Health and Healthcare Systems

How do we beat COVID-19 cybercrime? By working together

Global, cross-sector teamwork is key to beating the COVID-19 cybercriminals Image: Gerd Altmann on Pixabay

Amy Hogan-Burney
General Manager, Cybersecurity Policy and Protection; Associate General Counsel, Microsoft Corp.
Derek Manky
Chief Security Strategist and Global Vice-President Threat Intelligence, Fortinet Inc.
Tal Goldstein
Head of Strategy and Policy, Centre for Cybersecurity, World Economic Forum Geneva
Michael Daniel
President and Chief Executive Officer, Cyber Threat Alliance
Our Impact
What's the World Economic Forum doing to accelerate action on Health and Healthcare Systems?
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:


This article is part of: Annual Meeting on Cybersecurity
  • COVID-19 is proving to be a boon for cybercriminals and fraudsters all over the world.
  • The only way to beat them is through strong collaboration between the public and private sectors.
  • Here's what a proposed global architecture to facilitate this kind of cooperation could look like.

Cybercrime is a major threat to global prosperity. Even now, in the midst of the worst public health crisis in a century, the cybercriminals just keep at it.

Global COVID-19 campaigns include lures themed on regional health authority impersonations, fake vaccination information, purchase or delivery of personal protective equipment (PPE), employee targets spoofed from HR, medical and pharmaceutical supplies, and even false job promises.

This should not come as a surprise. Cybercriminals have proven highly adept at exploiting a crisis or global event, and a digital ecosystem where the risk of getting caught remains very low and the potential returns are very high. Moreover, the profits from these malicious activities allow for continuous improvement in capabilities that often surpass the intensive cybersecurity investments made by government or corporate victims.

Have you read?

Acting against cybercrime

As argued in a previous Agenda article, we must confront cybercrime at its source to systemically reduce its global impact. An effective response to cybercrime requires exploring many possible courses of action and taking the interests of both the public and private sectors into account. Further, an optimal plan of action should leverage the expertise of both public and private sectors.

Designing and implementing such responses requires creativity in the conceptualisation and implementation of collaborative actions. We need to quickly disrupt cybercriminal infrastructures and services in ways that raise the cost to criminal actors, in a coordinated effort. And, where possible we need to attribute and prosecute cybercrime to raise the risk to criminal actors and offer justice to victims. This ultimately slows the adversary in their tracks; agility is often a luxury they enjoy.

Unlike other criminal areas, the private sector often has superior access to technical information and the capacity to identify, track and analyse cybercriminal infrastructures and services. This capability gives the private sector the ability not only to uncover criminal activities, but also to undertake targeted, disruptive actions by dismantling the criminals' infrastructure. However, these capabilities have limits and only governments have the legal authority to prosecute cybercriminals and impose penalties. Thus neither the private nor the public sectors have sufficient capabilities reduce the global impact of cybercrime on their own.

Partnership against cybercrime

Given the limitations on each sector, the only way to achieve the goal of reducing global cybercrime is through public-private cooperation. To this end, The World Economic Forum's Partnership Against Cybercrime initiative launched in April 2020 with the mission to explore ways to amplify public-private collaboration, improve the effectiveness of cybercrime investigations, and enhance the potential of disruptive actions against cybercriminal infrastructures. The initiative includes around 50 representatives from cyber-related service and platform providers, multinational financial organizations, government agencies, international organizations and leading non-for-profit alliances.

More than one in two companies fears cyberattacks as a result of new working practices
More than one in two companies fears cyberattacks as a result of new working practices Image: World Economic Forum COVID-19 Risks Outlook

Building constructive cooperation

The initiative’s working group has highlighted four factors that enable sustainable, repeatable and effective cooperation. Firstly, while the end goal of cooperation serves a greater good, any collaboration must take into account the respective interests and missions of the participants. This consideration does not mean that the return on investment has to be immediate or direct, but ultimately all participants must derive value from the cooperation. For those who share the vision and values, this return could be achieved through simple steps like public recognition and bidirectional feedback. This allows for further enhancement of the sharing model as time progresses.

The second factor is trust. Trust is the scaffolding that enables collaborative groups to function. As a result, trust-building behaviours are an important dimension in the discussion. Ensuring transparency, promoting equity and fairness, making voluntary sharing the default option, and favouring joint decision-making are some of the ways to build trust over the long-term. Concerns and challenges, such as consumers’ privacy or geopolitical constraints, need to be acknowledged as well.

The third factor is strategic alignment. All operations have concrete objectives; however, the participants also need to agree on the strategic goals. All participants must understand each other’s respective needs, goals and values and continuously identify mutual ground.

The fourth factor is structure. Effective, long-term cooperation requires transparent, repeatable business rules, processes and governance. While much of the current cooperation is based on personal relationships, we need to make cooperation more systematic and durable.


How is the Forum tackling global cybersecurity challenges?

Facilitating cooperation

Many public, private and non-profit organizations cooperate to fight cybercrime today - and yet current collaborative efforts are not sufficient. What else is required? The initiative has identified the need for a global architecture that will increase the scope, scale, speed and sustainability of public-private cooperation. Such a structure would need to support both small groups focused on concrete operations and long-term alignment, trust-building, and agenda-setting within the broader community. In addition, this global architecture should build as much as possible on the many existing cyber-related structures and initiatives, rather than adding new bodies to the already complex global cyber landscape.

One possible collaboration structure being considered by the Forum’s initiative would be to establish a loosely-coupled global alliance connected through permanent nodes and temporary threat cells. This global alliance would provide the overarching narrative and commitment, and allow for long-term dialogue to achieve strategic alignment. Permanent nodes would maintain the necessary infrastructure (technical, legal and business) over time and would provide a place for temporary threat-focused cells to work on specific operations and take action. Finally, this model also allows for a more robust and balanced model, which is essential for high availability and continued support.


The internet is built to enable collaboration – in fact, that concept drove its creation. Unfortunately, malicious actors have learned this lesson all too well and it is part of what makes them so dangerous and effective. On the defenders' side, we’ve known for a long time that we need to collaborate to combat cybercrime, but we haven’t figured out how to do so effectively. With the conceptual framework emerging from the Forum’s initiative, we now have the first step needed to make collaboration a reality.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Related topics:
Health and Healthcare SystemsCybersecurity
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

Renovation and reinvention are key to saving our food system. Here's why

Juliana Weltman Glezer

June 13, 2024

About Us



Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum