Fighting Fake News With Cyber Intelligence

Uploaded on 2020-04-03 in NEWS-News Analysis, GOVERNMENT-National, FREE TO VIEW

The world's largest social media platforms have been pulling out all the stops to combat the wave of false reports, hacking attempts and outright lies that have spread like wildfire about COVID-19. 

People are sharing rumors, fake stories and half-truths about COVID-19 with each other directly across the likes of Instagram and Twitter as they struggle to understand how best to protect themselves and their families.

Current Internet Fake News
In today’s world, some of the most technically advanced and powerful cyber capabilities are free or offered as a service, which allows more people and groups to use them for their own purposes.  The Internet age has ushered in new threats to the democratic process. Most social discourse related to the democratic process now occurs online. 

This includes email, tweets, websites, databases, computer networks, and many other information technologies used by voters, electoral bodies, political parties and politicians, and the media. 

Russia's top coronavirus fake news stories were about Western plots which is a theme that is also popular in Chinese disinformation.  There was little hope of educating people who believed that type of thing, propaganda experts said.
But some of the lies had "real-world consequences" that were hard to ignore.

Claiming coronavirus is a biological warfare weapon on Russian website sputniknews.com was the top bogus story with 11,210 shares on social media platform Facebook.

The numbers reflected Facebook activity between January and mid-March on a set of 110 bogus Russian stories which the EU foreign service recorded in its Disinformation database.

China Is At It 
Chinese foreign ministry spokesman Lijian Zhao, for instance, retweeted a fake Russian news article entitled, "Covid-19: Further evidence that the virus originated in the US".  His retweet, on 13 March, was engaged with 45,000 times. 
And the Russian article it referenced back to was eventually shared over 60,000 times on Facebook, Twitter, and Reddit, and linked to by 116 other websites. 

The European Union Foreign Service has more data on Russia compared to China because it has a special mandate to strike back at "Russian disinformation". But it accused both of them of "pollution of the information space" in a recent report.

Canada’s Cyber Security
Canada is also among a large and growing group of countries that must defend against adversaries using cyber capabilities to covertly influence all three aspects of the democratic process. 

While Canada gears up to battle the spread of COVID-19, it's also bracing for a second, less tangible fight against a wave of disinformation that the country's top military commander warns is already being assembled in cyberspace. IT professionals in Canada are joining forces to protect their country's vital services and critical infrastructure from cyber-threats. 

The mission of the all-volunteer cyber-defense team will be to defend Canada's health-care providers, municipalities, and critical infrastructure from cyber-attacks launched amid the COVID-19 health crisis.

A volunteer recruitment effort led by the SecDev Group is calling on IT pros to lend a hand by providing preventative measures to thwart attackers. The group is also asking for assistance from volunteers who can offer remedial services that help organisations recover from cyber-attacks. General Jonathan Vance, Canada’s chief of the defence staff, said he's seen indications recently that Canada's adversaries intend to exploit the uncertainty, confusion and fear that many people feel after a week marked by swift and extraordinary developments in the global pandemic crisis.

As the fight continues to slow the spread of COVID-19, Canada's foreign signals intelligence agency is waging war against another type of virus: disinformation. 

Canada's spy agency the Communications Security Establishment (CSE) says it's already taken down a number of fraudulent sites that have spoofed the Public Health Agency of Canada, Canada Revenue, and most recently, Canada Border Services Agency. "We've taken down some COVID-related fake sites out there. We work with partners to do that type of thing. We're taking action," Scott Jones, head of the CSE's Canadian Centre for Cyber Security, told CBC News. 

According to Canada's RCMP police at least one case fraudsters posed as the Public Health Agency and told Canadians they had tested positive for COVID-19, then asked for credit card information for a prescription.

Criminals are also mimicking the federal government to send out coronavirus-themed phishing emails and malicious attachments, they said. Jones said criminals and state actors will try to exploit the global anxiety over the COVID-19 pandemic. "I've certainly seen that in some of these COVID spear-phishing attempts, it's to really tug on your heartstrings with somebody who had a death in the family, et cetera...They don't operate by the same ethics that the rest of us do."

Swindlers have tried to pitch miracle cures to treat or prevent coronavirus, while some private companies are offering faster testing when in fact only hospitals can perform the tests. In at least one case reported to the RCMP, criminals tried to sell a fake list of all the infected people in a neighbourhood.

Malicious actors will prey on anxiety: expert Farhaan Ladhani, director of the Digital Public Square at the Munk School of Global Affairs, has been researching disinformation around the COVID-19 pandemic. Canadians are feeling fearful and stressed and those strong emotional responses can be exploited online, he said.His team has sorted through more than 100,000 social media posts looking for common threads to help Canadians decipher fact from fiction.

Ladhani said some of the most common cases of disinformation are people believing healthy people should still wear a mask at all times, a myth that garlic can ward off infection and misleading reports that ultraviolet disinfection lamps can kill the virus.
"It's totally appropriate for people to be worried," he said, but urged people to look to reputable sources who have the most up-to-date information, including the World Health Organisation and the government's own website. 

CSE's takedowns come on the heels of the country's top military commander warning that Canada's adversaries intend to exploit these uncertain times. "There is absolutely going to be efforts on the part of state-sponsored and non-state-sponsored [actors] to try to make every step we take as a government, and indeed as allies, look bad," Vance told CBC News earlier this month.

The CSE also issued a targeted alert for the health-care sector late last week, amid concerns criminals and state actors will go after Canadian medical research labs and extract ransom payments from health providers.

The alert says organisations connected to COVID-19 response should increase their monitoring of network logs, remind employees to practice phishing awareness and ensure that servers and critical systems are updated.
Currently there does not appear to be any law in Canada that expressly prohibits the dissemination of false news “unless it is defamatory and covered by libel laws.

Canada’s Digital Charter emphasises the importance of democratic values and the protection of the country’s electoral system. 

Consistent with that framework, the Canadian government is using a multitude of tools and modifying existing processes to enhance citizen preparedness, improve organisational readiness, combat foreign interference, and increase the proactivity and accountability of social networks in protecting Canadian democracy.

Canadian Elections and Institutions 
Elections Canada is paying careful attention to these threats to democracy. Fake news online was brought to the attention of Canadian politicians in November 2016, as they debated helping assist local newspapers.Discussion in parliament contrasted increase of fake news online with down-sizing of Canadian newspapers and the impact for democracy in Canada.

No cyber-attacks on Canadian hospitals or institutions have been reported since the COVID-19 health crisis began, but hospitals in Paris and the Czech Republic and a medical research company in Britain that is working on a COVID-19 vaccine have all been targeted and the global list goes on. 

EUvsDisiNFO:     EU Observer:   InfoSecurity Magazine:     Communications Security Establishment:      CBC

CBC:        Library of Congress:     Elections Canada:       Politico:       Wikipedi - Fake News

You Might Also Read: 

Fake News Uses Coronavirus To Spread Malware:

 

 

 

« Beware Spoofing Attacks
Zoom-Bombing Hijackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

CERT-SE

CERT-SE

CERT-SE is the national and governmental Computer Security Incident Response Team of Sweden.

SecuriThings

SecuriThings

SecuriThings is a User and Entity Behavioral Analytics (UEBA) solution for IoT security.

Cambridge Intelligence

Cambridge Intelligence

Cambridge Intelligence are experts in network visualization and finding hidden trends in complex connected data. Applications include cybersecurity.

Redspin

Redspin

Redspin provide penetration testing, security assessments and consulting services.

Executive Women's Forum (EWF)

Executive Women's Forum (EWF)

The Executive Women's Forum is the largest member organization serving emerging leaders and influential female executives in the Information Security, Risk Management and Privacy industries.

MAY Cyber Technology

MAY Cyber Technology

MAY Cyber Technology is a Security Management solutions provider located in Turkey & Germany.

National Cyber Security Centre (NCSC) - New Zealand

National Cyber Security Centre (NCSC) - New Zealand

The role of the NCSC is to help New Zealand’s most significant public and private sector organisations to protect their information systems from advanced cyber-borne threats.

Devel

Devel

Devel is a LATAM cybersecurity company specialized in providing red, blue and purple team services for the financial sector.

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI) is an independent, global think-tank. We bring together the world’s top global researchers to undertake ground-breaking research on blockchain technology.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

Soffid

Soffid

Soffid provides full Single-Sign-On experience and full Identity and Access Management features by policy-based centralised orchestration of user identities.

WebSec B.V.

WebSec B.V.

WebSec is a Dutch Cybersecurity firm mainly focused on offensive security services such as pentesting, red teaming and security awareness and phishing campaigns.

Open Source Security Foundation (OpenSSF)

Open Source Security Foundation (OpenSSF)

OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

Cyber Ranges

Cyber Ranges

Cyber Ranges is the next-generation cyber range for the development of cyber capabilities and the validation of cyber security skills and organizational cyber resilience.

Core4ce

Core4ce

Core4ce is a mission-oriented company that serves as a trusted partner to the national security community.

Binarii Labs

Binarii Labs

Binarii are focused on helping enterprises to design and deploy SaaS solutions that utilise DLT (Digital Ledger Technology) effectively, efficiently and sensibly.