Fighting Fake News With Cyber Intelligence

The world's largest social media platforms have been pulling out all the stops to combat the wave of false reports, hacking attempts and outright lies that have spread like wildfire about COVID-19. 

People are sharing rumors, fake stories and half-truths about COVID-19 with each other directly across the likes of Instagram and Twitter as they struggle to understand how best to protect themselves and their families.

Current Internet Fake News
In today’s world, some of the most technically advanced and powerful cyber capabilities are free or offered as a service, which allows more people and groups to use them for their own purposes.  The Internet age has ushered in new threats to the democratic process. Most social discourse related to the democratic process now occurs online. 

This includes email, tweets, websites, databases, computer networks, and many other information technologies used by voters, electoral bodies, political parties and politicians, and the media. 

Russia's top coronavirus fake news stories were about Western plots which is a theme that is also popular in Chinese disinformation.  There was little hope of educating people who believed that type of thing, propaganda experts said.
But some of the lies had "real-world consequences" that were hard to ignore.

Claiming coronavirus is a biological warfare weapon on Russian website sputniknews.com was the top bogus story with 11,210 shares on social media platform Facebook.

The numbers reflected Facebook activity between January and mid-March on a set of 110 bogus Russian stories which the EU foreign service recorded in its Disinformation database.

China Is At It 
Chinese foreign ministry spokesman Lijian Zhao, for instance, retweeted a fake Russian news article entitled, "Covid-19: Further evidence that the virus originated in the US".  His retweet, on 13 March, was engaged with 45,000 times. 
And the Russian article it referenced back to was eventually shared over 60,000 times on Facebook, Twitter, and Reddit, and linked to by 116 other websites. 

The European Union Foreign Service has more data on Russia compared to China because it has a special mandate to strike back at "Russian disinformation". But it accused both of them of "pollution of the information space" in a recent report.

Canada’s Cyber Security
Canada is also among a large and growing group of countries that must defend against adversaries using cyber capabilities to covertly influence all three aspects of the democratic process. 

While Canada gears up to battle the spread of COVID-19, it's also bracing for a second, less tangible fight against a wave of disinformation that the country's top military commander warns is already being assembled in cyberspace. IT professionals in Canada are joining forces to protect their country's vital services and critical infrastructure from cyber-threats. 

The mission of the all-volunteer cyber-defense team will be to defend Canada's health-care providers, municipalities, and critical infrastructure from cyber-attacks launched amid the COVID-19 health crisis.

A volunteer recruitment effort led by the SecDev Group is calling on IT pros to lend a hand by providing preventative measures to thwart attackers. The group is also asking for assistance from volunteers who can offer remedial services that help organisations recover from cyber-attacks. General Jonathan Vance, Canada’s chief of the defence staff, said he's seen indications recently that Canada's adversaries intend to exploit the uncertainty, confusion and fear that many people feel after a week marked by swift and extraordinary developments in the global pandemic crisis.

As the fight continues to slow the spread of COVID-19, Canada's foreign signals intelligence agency is waging war against another type of virus: disinformation. 

Canada's spy agency the Communications Security Establishment (CSE) says it's already taken down a number of fraudulent sites that have spoofed the Public Health Agency of Canada, Canada Revenue, and most recently, Canada Border Services Agency. "We've taken down some COVID-related fake sites out there. We work with partners to do that type of thing. We're taking action," Scott Jones, head of the CSE's Canadian Centre for Cyber Security, told CBC News. 

According to Canada's RCMP police at least one case fraudsters posed as the Public Health Agency and told Canadians they had tested positive for COVID-19, then asked for credit card information for a prescription.

Criminals are also mimicking the federal government to send out coronavirus-themed phishing emails and malicious attachments, they said. Jones said criminals and state actors will try to exploit the global anxiety over the COVID-19 pandemic. "I've certainly seen that in some of these COVID spear-phishing attempts, it's to really tug on your heartstrings with somebody who had a death in the family, et cetera...They don't operate by the same ethics that the rest of us do."

Swindlers have tried to pitch miracle cures to treat or prevent coronavirus, while some private companies are offering faster testing when in fact only hospitals can perform the tests. In at least one case reported to the RCMP, criminals tried to sell a fake list of all the infected people in a neighbourhood.

Malicious actors will prey on anxiety: expert Farhaan Ladhani, director of the Digital Public Square at the Munk School of Global Affairs, has been researching disinformation around the COVID-19 pandemic. Canadians are feeling fearful and stressed and those strong emotional responses can be exploited online, he said.His team has sorted through more than 100,000 social media posts looking for common threads to help Canadians decipher fact from fiction.

Ladhani said some of the most common cases of disinformation are people believing healthy people should still wear a mask at all times, a myth that garlic can ward off infection and misleading reports that ultraviolet disinfection lamps can kill the virus.
"It's totally appropriate for people to be worried," he said, but urged people to look to reputable sources who have the most up-to-date information, including the World Health Organisation and the government's own website. 

CSE's takedowns come on the heels of the country's top military commander warning that Canada's adversaries intend to exploit these uncertain times. "There is absolutely going to be efforts on the part of state-sponsored and non-state-sponsored [actors] to try to make every step we take as a government, and indeed as allies, look bad," Vance told CBC News earlier this month.

The CSE also issued a targeted alert for the health-care sector late last week, amid concerns criminals and state actors will go after Canadian medical research labs and extract ransom payments from health providers.

The alert says organisations connected to COVID-19 response should increase their monitoring of network logs, remind employees to practice phishing awareness and ensure that servers and critical systems are updated.
Currently there does not appear to be any law in Canada that expressly prohibits the dissemination of false news “unless it is defamatory and covered by libel laws.

Canada’s Digital Charter emphasises the importance of democratic values and the protection of the country’s electoral system. 

Consistent with that framework, the Canadian government is using a multitude of tools and modifying existing processes to enhance citizen preparedness, improve organisational readiness, combat foreign interference, and increase the proactivity and accountability of social networks in protecting Canadian democracy.

Canadian Elections and Institutions 
Elections Canada is paying careful attention to these threats to democracy. Fake news online was brought to the attention of Canadian politicians in November 2016, as they debated helping assist local newspapers.Discussion in parliament contrasted increase of fake news online with down-sizing of Canadian newspapers and the impact for democracy in Canada.

No cyber-attacks on Canadian hospitals or institutions have been reported since the COVID-19 health crisis began, but hospitals in Paris and the Czech Republic and a medical research company in Britain that is working on a COVID-19 vaccine have all been targeted and the global list goes on. 

EUvsDisiNFO:     EU Observer:   InfoSecurity Magazine:     Communications Security Establishment:      CBC

CBC:        Library of Congress:     Elections Canada:       Politico:       Wikipedi - Fake News

You Might Also Read: 

Fake News Uses Coronavirus To Spread Malware:

 

 

 

« Beware Spoofing Attacks
Zoom-Bombing Hijackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Gurucul

Gurucul

Gurucul predictive security analytics protects against insider threats, account compromise and data exfiltration on-premises and in the cloud.

NXP Semiconductors

NXP Semiconductors

NXP is a world leader in secure connectivity solutions for embedded applications and the Internet of Things.

Rogue Wave Software

Rogue Wave Software

At Rogue Wave, our mission is to simplify your hardest problems, improve software quality and security, and shorten the time it takes to deliver value.

Portuguese Institute for Accreditation (IPAC)

Portuguese Institute for Accreditation (IPAC)

IPAC is the national accreditation body for Portugal. The directory of members provides details of organisations offering certification services for ISO 27001.

ISMAC

ISMAC

ISMAC was founded to create a security solution that would work for smaller to medium as well as bigger corporations at an affordable price.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

Venustech

Venustech

Venustech is a leading provider of network security products, trusted security management platforms, specialized security services and solutions.

QAlified

QAlified

QAlified offer independent testing and quality assurance services for software projects including security testing.

Atomic Data

Atomic Data

Atomic Data is an on-demand, always-on, pay-as-you-go expert extension of your enterprise IT team and infrastructure.

FastNetMon

FastNetMon

FastNetMon is a very high performance DDoS detection and mitigation tool which could detect malicious traffic in your network and immediately block it.

GajShield

GajShield

GajShield Infotech provides Data Security Firewall solutions to Corporate’s and Government agencies.

Mosyle

Mosyle

Businesses and educational institutions rely on Mosyle to manage and secure their Apple devices and networks.

Digital Edge

Digital Edge

Digital Edge provides unparalleled Managed Cloud Solutions, as well as superior Information Technology Support Services.

CodeLock

CodeLock

Codelock is a patent-pending solution that continuously provides software security at the code level, while providing advanced management insights with performance metrics and data analytics.

CyFlare

CyFlare

CyFlare’s security platform integrates your tools with ours – delivering true positives, automated remediation, and interactive analytics built for security management teams.

Cambridge International Systems

Cambridge International Systems

For more than 25 years, Cambridge has been fighting bad actors in both the cyber and physical worlds.