• Home
  • About RSIS
    • Introduction
    • Building the Foundations
    • Welcome Message
    • Board of Governors
    • Staff Profiles
      • Executive Deputy Chairman’s Office
      • Dean’s Office
      • Management
      • Distinguished Fellows
      • Faculty and Research
      • Associate Research Fellows, Senior Analysts and Research Analysts
      • Visiting Fellows
      • Adjunct Fellows
      • Administrative Staff
    • Honours and Awards for RSIS Staff and Students
    • RSIS Endowment Fund
    • Endowed Professorships
    • Career Opportunities
    • Getting to RSIS
  • Research
    • Research Centres
      • Centre for Multilateralism Studies (CMS)
      • Centre for Non-Traditional Security Studies (NTS Centre)
      • Centre of Excellence for National Security (CENS)
      • Institute of Defence and Strategic Studies (IDSS)
      • International Centre for Political Violence and Terrorism Research (ICPVTR)
    • Research Programmes
      • National Security Studies Programme (NSSP)
      • Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
    • Future Issues and Technology Cluster
    • [email protected] Newsletter
    • Other Research
      • Science and Technology Studies Programme (STSP) (2017-2020)
  • Graduate Education
    • Graduate Programmes Office
    • Overview
    • MSc (Asian Studies)
    • MSc (International Political Economy)
    • MSc (International Relations)
    • MSc (Strategic Studies)
    • NTU-Warwick Double Masters Programme
    • PhD Programme
    • Exchange Partners and Programmes
    • How to Apply
    • Financial Assistance
    • Meet the Admissions Team: Information Sessions and other events
    • RSIS Alumni
  • Alumni & Networks
    • Alumni
    • Asia-Pacific Programme for Senior Military Officers (APPSMO)
    • Asia-Pacific Programme for Senior National Security Officers (APPSNO)
    • International Strategy Forum-Asia (ISF-Asia)
    • SRP Executive Programme
    • Terrorism Analyst Training Course (TATC)
  • Publications
    • RSIS Publications
      • Annual Reviews
      • Books
      • Bulletins and Newsletters
      • Commentaries
      • Counter Terrorist Trends and Analyses
      • Commemorative / Event Reports
      • IDSS Paper
      • Interreligious Relations
      • Monographs
      • NTS Insight
      • Policy Reports
      • Working Papers
      • RSIS Publications for the Year
    • Glossary of Abbreviations
    • External Publications
      • Authored Books
      • Journal Articles
      • Edited Books
      • Chapters in Edited Books
      • Policy Reports
      • Working Papers
      • Op-Eds
      • External Publications for the Year
    • Policy-relevant Articles Given RSIS Award
  • Media
    • Great Powers
    • Sustainable Security
    • Other Resource Pages
    • Media Highlights
    • News Releases
    • Speeches
    • Vidcast Channel
    • Audio/Video Forums
  • Events
  • Giving
  • Contact Us
Facebook
Twitter
YouTube
RSISVideoCast RSISVideoCast rsis.sg
Linkedin
instagram instagram rsis.sg
RSS
  • Home
  • About RSIS
      • Introduction
      • Building the Foundations
      • Welcome Message
      • Board of Governors
      • Staff Profiles
        • Executive Deputy Chairman’s Office
        • Dean’s Office
        • Management
        • Distinguished Fellows
        • Faculty and Research
        • Associate Research Fellows, Senior Analysts and Research Analysts
        • Visiting Fellows
        • Adjunct Fellows
        • Administrative Staff
      • Honours and Awards for RSIS Staff and Students
      • RSIS Endowment Fund
      • Endowed Professorships
      • Career Opportunities
      • Getting to RSIS
  • Research
      • Research Centres
        • Centre for Multilateralism Studies (CMS)
        • Centre for Non-Traditional Security Studies (NTS Centre)
        • Centre of Excellence for National Security (CENS)
        • Institute of Defence and Strategic Studies (IDSS)
        • International Centre for Political Violence and Terrorism Research (ICPVTR)
      • Research Programmes
        • National Security Studies Programme (NSSP)
        • Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
      • Future Issues and Technology Cluster
      • [email protected] Newsletter
      • Other Research
        • Science and Technology Studies Programme (STSP) (2017-2020)
  • Graduate Education
      • Graduate Programmes Office
      • Overview
      • MSc (Asian Studies)
      • MSc (International Political Economy)
      • MSc (International Relations)
      • MSc (Strategic Studies)
      • NTU-Warwick Double Masters Programme
      • PhD Programme
      • Exchange Partners and Programmes
      • How to Apply
      • Financial Assistance
      • Meet the Admissions Team: Information Sessions and other events
      • RSIS Alumni
  • Alumni & Networks
      • Alumni
      • Asia-Pacific Programme for Senior Military Officers (APPSMO)
      • Asia-Pacific Programme for Senior National Security Officers (APPSNO)
      • International Strategy Forum-Asia (ISF-Asia)
      • SRP Executive Programme
      • Terrorism Analyst Training Course (TATC)
  • Publications
      • RSIS Publications
        • Annual Reviews
        • Books
        • Bulletins and Newsletters
        • Commentaries
        • Counter Terrorist Trends and Analyses
        • Commemorative / Event Reports
        • IDSS Paper
        • Interreligious Relations
        • Monographs
        • NTS Insight
        • Policy Reports
        • Working Papers
        • RSIS Publications for the Year
      • Glossary of Abbreviations
      • External Publications
        • Authored Books
        • Journal Articles
        • Edited Books
        • Chapters in Edited Books
        • Policy Reports
        • Working Papers
        • Op-Eds
        • External Publications for the Year
      • Policy-relevant Articles Given RSIS Award
  • Media
      • Great Powers
      • Sustainable Security
      • Other Resource Pages
      • Media Highlights
      • News Releases
      • Speeches
      • Vidcast Channel
      • Audio/Video Forums
  • Events
  • Giving
  • Contact Us
  • instagram instagram rsis.sg
Connect

Getting to RSIS

Map

Address

Nanyang Technological University
Block S4, Level B3,
50 Nanyang Avenue,
Singapore 639798

View location on Google maps Click here for directions to RSIS

Get in Touch

    Connect with Us

      rsis.ntu
      rsis_ntu
      rsisntu
    RSISVideoCast RSISVideoCast rsisvideocast
      school/rsis-ntu
    instagram instagram rsis.sg
      RSS
    Subscribe to RSIS Publications
    Subscribe to RSIS Events

    RSIS Intranet

    S. Rajaratnam School of International Studies Think Tank and Graduate School Ponder The Improbable Since 1966
    Nanyang Technological University Nanyang Technological University

    Skip to content

     
    • RSIS
    • Publication
    • RSIS Publications
    • Global Health Security: COVID-19 and Its Impacts – Pandemic and Beyond: Phishing in a Larger Pond
    • Annual Reviews
    • Books
    • Bulletins and Newsletters
    • Commentaries
    • Counter Terrorist Trends and Analyses
    • Commemorative / Event Reports
    • IDSS Paper
    • Interreligious Relations
    • Monographs
    • NTS Insight
    • Policy Reports
    • Working Papers
    • RSIS Publications for the Year

    CO20121 | Global Health Security: COVID-19 and Its Impacts – Pandemic and Beyond: Phishing in a Larger Pond
    Jennifer Yang Hui, Teo Yi-Ling

    15 June 2020

    download pdf
    RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies (RSIS), NTU. These commentaries may be reproduced with prior permission from RSIS and due credit to the author(s) and RSIS. Please email to Editor RSIS Commentary at [email protected].

    SYNOPSIS

    The greatly increased reliance on technology for work, education, business, and social interaction during the COVID-19 pandemic has opened up opportunities for cyber criminals. It is highly probable that post-COVID-19, this reliance will lead to a hyperconnected world.

    COMMENTARY

    ALMOST OVERNIGHT, the nature of organisational cyber security has changed as a consequence of the COVID-19 pandemic. These shifts have essentially mutated the nature of the digital threat surface. Where there were once  relatively contained and static IT environments to be managed along standardised protocols and policies, it is no longer the case now.

    People have been dispersed outside such environments  ̶  each to their own non-corporate networks; the systemic protections of which may or may not be consistent and robust as their corporate ones. A sudden surge in mass working over private, insecure connections thus gives attackers an easy entry.

    An Uptick in Phishing Attacks

    Unsurprisingly, alongside the worsening of the global pandemic, there has been a huge spike in phishing worldwide. “Phishing” is a cyber crime technique whereby users are duped into disclosing sensitive data such as personally identifiable information, password and bank details. Phishing is responsible for as much as 94% of coronavirus-related cyber attacks.

    In Singapore, an email supposedly sent by Prime Minister Lee Hsien Loong asked for “contributions and thoughts” from Singaporeans to address the spread of COVID-19. Scammers pretending to be Ministry of Health (MOH) employees and the contact tracing team asked people to collect documents from MOH, and obtained their personal information in the process. These are just some of the many examples of ‘phishing’ that Singapore encountered during the COVID-19 crisis.

    The importance of addressing the challenges posed by phishing has been emphasised by the Cyber Security Agency of Singapore (CSA). Since the outbreak of the COVID-19 pandemic, malicious cyber attacks taking advantage of the coronavirus theme have increased. Even before the pandemic, phishing has been an ongoing cyber security issue in Singapore. Phishing was one of the methods deployed in the SingHealth cyberattack, the most serious data breach in Singapore’s history.

    As an attractive target for cyber attacks, as many as 16,100 phishing URLs with a Singapore link were detected in 2018. For individuals, phishing poses the threat of unauthorised purchases, the stealing of funds, or identity theft. On the organisational and governmental level, phishing is often used by advanced persistent threat (APT) actors to gain a foothold in their networks as a part of a larger attack.

    The Human Factor: Social Engineering and Phishing

    Human nature does not change; people are hardwired to react in certain ways. In terms of tackling this “phishing pandemic”, it helps to understand some behavioural psychology around it. Cyber criminals are not focused on exploiting systemic or technological vulnerabilities – they seek to exploit vulnerabilities in human nature.

    This aspect of the phishing threat is using the tactic of social engineering. Essentially, social engineering broadly describes the ways in which people are manipulated into carrying out certain behaviours. In the context of cyber security or information security, social engineering is about getting people to disclose sensitive information or be exposed to malware.

    Social engineering appeals to the victims’ emotions; the stronger the emotional response (positive or negative) induced in the recipient, the greater the probability is for the recipient to not think clearly and carefully. An example of an emotional response is fear.

    Fundamentally, phishing taps into the fears people have to such a degree that they are unable to carefully discern the signs of scam e-mails. Such e-mails appear to be from legitimate organisations or authorities that possess personal or confidential information of the recipient (banks or government agencies, for example), or whose services provide quality of life to the recipient (for example, those provided by Amazon, Apple, or Netflix).

    For example, scammers took advantage of some common keywords used in the COVID-19 pandemic and paired them with terms such as ‘masks’, ‘loan’, ‘unemployment’ and ‘cure’ to bait information seekers.

    Tackling Phishing Post-COVID-19

    This evolution of the attack surface is suddenly altering established cyber security practices. Alongside requiring employees to be more vigilant and proactive about their non-office cyber security risks, how else should organisations go about managing the cyber security of a very differently structured and less coherent attack surface?

    Future responses should be two-fold. Firstly, organisations must actively support employees with resources and guidance. Remote working will persist, and such support as well as education about cyber risks is a long-term matter. Organisations must also think about redesigning security architectures: the environment around users could be tweaked to ameliorate the risk of phishing triggers reaching them.

    Here, using a variety of tools such as secured exchange servers, host-based security tools and email scanners that actively scan attachments for viruses and block harmful emails can go some way in preventing phishing threat to organisations. Also, using artificial intelligence tools to track active phishing sources and differentiate between real and fake websites could help protect users against phishing attacks.

    Secondly, there is the need to promote understanding of why we react in a certain way to phishing triggers, towards changing our behaviour to avoid falling victim. Ongoing public awareness campaigns and user awareness training on phishing must highlight such psychological biases, especially optimism bias (the belief that one is immune to falling prey to online scams), and provide applicable examples of how phishing can be avoided.

    After all, the end of the COVID-19 pandemic will not mean the end of human vulnerability to cyber-enabled attacks. Hopefully, awareness of phishing is sharpened as one result. We should expect phishing tactics to become more sophisticated and cyber criminals more ingenious, enabled as well by technological advances.

    Black swan events (unknown unknowns) could very well arise, any global crisis will have a cyber aspect, and protection plans must integrate cyber security. Cyber criminals see opportunity in every crisis, and cyber practitioners must anticipate such eventualities and endeavour to be one step ahead, or at least prepared to a point where they can respond appropriately.

    About the Authors

    Jennifer Yang Hui is an Associate Research Fellow and Teo Yi-Ling a Senior Fellow with the Centre of Excellence for National Security (CENS) and Future Issues and Technology (FIT) Cluster, S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University (NTU), Singapore. This joint contribution by CENS/FIT is part of an RSIS Series.

    Categories: Commentaries / Country and Region Studies / Non-Traditional Security / East Asia and Asia Pacific / Global / South Asia / Southeast Asia and ASEAN

    Last updated on 09/07/2020

    comments powered by Disqus
    RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies (RSIS), NTU. These commentaries may be reproduced with prior permission from RSIS and due credit to the author(s) and RSIS. Please email to Editor RSIS Commentary at [email protected].

    SYNOPSIS

    The greatly increased reliance on technology for work, education, business, and social interaction during the COVID-19 pandemic has opened up opportunities for cyber criminals. It is highly probable that post-COVID-19, this reliance will lead to a hyperconnected world.

    COMMENTARY

    ALMOST OVERNIGHT, the nature of organisational cyber security has changed as a consequence of the COVID-19 pandemic. These shifts have essentially mutated the nature of the digital threat surface. Where there were once  relatively contained and static IT environments to be managed along standardised protocols and policies, it is no longer the case now.

    People have been dispersed outside such environments  ̶  each to their own non-corporate networks; the systemic protections of which may or may not be consistent and robust as their corporate ones. A sudden surge in mass working over private, insecure connections thus gives attackers an easy entry.

    An Uptick in Phishing Attacks

    Unsurprisingly, alongside the worsening of the global pandemic, there has been a huge spike in phishing worldwide. “Phishing” is a cyber crime technique whereby users are duped into disclosing sensitive data such as personally identifiable information, password and bank details. Phishing is responsible for as much as 94% of coronavirus-related cyber attacks.

    In Singapore, an email supposedly sent by Prime Minister Lee Hsien Loong asked for “contributions and thoughts” from Singaporeans to address the spread of COVID-19. Scammers pretending to be Ministry of Health (MOH) employees and the contact tracing team asked people to collect documents from MOH, and obtained their personal information in the process. These are just some of the many examples of ‘phishing’ that Singapore encountered during the COVID-19 crisis.

    The importance of addressing the challenges posed by phishing has been emphasised by the Cyber Security Agency of Singapore (CSA). Since the outbreak of the COVID-19 pandemic, malicious cyber attacks taking advantage of the coronavirus theme have increased. Even before the pandemic, phishing has been an ongoing cyber security issue in Singapore. Phishing was one of the methods deployed in the SingHealth cyberattack, the most serious data breach in Singapore’s history.

    As an attractive target for cyber attacks, as many as 16,100 phishing URLs with a Singapore link were detected in 2018. For individuals, phishing poses the threat of unauthorised purchases, the stealing of funds, or identity theft. On the organisational and governmental level, phishing is often used by advanced persistent threat (APT) actors to gain a foothold in their networks as a part of a larger attack.

    The Human Factor: Social Engineering and Phishing

    Human nature does not change; people are hardwired to react in certain ways. In terms of tackling this “phishing pandemic”, it helps to understand some behavioural psychology around it. Cyber criminals are not focused on exploiting systemic or technological vulnerabilities – they seek to exploit vulnerabilities in human nature.

    This aspect of the phishing threat is using the tactic of social engineering. Essentially, social engineering broadly describes the ways in which people are manipulated into carrying out certain behaviours. In the context of cyber security or information security, social engineering is about getting people to disclose sensitive information or be exposed to malware.

    Social engineering appeals to the victims’ emotions; the stronger the emotional response (positive or negative) induced in the recipient, the greater the probability is for the recipient to not think clearly and carefully. An example of an emotional response is fear.

    Fundamentally, phishing taps into the fears people have to such a degree that they are unable to carefully discern the signs of scam e-mails. Such e-mails appear to be from legitimate organisations or authorities that possess personal or confidential information of the recipient (banks or government agencies, for example), or whose services provide quality of life to the recipient (for example, those provided by Amazon, Apple, or Netflix).

    For example, scammers took advantage of some common keywords used in the COVID-19 pandemic and paired them with terms such as ‘masks’, ‘loan’, ‘unemployment’ and ‘cure’ to bait information seekers.

    Tackling Phishing Post-COVID-19

    This evolution of the attack surface is suddenly altering established cyber security practices. Alongside requiring employees to be more vigilant and proactive about their non-office cyber security risks, how else should organisations go about managing the cyber security of a very differently structured and less coherent attack surface?

    Future responses should be two-fold. Firstly, organisations must actively support employees with resources and guidance. Remote working will persist, and such support as well as education about cyber risks is a long-term matter. Organisations must also think about redesigning security architectures: the environment around users could be tweaked to ameliorate the risk of phishing triggers reaching them.

    Here, using a variety of tools such as secured exchange servers, host-based security tools and email scanners that actively scan attachments for viruses and block harmful emails can go some way in preventing phishing threat to organisations. Also, using artificial intelligence tools to track active phishing sources and differentiate between real and fake websites could help protect users against phishing attacks.

    Secondly, there is the need to promote understanding of why we react in a certain way to phishing triggers, towards changing our behaviour to avoid falling victim. Ongoing public awareness campaigns and user awareness training on phishing must highlight such psychological biases, especially optimism bias (the belief that one is immune to falling prey to online scams), and provide applicable examples of how phishing can be avoided.

    After all, the end of the COVID-19 pandemic will not mean the end of human vulnerability to cyber-enabled attacks. Hopefully, awareness of phishing is sharpened as one result. We should expect phishing tactics to become more sophisticated and cyber criminals more ingenious, enabled as well by technological advances.

    Black swan events (unknown unknowns) could very well arise, any global crisis will have a cyber aspect, and protection plans must integrate cyber security. Cyber criminals see opportunity in every crisis, and cyber practitioners must anticipate such eventualities and endeavour to be one step ahead, or at least prepared to a point where they can respond appropriately.

    About the Authors

    Jennifer Yang Hui is an Associate Research Fellow and Teo Yi-Ling a Senior Fellow with the Centre of Excellence for National Security (CENS) and Future Issues and Technology (FIT) Cluster, S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University (NTU), Singapore. This joint contribution by CENS/FIT is part of an RSIS Series.

    Categories: Commentaries / Country and Region Studies / Non-Traditional Security

    Last updated on 09/07/2020

    Back to top

    Terms of Use | Privacy Statement
    Copyright © S. Rajaratnam School of International Studies. All rights reserved.
    This site uses cookies to offer you a better browsing experience. By continuing, you are agreeing to the use of cookies on your device as described in our privacy policy. Learn more
    OK
    Latest Book
    Global Health Security: COVID-19 and Its Impacts – Pandemic and Beyond: Phishing in a Larger Pond

    SYNOPSIS

    The greatly increased reliance on technology for work, education, business, and social interaction during the COVID-19 pandemic has opened up oppor ...
    more info