Technology during lockdown – Expert Reaction

For at least the next four weeks, many Kiwis will rely on technology for work, learning, recreation and socialising.

The COVID-19 Alert Level 4 lockdown means people are staying connected through the internet and phone lines – but the network overloaded on Monday when too many people tried to make calls at once. Spark says it saw unprecedented phone demand, but it has plenty of broadband capacity.

Meanwhile, there are reports of cyber attackers and scammers gearing up to take advantage of the pandemic.

The SMC asked experts to comment on tech issues which may arise in a lockdown. Feel free to use these comments in your reporting or follow up with the contact details provided.

Professor Dave Parry, Head of Computer Science, AUT University, comments:

“Broadband capacity is huge – its very difficult to see it being overloaded, even with a massive increase in demand. International links are currently more than is needed and extra capacity is being added all the time.

“The major issue limiting people’s access is likely to be how they connect to the internet – fibre is very fast, followed by 3G and ADSL. Some rural areas working on copper lines might still be relatively slow, but these are being upgraded.

“Mobile overload normally happens because there are too many phones working near each other and the local cell gets overloaded. This happens quite often in disasters such as the Christchurch Earthquake. Operators manage demand and sometimes that means limiting connection numbers. WiFi, including public WiFi, will usually have a lot more capacity and is less likely to overload. Text messages may be delayed but are likely to get through.

“The biggest issue in terms of working from home and security is going to be using the family computer – If everyone uses it and it hasn’t had regular security patches then it could be compromised from something the kids may have downloaded. Home internet is normally as safe as anywhere as long as you haven’t turned off security to install it. Some public internet may not have security – you can tell by seeing if there is a padlock on the WiFi system icon.

“People are visiting a lot of new sites and changing what they do – some people will exploit that including using the fact that in an emergency people are less likely to check that something is legitimate. The biggest issue by far is spam and malicious email – be aware that if you are using a new email client it might not filter out the spam as well as the old one. Unless you are sure where an email has come from don’t click on any links – normally the ‘from’ address gives you a good idea, but also think, ‘is this something I’m expecting?’ Never give out passwords on the phone.

“The biggest issue with online education is keeping the communication going – both with teachers and with other students. Virtually all approaches use discussion areas or something similar. If you can avoid email, but communicate in a discussion forum then people can see each other’s questions and often answer each other. Just putting slides or even videos of lessons online is not as good as having a plan to communicate – one way might include having special times when you will be ‘live’.

“Trying to videoconference more than about 5 people is often tricky, but people are pretty good at typing! Rules around being polite and waiting your turn are really helpful. In most cases, I think teaches will spend a lot more time preparing lessons and finding resources than they normally do – but making sure ALL the students are involved is a big effort.

“The internet and phone system is incredibly reliable, but sometimes things don’t work. If you do need to change things, write down or take a picture of the current setup screens – it might just be a temporary issue and you want to be able to get back to what works. Things can get very frustrating – take a deep breath and wait – often the solution is obvious once you look at things calmly.”

No conflict of interest.

Associate Professor Ian Welch, School of Engineering and Computer Science, Victoria University of Wellington, comments:

“There is an increased cyber security risk because people who haven’t worked at home before might be more likely to not follow good practices or could be plugging in computers from work into their home network. The problem here being that the home network might be very insecure compared to the corporate one where the machine came from.

“In a way, it is the reverse of the ‘bring your own device’ problem where now instead of bringing an insecure device into a secure environment we have the opposite problem. The consequence could be a virus on the work computer that is used to steal sensitive information.

“The answer here is to make sure the firewall is enabled and ensure that all the standard security updates are applied that you would have automatically had applied at work. Note that this is purely speculation.

“On cyber scams – we’ve seen people take advantage of other’s misery in the past.

“Cyber scams are an extension of confidence tricks where con operators exploit both our better motivations such as trust but also our negative emotions such as fear and avarice. The ‘affect heuristic’ comes more into play when people do not have the resources or time to reflect, and this sounds like now. The affect heuristic relates to how emotions will affect our decision making and lead us to make automatic judgements rather than deliberate decision making. In lay terms, we rush to judgement.

“So phishing emails or Facebook messages (I’ve had my fair share of those recently) are about using fear to make people do the bad thing which is to click on that link or maybe rush a payment through to someone apparently in need. The FBI has recently warned about this. In this case, it’s about promises of money for your details via economic stimulus. These details are used to extract your money!

“In a recent attack, the aim is to get you to install ransomware. Following recent trends, it focuses on employees rather than home users.

“Standard guidance is to think – is it too good to be true? Have I never heard from them via email or Facebook before? Probably if the answers are yes, you should say no. You can also look up their email or phone number on the web or another independent source, or better, ring them to check.”

No conflict of interest declared.

Dr Syed Faraz Hasan, Senior Lecturer (Communication Engineering and Networks), Department of Mechanical and Electrical Engineering, Massey University, comments:

“Spark/Vodafone/2Degrees have what is called a ‘cellular network’ which is designed primarily for voice traffic and is typically limited in capacity. Increasing capacity on short notice is quite impossible. The impact of this limitation will reduce with the commercial use of 5G because it offers higher bandwidth and capacity.

“On the other hand, ‘data network’ carries data, which we often access using Wi-Fi, Fibre Optic cables, etc. These networks have considerably larger network capacity and are difficult to overload.

“I experienced congestion myself when I tried calling a student yesterday to confirm he had the right information about lecturing plans. I was able to get through to him in the next go, though.

“Stand-alone home devices are more vulnerable to cyber attacks if they don’t have access to organisational security mechanisms. Most organisations provide security through cloud-based solutions, which must remain active when people work from home.

“On online education – Massey has run a number of courses through online media between different campuses quite successfully over the past few years. Running a course from campus is easier because you have access to an enterprise network at both ends, network speed is fast and IT services are readily available. Having the same experience from home is more challenging because different participating devices and their enabling networks are not identical in terms of performance.”

Conflict of interest statement: I would declare no conflicts of interest except that I work at Massey.

Joe Burton, Senior Lecturer in the Political Science and Public Policy Programme and the New Zealand Institute for Security and Crime Science, University of Waikato, comments:

“New Zealand should have plenty of broadband capacity to cope with any increased demand stemming from people working from home. Increased capacity is likely to stem from more people using video calls to communicate with relatives, an increased use of streaming services, such as Netflix, and video conferencing replacing face to face meetings at work.

“The overload of the telephone network was not surprising given the unprecedented nature of the government’s lockdown announcement. The bandwidth consumed by Skype is not likely to impact overall network availability. In some countries, Internet Service Providers have limited bandwidth for certain internet uses, such as high definition streaming or gaming, but the pressure on the system appears to be manageable in New Zealand at this time.

“People should take extra care when working from home during this period. They should speak with their employers if they have any concerns about the security of their connection to work emails and networks. They should also make sure to update passwords, use different passwords for different accounts, use strong passwords with combinations of letters, numbers and symbols, make sure WiFi networks have strong security passwords as well as personal devices, make sure the latest security and software patches are downloaded for personal and work devices.

“The majority of cyber crime surrounding the coronavirus appears to be spear phishing – where an email recipient is fooled into clicking on a malicious link. People should exercise extra care in dealing with any email with a coronavirus subject line, make sure to verify the email address and the integrity of the sender of the email and should report instances of serious cyber crime to the authorities.

“Cyber criminals are seeking to take advantage of the coronavirus crisis, targeting people with malicious spear phishing emails with coronavirus subject lines. New Zealand authorities should prioritise the prosecution of individuals who seek to exploit the crisis. Cyber criminals frequently try and capitalise on major world events (the Olympics for example) to social engineer victims. People should also be aware that fake news about the virus is proliferating on the web, including misinformation about the source of the virus, and the ways it could mutate. People should verify information from untrusted sources and not share information on social media that distorts evidence from trusted authorities.

“People can spot malicious emails from poor language, bad design, veiled threats in the email, and/or calls to provide personal information.

“Regarding online learning – being in class with a teacher or lecturer is still the best way to educate. But we are all getting better at online provision of education. Universities have been developing online teaching and modules for years, and we should be able to replicate the classroom experience and provide good learning outcomes for students. We should look at this crisis as an opportunity to upskill in online learning, and read good academic research about what can make it most effective.

No conflict of interest declared