.
  3. 과학기술정보통신부, 교육부. "원활한 원격수업을 위해 10가지 실천수칙을 지켜요", 보도자료, 2020. 4. 9.
  4. 과학기술정보통신부, 한국인터넷진흥원, "비대면 업무환경 도입운영을 위한 보안가이드", 2020.
  5. 국경완, "코로나19 이후 사이버공격 유형 및 대응 방안", KOSEN Report, 2020. 09.
  6. 금융보안원, "금융회사 재택근무 보안가이드", 2020.
  7. 김난도, 전미영, 이향은 외 5명, 트렌드코리아 2018, 미래의 창, 2018.
  8. 머니투데이, "'한국형 진단키트' 인기끌자 해외서 국내 제조업체 해킹 시도", 2020. 3. 31.
  9. 방송통신위원회, "스마트워크 활성화를 위한 정보보호 권고", 2011.
  10. 방송통신위원회, 한국인터넷진흥원, "스마트워크 활성화를 위한 정보보호 권고 해설서", 2011.
  11. 방위사업청, "방산 및 협력업체 비대면.재택근무 보안 안내서", 2021.
  12. 법제처, http://www.law.go.kr.
  13. 보건복지부, "의료기관 진료정보보호 추진 방향", 2021 의료기관 개인정보보호 & 정보보안 컨퍼런스 발표자료, 2021. 7. 6.
  14. 보안뉴스, "해커, 국내 대기업 계속 노리나? 다크웹서 내부 네트워크 침투용 VPN 계정 판매", 2021a. 3. 2.
  15. 보안뉴스, "되돌릴 수도 없는데... 클라우드의 악순환, 우리 스스로 자초했다", 2021b. 9. 16.
  16. 사회보장정보원, "의료분야 랜섬웨어 예방대응안내서", 2020.
  17. 사회보장정보원, "코로나19 예방접종 위탁의료기관 안티랜섬웨어 소프트웨어 설치", 2021a. 6. 4.
  18. 사회보장정보원, "국내외 의료분야 타겟형 사이버 공격그룹 분석 및 대응방안", 2021b.
  19. 손효현, 김광준, 이만희, "미국 공급망 보안 관리 체계분석", 정보보호학회논문지, 제29권, 제5호, 2019, 1089-1097. https://doi.org/10.13089/jkiisc.2019.29.5.1089
  20. 오형근, "코로나19 이후 주요 사회변화와 정보보안 이슈 분석", 정보과학회지, 제38권, 제9호, 2020, 48-56.
  21. 이경복, 박태형, 임종인, "스마트워크 환경 변화에 따른 보안위협과 대응방안", 디지털융복합연구, 제9권, 제4호, 2011, 29-40. https://doi.org/10.14400/JDPM.2011.9.4.029
  22. 이동휘, 김현아, "코로나19 관련 사이버 공격 사례분석을 통한 보안 연구", 한국정보통신학회 종합학술대회 논문집, 제24권, 제1호, 2020, 548-550.
  23. 이용필, 이상걸, 서영진, "국내 IoT 보안인증 제도개선 연구", 융합보안논문지, 제21권, 제1호, 2021, 79-92.
  24. 이응용, "코로나-19를 이용한 사이버공격 및 대응동향", KISA Report, Vol.5, 2020, 20-29.
  25. 인사혁신처, "'사회적 거리두기' 공무원 복무 관리 특별지침 시행", 2020.
  26. 전승화, 김정호, "언택트(Untact) 산업 확산의 이론적 배경과 전망", 신산업경영저널, 제38권, 제1호, 2020, 96-116. https://doi.org/10.30753/EMR.2020.38.1.005
  27. 중앙일보, "韓코로나 진단키트 업체 해킹 시도...정부, TF 구성 대책 마련", 2020. 3. 31.
  28. 트렌드마이크로, "2020 위협 결과 보고서(2020 Security Roundup Report)", 2021.
  29. 한국인터넷진흥원, "클라우드 정보보호 안내서", 2017.
  30. 한국인터넷진흥원, "코로나19 바이러스 사칭 스미싱 주의 안내", 보안공지, 2020a. 2. 28.
  31. 한국인터넷진흥원, "재택.원격근무 정보보호 6대 실천 수칙", 2020b. 3. 30.
  32. 한국인터넷진흥원, "2020년도 경영실적보고서", 2021.
  33. 행정자치부, "소프트웨어 개발보안 가이드", 2017.
  34. IBM Security, "데이터 유출 비용 보고서 2021", 2021. 7. 29.
  35. TV Chosun, "北, 코로나 백신 개발 제약사 해킹 시도...국내 4곳도 공격", 2020. 12. 3.
  36. ZDNet Korea, "해커도 익숙해진 '원격근무'...VPN 의존하니 정보 탈탈", 2021. 8. 7.
  37. Amar, J., Raabe, J., and Roggenhofer, S., Customer first: Personalizing the customer-care journey, McKinsey & Company, New York, 2021.
  38. AP News, "US accuses Chinese hackers in targeting of COVID-19 research", 2020. 7. 22.
  39. Ars Technica, "Zoom lied to users about end-to-end encryption for years, FTC says", 2020. 11. 10.
  40. CISA, "CISA Insights: Risk Management for Novel Coronavirus(Covid-19)", 2020. 3. 6, 2020a. 3. 18. update.
  41. CISA, "CISA Alert: Defending Against COVID-19 Cyber Scams", 2020. 3 .6.
  42. CISA, "CISA Alert : Enterprise VPN Security", 2020c. 3. 13.
  43. CISA, "TIC 3.0 Interim Telework Guidance", 2020d. 4. 8.
  44. CISA, "Guidance for Securing Video Conference", 2020e. 5. 1.
  45. CISA, "Cyber Essentials Toolkit : Chapter 1~6", 2020f. 5. 11.
  46. CISA, "Telework Essentials Toolkit", 2020g. 10.
  47. CISA, "CISA Insights - Cybersecurity Perspectives Healthcare and Public Health Response to COVID-19", 2021. 1. 13.
  48. ENISA, "Top Tips for Cybersecurity when Working Remotely", 2020a. 3. 15.
  49. ENISA, "Tips for cybersecurity when working from home", 2020b. 3. 18.
  50. ENISA, "Tips for cybersecurity when buying and selling online", 2020c. 3. 31.
  51. ENISA, "Tips for selecting and using online communication tools", 2020d. 4. 27.
  52. ENISA, "Understanding and dealing with phishing during the COVID-19 pandemic", 2020e. 5. 6.
  53. ENISA, "Cybersecurity in the healthcare sector during COVID-19 pandemic", 2020f. 5. 11.
  54. ENISA, "Securing smart infrastructure during the COVID-19 pandemic", 2020g. 5. 18.
  55. ENISA, "Top ten cyber hygiene tips for SMEs during COVID-19 pandemic", 2020h. 6. 2.
  56. FBI, "FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic", 2020. 3. 30.
  57. FBI & CISA, "Fbi and Cisa Warn Against Chinese Targeting of Covid-19 Research Organizations", 2020. 5. 13.
  58. Health Sector Cybersecurity Coordination Center, "COVID-19 Cyber Threats (Update)", 2020. 8. 13.
  59. Health Sector Cybersecurity Coordination Center, "2021 HPH Cybersecurity Forecast", 2021a. 3. 11.
  60. Health Sector Cybersecurity Coordination Center, "Ransomware Trends 2021", 2021b. 6. 3.
  61. HealthcareITnews, "Pfizer COVID-19 vaccine data leaked by hackers", 2021. 1. 14.
  62. Hijji, M. and Alam, G., "A Multivocal Literature Review on Growing Social Engineering Based Cyber-Attacks/Threats During the COVID-19 Pandemic: Challenges and Prospective Solutions", Access IEEE, Vol.9, 2021, 7152-7169. https://doi.org/10.1109/ACCESS.2020.3048839
  63. HIPAA Journal, "Cost of 2020 US Healthcare Ransomware Attacks Estimated at $21 Billion", 2021a. 03. 11.
  64. HIPAA Journal, "July 2021 Healthcare Data Breach Report", 2021b. 8. 23.
  65. Horn, I., Taros, T., Dirkes, S., Huer, L., Rose, M., Tietmeyer, R., and Constantinides, E., "Business reputation and social media: a primer on threats and responses", Journal of Direct Data and Digital Marketing Practice, Vol.16, No.3, 2015, 193-208. https://doi.org/10.1057/dddmp.2015.1
  66. Kaspersky, "COVID-19: Examining the threat landscape a year later", 2121. 03. 15.
  67. Kwak, Y. and Cho, Y., "Unmanned store, retailtech and digital divide in South Korea", Journal of Distribution Science, Vol.17, No.9, 2019, 47-56. https://doi.org/10.15722/JDS.17.9.201909.47
  68. Lallie, H.S., Shepherd, L.A., Nurse, J.R., Erola, A., Epiphaniou, G., Maple, C., and Bellekens, X., "Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic", Computers & Security, Vol.105, No.1, 2021, 102248. https://doi.org/10.1016/j.cose.2021.102248
  69. Lee, S. and Lee, D., "Untact: a new customer service strategy in the digital age", Service Business, Vol.14, No.1, 2020, 1-22. https://doi.org/10.1007/s11628-019-00408-2
  70. Lee, S. and Lim, S., Living innovation: from value creation to the greater good, Emerald Publishing, Bingley, 2018.
  71. NIST, "Supply Chain Risk Management Practices for Federal Information Systems and Organizations", 2015.
  72. NIST, "Guide to Enterprise Telework, Remote Access, and Bring Your Own Device(BYOD) Security", 2016.
  73. Paloalto, "Don't Panic: COVID-19 Cyber Threats", 2020a. 3. 24.
  74. Paloalto, "Malicious Attackers Target Government and Medical Organizations With COVID-19 Themed Phishing Campaigns", 2020b. 4. 14.
  75. Pranggono, B. and Arabo, A., "COVID-19 pandemic cybersecurity issues", Internet Technology Letters, Vol.4, 10.1002/itl2.247.
  76. Pritom, M. M. A., Schweitzer, K. M., Bateman, R. M., Xu, M., and Xu, S., "Characterizing the Landscape of COVID-19 Themed Cyberattacks and Defenses", 2020 IEEE International Conference on Intelligence and Security Informatics (ISI), 2020, 1-6.
  77. Reuters, "Elon Musk's SpaceX bans Zoom over privacy concerns", 2020. 4. 1.
  78. SonicWall, "2021 SonicWall Cyber Threat Report", 2021. 3. 16.
  79. Tessian, "Insider Threat Statistics You Should Know: Updated 2021", 2021. 06. 01.
  80. The Guardian, "UK government told not to use Zoom because of China fears", 2020. 4. 24.
  81. The Times of India, "Dr Reddy's admits to ransomware attack, says still restoring", 2020. 10. 28.
  82. Weil, T. and Murugesan, S., "IT Risk and Resilience-Cybersecurity Response to COVID-19", IT Professional, Vol.22, No.3, 2020, 4-10. https://doi.org/10.1109/mitp.2020.2988330
  83. Zoom, "End-to-End Encryption Update", 2020. 6.17, Available at https://blog.zoom.us/end-to-end-encryption-update/