Fighting Fake News With Cyber Intelligence

Uploaded on 2020-04-03 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

The world's largest social media platforms have been pulling out all the stops to combat the wave of false reports, hacking attempts and outright lies that have spread like wildfire about COVID-19. 

People are sharing rumors, fake stories and half-truths about COVID-19 with each other directly across the likes of Instagram and Twitter as they struggle to understand how best to protect themselves and their families.

Current Internet Fake News
In today’s world, some of the most technically advanced and powerful cyber capabilities are free or offered as a service, which allows more people and groups to use them for their own purposes.  The Internet age has ushered in new threats to the democratic process. Most social discourse related to the democratic process now occurs online. 

This includes email, tweets, websites, databases, computer networks, and many other information technologies used by voters, electoral bodies, political parties and politicians, and the media. 

Russia's top coronavirus fake news stories were about Western plots which is a theme that is also popular in Chinese disinformation.  There was little hope of educating people who believed that type of thing, propaganda experts said.
But some of the lies had "real-world consequences" that were hard to ignore.

Claiming coronavirus is a biological warfare weapon on Russian website sputniknews.com was the top bogus story with 11,210 shares on social media platform Facebook.

The numbers reflected Facebook activity between January and mid-March on a set of 110 bogus Russian stories which the EU foreign service recorded in its Disinformation database.

China Is At It 
Chinese foreign ministry spokesman Lijian Zhao, for instance, retweeted a fake Russian news article entitled, "Covid-19: Further evidence that the virus originated in the US".  His retweet, on 13 March, was engaged with 45,000 times. 
And the Russian article it referenced back to was eventually shared over 60,000 times on Facebook, Twitter, and Reddit, and linked to by 116 other websites. 

The European Union Foreign Service has more data on Russia compared to China because it has a special mandate to strike back at "Russian disinformation". But it accused both of them of "pollution of the information space" in a recent report.

Canada’s Cyber Security
Canada is also among a large and growing group of countries that must defend against adversaries using cyber capabilities to covertly influence all three aspects of the democratic process. 

While Canada gears up to battle the spread of COVID-19, it's also bracing for a second, less tangible fight against a wave of disinformation that the country's top military commander warns is already being assembled in cyberspace. IT professionals in Canada are joining forces to protect their country's vital services and critical infrastructure from cyber-threats. 

The mission of the all-volunteer cyber-defense team will be to defend Canada's health-care providers, municipalities, and critical infrastructure from cyber-attacks launched amid the COVID-19 health crisis.

A volunteer recruitment effort led by the SecDev Group is calling on IT pros to lend a hand by providing preventative measures to thwart attackers. The group is also asking for assistance from volunteers who can offer remedial services that help organisations recover from cyber-attacks. General Jonathan Vance, Canada’s chief of the defence staff, said he's seen indications recently that Canada's adversaries intend to exploit the uncertainty, confusion and fear that many people feel after a week marked by swift and extraordinary developments in the global pandemic crisis.

As the fight continues to slow the spread of COVID-19, Canada's foreign signals intelligence agency is waging war against another type of virus: disinformation. 

Canada's spy agency the Communications Security Establishment (CSE) says it's already taken down a number of fraudulent sites that have spoofed the Public Health Agency of Canada, Canada Revenue, and most recently, Canada Border Services Agency. "We've taken down some COVID-related fake sites out there. We work with partners to do that type of thing. We're taking action," Scott Jones, head of the CSE's Canadian Centre for Cyber Security, told CBC News. 

According to Canada's RCMP police at least one case fraudsters posed as the Public Health Agency and told Canadians they had tested positive for COVID-19, then asked for credit card information for a prescription.

Criminals are also mimicking the federal government to send out coronavirus-themed phishing emails and malicious attachments, they said. Jones said criminals and state actors will try to exploit the global anxiety over the COVID-19 pandemic. "I've certainly seen that in some of these COVID spear-phishing attempts, it's to really tug on your heartstrings with somebody who had a death in the family, et cetera...They don't operate by the same ethics that the rest of us do."

Swindlers have tried to pitch miracle cures to treat or prevent coronavirus, while some private companies are offering faster testing when in fact only hospitals can perform the tests. In at least one case reported to the RCMP, criminals tried to sell a fake list of all the infected people in a neighbourhood.

Malicious actors will prey on anxiety: expert Farhaan Ladhani, director of the Digital Public Square at the Munk School of Global Affairs, has been researching disinformation around the COVID-19 pandemic. Canadians are feeling fearful and stressed and those strong emotional responses can be exploited online, he said.His team has sorted through more than 100,000 social media posts looking for common threads to help Canadians decipher fact from fiction.

Ladhani said some of the most common cases of disinformation are people believing healthy people should still wear a mask at all times, a myth that garlic can ward off infection and misleading reports that ultraviolet disinfection lamps can kill the virus.
"It's totally appropriate for people to be worried," he said, but urged people to look to reputable sources who have the most up-to-date information, including the World Health Organisation and the government's own website. 

CSE's takedowns come on the heels of the country's top military commander warning that Canada's adversaries intend to exploit these uncertain times. "There is absolutely going to be efforts on the part of state-sponsored and non-state-sponsored [actors] to try to make every step we take as a government, and indeed as allies, look bad," Vance told CBC News earlier this month.

The CSE also issued a targeted alert for the health-care sector late last week, amid concerns criminals and state actors will go after Canadian medical research labs and extract ransom payments from health providers.

The alert says organisations connected to COVID-19 response should increase their monitoring of network logs, remind employees to practice phishing awareness and ensure that servers and critical systems are updated.
Currently there does not appear to be any law in Canada that expressly prohibits the dissemination of false news “unless it is defamatory and covered by libel laws.

Canada’s Digital Charter emphasises the importance of democratic values and the protection of the country’s electoral system. 

Consistent with that framework, the Canadian government is using a multitude of tools and modifying existing processes to enhance citizen preparedness, improve organisational readiness, combat foreign interference, and increase the proactivity and accountability of social networks in protecting Canadian democracy.

Canadian Elections and Institutions 
Elections Canada is paying careful attention to these threats to democracy. Fake news online was brought to the attention of Canadian politicians in November 2016, as they debated helping assist local newspapers.Discussion in parliament contrasted increase of fake news online with down-sizing of Canadian newspapers and the impact for democracy in Canada.

No cyber-attacks on Canadian hospitals or institutions have been reported since the COVID-19 health crisis began, but hospitals in Paris and the Czech Republic and a medical research company in Britain that is working on a COVID-19 vaccine have all been targeted and the global list goes on. 

EUvsDisiNFO:     EU Observer:   InfoSecurity Magazine:     Communications Security Establishment:      CBC

CBC:        Library of Congress:     Elections Canada:       Politico:       Wikipedi - Fake News

You Might Also Read: 

Fake News Uses Coronavirus To Spread Malware:

 

 

 

« Beware Spoofing Attacks
Zoom-Bombing Hijackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

Bryan Cave LLP

Bryan Cave LLP

Bryan Cave LLP is a global business and litigation law firm. Practice areas include Data Privacy and Security.

National Cyber Security Centre Finland (NCSC-FI)

National Cyber Security Centre Finland (NCSC-FI)

The NCSC-FI develops and monitors the operational reliability and security of communications networks and services in Finland.

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

Towergate Insurance

Towergate Insurance

Towergate Insurance is a leading UK specialist insurance broker. Business products include Cyber Liability Insurance.

Massive Alliance

Massive Alliance

Massive is a global service agency providing internet monitoring, data & security threat surveillance and reputation management.

Torsion Information Security

Torsion Information Security

Torsion is an innovative information security and compliance engine, which runs either in the cloud or your data centre.

4Stop

4Stop

4Stop is a global KYC, compliance and anti-fraud risk management company.

ReFirm Labs

ReFirm Labs

ReFirm Labs provides the tools you need for firmware security, vetting, analysis and continuous IoT security monitoring.

Logic Supply

Logic Supply

Logic Supply is a global industrial PC company focused on hardware for the IoT edge. We design highly-configurable computers engineered for reliability.

CYBAVO

CYBAVO

CYBAVO is a cryptocurrency security company founded by experts from the cryptocurrency and security industries.

Cyphra

Cyphra

Cyphra’s team provide cyber security consulting, technical and managed services expertise and experience to support your organisation.

Immuta

Immuta

Immuta empowers data engineering and operations teams to automate data governance, security, access control & privacy protection.

Palmchip

Palmchip

Palmchip is a Cyber Security, SOC and Software consulting company. We design and develop high performance and secure applications.

Institute for Pervasive Cybersecurity - Boise State University

Institute for Pervasive Cybersecurity - Boise State University

Boise State University’s Institute for Pervasive Cybersecurity is a leader of innovative cybersecurity research and advancement in Idaho and the region.

Dexian

Dexian

Dexian is a leading provider of staffing, IT, and workforce solutions with nearly 12,000 employees and 70 locations worldwide.

Winslow Technology Group (WTG)

Winslow Technology Group (WTG)

Winslow Technology Group is a leading provider of IT Solutions, Managed Services, and Cybersecurity Services dedicated to providing exceptional business outcomes for our customers since 2003.