Hackers also use credential stuffing tactics to get access to employees' credentials, and the stolen information is again sold to other criminals in the digital black market. One of the effects is that firms that rely significantly on videoconferencing platforms will be severely disrupted. Credential stuffing is a type of cyberattack in which hackers utilize stolen login and password combinations to obtain access to all other accounts. Because it is fairly usual for people to use the same password and username for many accounts, this is conceivable. Cyber-attack most affected economic sectors are highlighted in Fig. 2 .

Cyber-attack: most affected economy sectors at the wake of COVID-19 health crisis.

The war on the digital economy during the lockdown caused by the COVID-19 health crisis cannot be over-emphasized. Therefore, cyber-attack most affected economic sectors are discussed as follows;

The financial industry faced numerous cyber security attacks during the COVID-19 crisis. At 5.85 million dollars, the mean cost of cybercrime in the financial services business is also among the highest of any industry (ibm.com, 2020, Najaf et al., 2020, Bossler, 2021). It has compelled financial institutions like banks and insurance firms to continue providing online assistance to their customers. Again, the majority of employees worked from home in an insecure network. Once employees are at work, they are bound by certain security measures, which were not there before and which became the new normal practice. Employees were more vulnerable to cyber risks when using an insecure network (Babulak et al., 2020). Customers increasingly rely on online banking, which exposes them to hackers. Hackers commonly target the financial sector with distributed denial of service (DDoS), phishing, and malware cyberattacks. ATM transactions (Omolara et al., 2019a, Omolara et al., 2019b, Omolara et al., 2019c) were visited by hackers that stole bank credit cards to withdraw money. During the Covid-19 crisis, there was an increase in credit card fraud (Zhu et al., 2021; Payne and Morgan, 2020). Therefore, there is an urgent need to protect data from intruders by developing a hybrid cipher (Omolara et al., 2014) and up-to-date safe encryption algorithms to secure data in online transactions.

In the case of insurance firm cyber-attack, the Avaddon gang attacked the European insurance business AXA in May 2020. The incident occurred shortly after the corporation announced significant insurance policy modifications. In essence, AXA said it would no longer reimburse many of its clients for ransomware charges. The hacker group acquired access to a colossal 3 TB of data in this one-of-a-kind (and rather ironic) threat on a cyber-insurance corporation that made the news. Another significant insurance firm was hit by ransomware earlier in March 2020. On March 21, 2020, a hacker group targeted CNA's network, encrypting 15,000 devices, including many computers used by remote employees. The hacking group Evil Corp is suspected of being behind the attack, which uses a new strain of malware known as Phoenix CryptoLocker.

A typical computer systems shutdown case occurred at Brno University Hospital due to a cyber-attack. The Brno University Hospital, is a significant Covid-19 testing site in the Czech Republic, was one of the first medical facilities obliged to turn away patients with serious illnesses and postpone surgeries. The World Health Organization (WHO) declared that cyber-attacks surged to fivefold during the COVID-19, causing public fear. Nearly 450 functional email addresses with a WHO username and passwords were compromised in the third week of April 2020 (World Health Organization. 2020). Hackers and invaders are well aware that the global healthcare system is in disarray as a result of the epidemic. Since more people use the remote care system, hackers were increasingly active in gaining access to healthcare systems all over the globe for financial benefit. Hackers attempted to gain access to a huge series of individual data and credentials of patients, according to the United States cybersecurity and infrastructure security agency and the United Kingdom's national cyber security centre (Lallie et al., 2021).

Throughout the pandemic, telemedicine became the only means to receive care. The treatment has made it easier for hackers to gather the needed information from specific patients. Before the pandemic, only 95 people in New York used telemedicine on a daily basis. However, during the disease outbreak, the number of patients surged by a factor of 44.30 times, and on a daily basis, nearly 4209 people used telemedicine. Ransomware assaults have increased dramatically as a result of these staggering numbers (Jalali et al., 2021). Different Cyber-attacks / data breaches in healthcare and academic organizations at the peak of the COVID-19 crisis, in Summary, is presented in Table 4 .

Different Cyber-attacks / data breaches in healthcare and academic organizations at the peak of COVID-19 crisis in summary as reported.

The abrupt transformation induced by the COVID-19 crisis significantly impacted educational systems. Most students at all levels now rely on e-learning, putting them at risk of cybercrime. In addition, most educational institutions use applications like Zoom for their e-learning processes. However, because of the attack, for instance, some schools in California were compelled to suspend their program activities for a few periods (Harris and Jones, 2020). COVID-19′s dreadful status jeopardized schooling at all levels. Education was also at risk as the pandemic spreads. Homebound students took classes through online e-tech systems, e-learning environments, and video-conferencing. Cybercriminals have hijacked video and teleconference sessions (known as Zoom-bombing) in the past to distribute unpleasant or dangerous content. Educational institutions should keep private information out of e-learning platforms. They should use a software-as-a-service (SaaS) solution rather than a local client. Furthermore, they should prevent third-party providers from having direct access, and evaluate vendors and their security documents on a regular basis.

In some countries like the United Arab Emirates (UAE), e-learning tools were deployed in higher education. For example, UNESCO supplied a variety of distant learning resources to assist many schools and organizations in adjusting to continuing their work during COVID-19 (UNESCO, 2020). Popular applications utilized to deliver lecture include WebEx, Zoom, Google Classroom, Ultra Collaborative, Skye, Blackboard Learn, GoToMeeting, Monitor Lockdown Browser, Respondus, amongst others. There are also many occasions where academic and non-academic staff and students communicate via social media platforms like Facebook, YouTube, WhatsApp, and others that offer online services that were used to promote education during the COVID-19 pandemic crisis. Thus, expert-led online courses were made available in English, French, Spanish, Italian, Portuguese, and other languages during the COVID-19 crisis.

A coronavirus-themed malware has been reported to overwrite a computer's Master Boot Record (MBR), rendering it unbootable. “Coronavirus Installer” is written in the malware file's description. Thus, the Covid-19 crisis and lockdown regulation was used as a trap by another Coronavirus-themed malicious HTA file (HTML executable file). It is most likely from the infamous SideWinder organization, which is known for targeting military targets. A pop-up PDF enticement with click-bait headlines and photographs of the Pakistan army is included in this HTA file. The CEOs and top executives of energy providers face a unique set of cyber and safety threats. Employees who use their residences to access crucial plant production and grid networks increase the likelihood of a second-wave crisis; rolling power outages and safety occurrences parallel when keeping the electricity or lights on is critical. The rush to remote systems, understaffed facilities, and new working modes will be exploited by attackers.

In the energy sector, in times of crisis, such as COVID-19, the focus is on how to protect the public and how to maintain power flowing to customers. Working remotely is the most important priority for utility companies, but this fact also exposes the energy business to threats from inside and outside its cyber defenses. Energy companies must protect their employees and concurrently avoid outages since lives are on the line. Energy companies are facing new cyber-risks as a result of remote working. Attackers will look for new weaknesses in an energy's infrastructure to exploit. Utilities are fundamentally changing their power generation workflows, and cybersecurity approaches and structures will need to be updated as well. New operational models will be required for distributed energy sources. Likewise, remote work and automation will boost productivity. Energy businesses will have to educate and train the next generation of workers. The frequency and sophistication of cyberattacks against electricity will continue to rise. As each trend forms the new reality, electricity companies will need to iteratively update cybersecurity policies to protect operations. Then keep the lights on both in the short, middle and long term.

The hack of Colonial Pipeline in late April received the most media attention of all the cyber and ransomware assaults in 2021. “The Colonial Pipeline attack had such an impact because the pipeline is an integral part of the national critical infrastructure system,” says Joe Giordano, director of Touro College Illinois' Cybersecurity Program. Gas supplies were disrupted all along the East Coast of the United States as a result of the system's downtime, producing confusion and panic.“ Due to the fact that most Americans are directly affected by gasoline shortages, this strike touched close to home for many people. The attack was carried out the DarkSide gang, which targeted the company's billing system and internal business network, causing major shortages across many states. Colonial Pipeline finally caved in to the cyber-attacker's demands and paid the group $4.4 million in bitcoin to avert additional disruption. Luckily, much of the $4.4 million ransom collected was recovered by US law enforcement. The money was traced thanks to the FBI's monitoring of bitcoin transactions and digital wallets.

If manufacturing sectors were under the impression that they were protected from cyberattacks, that belief is gradually disproving, especially in 2020. In the years 2017 and 2018, more people became cognizant of Industry 4.0 and the rise of cybercrime. However, many companies in the sector were completely uninformed of the risks. By 2019, the manufacturing industry had risen to the eighth most targeted sector by cyber criminals. Due to the pandemic restrictions, many organizations were compelled to rely nearly entirely on remote labor in 2020, which exacerbated the problem. While most of the world was unprepared for COVID-19′s impact, cyber attackers were prepared. The industrial industry has slipped from eighth to second place in terms of cyber-attacks. Monitoring the company's network ecosystem for anomalies is highly significant in protecting against cyber-attack. Some security procedures are impossible to implement when working from home during the COVID-19 crisis. For example, both legitimate and illegitimate directives came from outside the company. It is difficult to tell what they are and their intention. As a result, monitoring becomes even more important to distinguish between attackers and employees.

Some monitoring and surveillance can be automated, allowing relevant employees to spend more time investigating suspected activity. Nevertheless, the threat to the nation's essential infrastructure and government organizations has not flown under the radar. Public institutions such as government parastatals are beginning to implement stronger restrictions for corporations that secure sensitive data, despite their poor response to cyber threats in the past. The Cybersecurity Maturity Model Certification and the IoT Cybersecurity Act were introduced in 2020 as ways to implement minimal cybersecurity rules for enterprises that deal with government organizations. Even so, the full impact of these laws will not be felt until 2022 or 2026. Meanwhile, cybercriminals will continue targeting organizations that have ignored warnings and failed to implement cybersecurity solutions.

However, there is just one answer for industrial companies looking to avoid risks. They need to learn about the potential cybersecurity risks for manufacturing companies and how to create a comprehensive cybersecurity solution to identify and prevent attack vectors before they breach the company network.

The year 2020 and 2021 are years of the top significant data breaches ever globally. These breaches badly affected technology industries (information technology) such as Google, Twitter, Zoom, Amazon, Finastra, CDProjekt Red, SolarWind supply chain, etc. On its Chrome update page, Google stated that it is aware of exploits for two vulnerabilities, CVE-2021–38000 and CVE-2021–38003. However, both issues have been resolved, but only if Chrome users upgrade their browsers. “The Stable channel has been updated to 95.0,” Google verified the upgrade. Some well-known and well-respected Twitter accounts were hacked and exploited to spread false information about Bitcoin. The accounts asked for Bitcoin from their followers in exchange for a double reward. Despite the tweets being only active for a brief period, they made more than $100,000 in Bitcoin. Those who were tricked into transferring Bitcoin got nothing in return.

Zoom moved from a little-known boutique business to one of the most well-known and frequently used videos and audio conferencing systems almost overnight because of the quick increase in individuals working from home due to COVID-19. In Q2 2020, it had a factor of 3.55 times increase in revenue year over year. With such rapid expansion, Zoom had multiple security incidents, the most notable of which was the sale of over 500,000 user accounts on a dark web forum. According to reports, the accounts were accessed by utilizing user IDs and passwords that had previously been exposed in other breaches, a practice known as credential stuffing.

Finastra, a provider of software solutions company to financial institutions in many parts of the world, notably 90 of the top 100 banks, was hit by a ransomware attack that interrupted operations and forced the company to temporarily isolate compromised servers from the world wide web. Finastra has the US $1.9 billion in revenue, 9,000 + employees, and about 8,600 customers, with a global footprint and a broad set of financial technology products. Finastra likely have been a victim because of a history of issues pertaining to obsolete security practices and devices, like having four Citrix (NetScaler) servers vulnerable to CVE-2019–19781 operating in early January 2020, according to Bad Packets. This company monitors and helps in identifying cyber-security threats. Finastra said it employed “isolation, inquiry, and containment” to bring the case to court.

Other attacks were launched on CDProjekt Red, a well-known videogame studio in Poland. The HelloKitty gang hacked the company in February of this year. The hacker group gained access to source code for in-development games as well as encrypted gadgets. CDProjekt, on the other hand, has declined to pay the ransom and has backups in place to salvage the lost data.

In April 2020, REvil gang requested a $50 million ransom from computer manufacturer Quanta, similar to the Acer computer hack. Although Quanta is not a household name, it is one of Apple's most important business partners. REvil went after Apple when the company declined to negotiate with the hacker organization. They threatened to reveal more sensitive documents and data after disclosing Apple product blueprints taken from Quanta. REvil seems to have halted the offensive by May.

The biggest cyberattack in the year 2020 was the SolarWind supply chain attack that affected prominent private companies, including Microsoft, FireEye, Cisco, and NVidia, as well as multiple United States government organizations. Additionally, Amazon was the target of a massive DDoS attack by attackers.

Marriott hotel disclosed that personal information of about 5.2 million hotel guests was improperly obtained in 2020, marking the company's second major data breach in less than two years. Marriott is one of the leading hotels, with 7,300 hotel and resort locations in 134 countries. The visitor information was hacked in mid-January using login credentials from personnel at a franchised location, according to the firm, which was notified at the end of February 2020. Marriott has deactivated those logins and is cooperating with investigators. However, according to a statement, Marriott claims that the data breach did not affect their Marriott Bonvoy account passwords or PINs, emails, passport information, credit card information, address, and driver's license numbers.

Ransomware victims in the food and agriculture sector face enormous financial losses as a result of ransom payments, lost output, and remediation costs. Companies may potentially lose proprietary data and personally identifiable information (PII) as a result of a ransomware assault, as well as suffer reputational damage. For example, JBS S.A., a Brazilian meat processing corporation, was hit by a cyberattack on May 30, 2021, rendering its pork and beef slaughterhouses inoperable. Facilities in Australia, the United States, and Canada, were all hit by the attack. A ransomware attack on an unidentified US farm in January 2021 resulted in a $9 million loss because of the temporary closure of their farming operations. The identified adversary targeted their internal servers by getting full administrator access via hacked credentials. In another incidence, a United States bakery firm lost access to its server, data, and apps in July 2021, disrupting production, shipping, and receiving (MSP) due to the Sodinokibi/REvil ransomware attack. The ransomware was delivered using software used by an IT support managed service provider. The bakery was closed for about a week, causing delays in customer orders and ruining the company's reputation.

In the case of agricultural farm cyber-attacks, for example, a popular agricultural farm in the United States lost $9 million in productivity after being forced to shut down due to a ransomware threat. It is ultimately up to the firm whether or not to pay the ransom, but it is crucial to note that paying does not mean the problem is solved. According to the FBI, up to 80 % of ransomware victims who paid the blackmail experienced a repeated attack, either from the same criminals or from a new group, after paying the ransom. Likewise, Australia's agricultural business faced cyber-threat according to a new AgriFutures Australia research that examines the cyber hazards following two major cyber assaults in the last 12 months. Most rural agricultural industries that fail to protect themselves from cyber threats endanger not only themselves but also Australia's food security.

The number of ransomware cyberattacks is rising across all industries, but the transportation industry appears to be the hardest hit. Transportation organizations are more adversely affected by the global cybersecurity gap than others because they have not traditionally deployed significant security teams to defend their digital assets. According to Cybertalk.org, the transport sector saw a 186 % spike in weekly ransomware attacks between June 2020 and June 2021. For example, new York's Metropolitan Transportation Authority (MTA), North America's largest transportation network, had been targeted by a cyber-attacker, according to sources in June 2021. Downstate New York is served by the MTA, as are two counties in southwestern Connecticut. The transportation system handles about 11 million passengers on weekdays, and over 850,000 automobiles pass through the MTA's seven toll bridges. The MTA’s network cyber-incidence was reportedly perpetrated by the Chinese attackers that allegedly used a zero-day vulnerability in a remote access product from Pulse Connect Secure.

The demand for goods and services has shifted to e-commerce. While the number of e-commerce in total retail in the United States climbed modestly from 9.6 % to 11.8 % between the first and second quarters of 2020, that is, from 9.6 % to 11.8 %, it jumped to 16.1 % between the first and second quarters of 2020. The trend in the United Kingdom is similar: between the first quarter of 2018 and the first quarter of 2020, the share of e-commerce in retail increased from 17.3 % to 20.3 %, before increasing dramatically to 31.3 percent between the first and second quarters of 2020. Similar trends can be seen in other places, such as the People's Republic of China, in which the share of online retail sales in cummulative net retail sales increased to 24.6 % from January to August 2020, from 19.4 % in August 2019 and 17.3 % in August 2018.