Cybercriminals Strike Where It Hurts Most: SARS-Cov-2 Pandemic and its Influence on Critical Infrastructure Ransomware Attacks

Abstract

The critical infrastructure (CI) of a society are the sixteen entities that facilitate the smooth daily living of its residents. Due to the crucial functionalities, CI elements are the most favored targets of cybercriminals. The situation was further aggravated when the world battled the SARS-Cov-2 pandemic. Due to socio-economic distress and reduced resources, a much higher number of ransomware attacks on CI were reported in the year 2020. To further illuminate the influence of the pandemic on the ransomware trends, the authors divided the data of the reported incidents into two time-frames. The first time-frame spanned the years 2013 till 2019, and the second time-frame covered the pandemic duration of the years 2020 and 2021. The two time frames were analyzed through rich visualizations and it was found that the healthcare sector was targeted much more while it was already struggling. Moreover, new strains like Netwalker and existing strains that preyed on corporate networks were preferred in recent years. The economic distress and call for stricter laws against ransom payments resulted in lesser percentages of ransom payments, but system downtimes stretched to more than a month’s time. Lastly, while cryptocurrency had gained popularity among criminals due to its anonymity potential, continuous research against its misuse has caused a decline in crypto ransom payments.