Internet Security

More Warnings Over Scams Aimed at Zoom, Teams and Meet Users

Reports indicate that hackers are still using domains related to popular remote, collaborative working platforms to target users working from home with phishing scams during the lockdown.

Domains

Almost as soon as the lockdown started, there were reports at the beginning of April by Cybersecurity company ‘Check Point’  that there had been a major increase in new domains registered that included the word ‘Zoom’ and other suspicious characteristics. It was also reported at the time that the official classroom.google.com website had been impersonated by googloclassroom.com and googieclassroom.com.

Zoom, Teams, and Meet

The most recent Check Point Research shows that scammers have widened their attack strategy by registered domains not just to pose as Zoom, but also as Microsoft Teams, and Google Meet-related URLs.

Check Point Research reports that, in just the last 3 weeks, 2,449 Zoom-related domains have been registered, 32 of which are malicious and 320 categorised as “suspicious”

WHO Impersonated

Check Point Research also shows that scammers have been sending phishing emails posing as the World Health Organisation with malware attachments and asking for donations to the WHO where any payments made go into known, compromised bitcoin wallets.

The WHO now has a page warning about the risk of being targeted with fraudulent email and WhatsApp messages by scammers taking advantage of the COVID-19 pandemic and claiming to be from the WHO. The page gives advice about how to verify authenticity before responding and how to spot and prevent phishing.  See https://www.who.int/about/communications/cyber-security

Nation-State Cyber Espionage To Steal COVID-19 Research

In a more sinister turn, the UK’s National Cyber Security Centre (NCSC) has reported that UK universities and scientific institutes involved in COVID-19 research are being targeted with cyber espionage by nation state-sponsored actors e.g. Russia, Iran, and China, allegedly looking for information about studies conducted by UK organisations related to the COVID-19 pandemic.

Protection

Ways that users can protect their computers/devices, networks and businesses from these types of threats, as suggested by Check Point, include being extra cautious with emails and files from unfamiliar senders, not opening attachments or clicking on links in emails (phishing scams), and by paying close attention to the spelling of domains, email addresses and spelling errors in emails/on websites.  Check Point also suggests Googling the company you are looking for to find their official website rather than just clicking on a link in an email, which could redirect to a fake (phishing) site.

What Does This Mean For Your Business?

Cybercriminals are quick to capitalise on situations where people have been adversely affected by unusual events and where they know people are in unfamiliar territory.  At the moment, people are also divided geographically and are trying to cope with many situations at the same time, may be a little distracted, and may be less vigilant than normal.  As long as the pandemic continues, these types of scams also look set to continue and evolve.  It is also shocking (but perhaps not surprising) to see how nation states appear to be sponsoring attacks on each other’s research institutions to get an advantage in defeating COVID-19.

The message to businesses, however, is that extra vigilance is still needed and that all employees need to be very careful, particularly in how they deal with emails from unknown sources, or from apparently known sources offering convincing reasons and incentives to click on links or download files.

Featured Article – Securely Disposing of Old Equipment

When our PCs, laptops, phones, and other devices need to be replaced, disposing of them in a way that does not pose a data security risk is especially important. Here are some tips on how to dispose of devices securely.

Backup

Before you begin the disposal process of your device the first thing to do is to make sure that you have a backup of all your important files and data.

Backing Up Your PC

To back up your PC, you could use:

– An external hard drive e.g. WD MyBook Duo, Toshiba’s Canvio, LaCie Porsche Design (good for Macbooks). Many other options are, of course, available. If you have Mac, make sure your chosen external hard drive is Mac compatible.

– A cloud-based backup service, such as Dropbox, Google Drive or Box. These have large amounts of free storage plus, for a relatively small fee you can buy more storage space if needed. For example, Box gives you 10GB of file storage for free, Google Drive gives you 15GB of storage for free, OneDrive gives you 5GB of free storage space, and Apple iCloud gives you 5GB free.

Transfer Files To A New Computer

If you have already purchased a new computer, you may wish to transfer the files from the old straight to the new, although having an updated cloud backup of your work and critical files is good practice anyway.

Sign Out Of Online Accounts

With everything backed up safely, the next step is to make sure that you know login details for (and have signed out of) any online accounts on the old computer. For example, these services/apps could include Facebook, Twitter, Google, Apple and Microsoft.

Wipe The Hard Drive

The next step is to wipe all traces of your data and activity from the hard drive. For those who are planning to wipe the hard drive of a computer that belongs to your employer/the company you work for you will need to first check what the company’s recommended policy or procedure is for doing so, and to check that your actions will be compliant with data protection laws e.g. GDPR.

Wiping the hard drive can involve a number of steps and options, including:

– Delete or overwrite files using software that meets guidelines for secure deletion e.g. File Shredder, Eraser or WipeFile. If you have an older Mac with a hard drive try Secure Empty (Trash option Finder > Secure Empty Trash) but for OS 10.11 and higher and Windows PCs with SSD drives, the drive will need to be encrypted. Although this type of software provides a relatively easy and simple solution, it may take some time to overwrite multiple times.

– Drive Encryption. For PCs, this can be found in Settings > About and Drive Encryption or Bitlocker Settings. For Macs, this can be done via System Preferences > Security & Privacy.

– Deauthorise the computer with relevant accounts. For example, some SaaS accounts (Microsoft 365) and entertainment accounts such as iTunes only allow you to use a certain number of authorised, named devices. If you are getting rid of your device you will need to de-authorise this device with those accounts, thereby enabling you to authorise another device/a new for use in its place with those accounts.

– Delete browser data. Since browsers save information about your browsing history and can store usernames, passwords, and other sensitive personal data, the next step is to delete your browser history, and to make sure that you are signed out of your browsers. For example, to clear your history in Microsoft Edge, go to the three dots (top right) open the browser menu and go to Settings > Privacy & security and select “choose what to clear”, making sure that all checkboxes are selected so everything gets removed. The same will need to be done for all other browsers e.g. Chrome, Firefox, and Safari.

– Uninstall programs. Some programs contain personal data and, therefore, need to be uninstalled.

– Macs (macOS) restart, coupled with Option+Command+R. The process for of wiping the hard drive for Macs is to erase and reinstall the operating system. To do this, go to Apple menu > Restart and, just as it reboots, hold down Option+Command+R until the spinning globe appears. Then, release the keys, choose Reinstall macOS, choose Continue, and follow the instructions.

– Windows PC reset. For a Windows PC, go to Settings (app), click on Update & Security, click on Recovery, choose Get started under the Reset this PC option, and remove all personal files during the process.

– Chromebook factory reset. To wipe your Chromebook, sign in to the Chromebook with the owner account, from the taskbar, click on Settings > Advanced > Powerwash > Restart. When the Chromebook restarts, select Powerwash and click on Continue.

Destroy The Hard Drive

Before recycling a computer, some experts recommend destroying the hard drive in order to be absolutely sure that any sensitive data stored on it cannot be recovered. This can be achieved by removing the hard drive and e.g. hitting it with a hammer or drilling holes in it.

To remove the hard drive, disconnect the PC from its power source, open the casing and locate the hard drive, which generally connected to a SATA data and power cable (or to a flat, wide IDE cable in much older computers), and remove the hard drive from its housing by undoing the screws.

If the device is on the premises of your business at the time, you will need to ensure that care is taken in order to comply with health and safety regulations if trying to physically destroy the hard drive.

Laptop

As with a PC, make sure all important files are backed up, accounts are signed-out of, de-authorisation is completed, and browser data is removed. With laptops, use software to erase the data e.g. File Shredder or Eraser, and remove the hard drive, while taking care to avoid and damage to the inside of the laptop. There are many online guides and videos to help with the removal of laptop hard drives.

Tablet

After backing up your important files and data, the best method for preparing to dispose of a tablet in a way that maintains data security is to use a full factory reset. To do this, tap the app drawer and find the Settings icon, select Backup and reset (left-hand side), uncheck the Back up my data and Automatic restore checkboxes (right-hand side), select the Factory Reset option and follow the instructions. As a ‘belt and braces’ option, select the app drawer, select Settings, select Storage (left-hand side), select Miscellaneous files (right-hand side), select the checkboxes for folders and select dustbin.

Phones

Our phones contain vast amounts of personal data and potentially sensitive company data. It is, therefore, extremely important to dispose of them in a way that does not compromise the security and privacy of yourself, your business/your employer, or any stakeholders and contacts.

Back-Up

Firstly, ensure that you have backed up your phone contacts. After backing up your important data the process is:

For Android

Most up-to-date android phones have a microSD card where the phone’s data is stored. Remove the back of the phone, remove the battery, and remove the microSD card. This can be used in your replacement phone. You will also need to remove your SIM card.

If you need to wipe a microSD card, you can attach it to a laptop (with a USB cable), open ‘My Computer’, locate the microSD card, select all files stored on it and click delete.

For iPhones

An iPhone has an in-built way to return it to its factory default settings, thereby removing your personal data. To do this, go to General, Settings, Reset, and Erase All Content and Settings. This will require you to enter your username and password, and you will be given the chance to update your iCloud backup before you go ahead with the erasing as part of this process.

Data Wiping Company/Charity

Another option is to simply use a trusted third-party data wiping company or charity to professionally clean all data from your devices, hard drives, network routers, switches, and servers. Examples include WeeeCharity, PC4 Recycling, Secure IT Services and Medecon although there are many other similar services.  Your IT Support Company may also be able to provide these services or recommend a company in your area. Contact your IT Support Company for details.

Afterwards

After you have wiped your device, and depending on whether the device belongs to you or the business/organisation/your employer, your options may be:

– Recycle the device. Many recycling centres, for example, take old PCs.

– Sell the device. You could choose to sell the device privately online e.g. eBay, Gumtree or Facebook Marketplace, or to a private company that buys devices e.g. Mazuma, Music Magpie, WeBuyAnyPhone or others.

– Donate your device to a charity e.g. Computer Aid International, Turing Trust or IT For Charities.

– Donate your device to a local school, centre, or Freecycle network.

In any case, if the hard drive has been removed, you will need to inform the person, or organisation that you are selling or donating the device to.

N.B. You may wish to consult your IT support company first as they may be able to provide data wiping and IT equipment recycling services or put you in touch with a good service near you.

Important

It is surprising how much personal and sensitive data we store on our devices, so following proven procedures to make sure personal and company data is removed from devices before selling them, recycling them or donating them is a very important consideration for businesses and individuals. As person’s and businesses circumstances are different, please get in touch before disposing of any IT equipment for a detailed and appropriate course of action, specific to your requirements.

Cybercriminals Hijacking Netflix and Other Streaming Accounts

It has been reported that the surge in the use of streaming music and video services has been accompanied by a surge in the number of user accounts being taken over by cybercriminals.

Entertainment During Isolation

Self-isolation and the instruction to stay at home during the next few weeks in the COVID-19 crisis has meant that many people have turned to streaming services like Amazon Prime Video, Netflix, Spotify and Apple Music. In fact, the demand has been so high that many streaming and social media platforms have reduced the bit rate of videos in order to make sure that services can still be delivered without taking up too much bandwidth.

Stealing and Selling Your Credentials

Security company Proofpoint has now warned that cybercriminals are taking advantage of this increase in demand for streaming services by stealing the valid credentials of users and selling them online.  This means that someone else may be piggybacking off a user’s streaming account without them even knowing it.  When the account credentials are sold online (for a much lower price than normal accounts), the seller gives instructions to the buyer not to try and change the login details of the account.

How?

For cybercriminals to hijack streaming accounts, they first need to steal the legitimate credentials of existing users. Proofpoint has reported that this is achieved by using methods such as:

Keyloggers and information stealers – software that has been unwittingly downloaded, that is able to record keystrokes to discover logins and other valuable personal data.

Phishing attacks – convincing emails from bogus sources that have made users click on a link/ to re-direct, which has led to login credentials and financial information being stolen and/or malicious software being loaded onto their computer/device.

Credential stuffing – where logins are stolen in cyber-attacks on other sites/platforms and sold on to other cybercriminals are tried in other websites in the hope that a user has been password sharing (using the same login for multiple websites).

How Do You Know?

The ways to tell whether your streaming account is being piggybacked include checking the settings to view which devices are connected to the account, checking previous activity on the account and activating the options that notify you each time a new device connects to your account.

Protection

Since the ability to hijack a streaming account relies on the ability to steal login details, following basic data security and hygiene can dramatically reduce the risk to users. For example, using strong and unique passwords, not sharing passwords between different websites/platforms, using a good password manager, keeping anti-virus software and patches up to date, keeping systems and browsers up to date, and not clicking on links or attachments in emails may help protect against this and others similar crimes.

What Does This Mean For Your Business?

Cybercriminals are quick to take advantage of a crisis or a trend and are always keen to find easy, low-risk ways to get money and personal details.  In this case, adhering to relatively basic security best practice can prevent you from falling victim to this and many other cyber-crimes.

Sadly, this is not a new situation.  For example, a CordCutting.com report from last year suggested that around 20 per cent of people who watch a paid-for video streaming service are using someone else’s account.

Now that streaming services are experiencing a surge in users and are very much in the spotlight, it may be a good time for those services to tackle some of the long-running security concerns and to reassure users that they are taking some responsibility to make it much more difficult of others to piggyback accounts.

Worries About Huawei Persist

Security fears about Huawei products being used in the new 5G networks are still being expressed by the Trump administration, while Google has clarified its position on the matter.

What’s So Bad About Huawei?

Back in July 2018,  espionage chiefs from Australia, Canada, New Zealand, the U.K. and the U.S. (the so-called ‘Five-Eyes’), agreed at a meeting in July this year to try to contain the global growth of Chinese telecoms company Huawei (the world’s biggest producer of telecoms equipment) because of the threat that it could be using its phone network equipment to spy for China.  This led to the US, Australia and New Zealand barring Huawei Technologies Ltd. (with Japan more or less joining the ban) as a supplier for fifth-generation networks.

At the time, the Trump administration drew attention to the matter when Meng Wanzhou, the chief financial officer of Huawei, was detained in Vancouver at the request of U.S. authorities for violating US sanctions on Iran.

Since then, other countries have joined the ban and other allegations have been made against Huawei e.g. the US Department of Justice (DOJ) charged Huawei with bank fraud and stealing trade secrets back in January 2019.

What About The UK

As for the UK government, it will allow Huawei equipment to be used in the country’s 5G network, but not in core network functions or critical national infrastructure, and not in nuclear and military sites.  This has led to White House chief of staff Mick Mulvaney visiting just last week to help dissuade the UK from using Huawei’s products in phone networks.

Latest Warning From the US

The latest warning about Huawei products from the US has been voiced by Robert Strayer, who is the US deputy assistant secretary for cyber and communications. Mr Strayer, who is on a tour of Europe this week, warned that allowing Huawei to provide key aspects of the 5G network infrastructure could allow China to undermine it and to have access to “sensitive data”.  Mr Strayer piled on the pressure by warning that if the UK adopts Huawei as a 5G technology vendor it could threaten aspects of intelligence sharing between the US and UK.

Google Clarifies

As a US company, tech giant Google has been banned by the Trump administration since May 2019 from working with Huawei which last year led to Google confirming (via blog post) that it wouldn’t be working with Huawei on new device models or providing any Google apps (Gmail, Maps, YouTube, Play Store) for preload or download on Huawei devices.

In the light of more recent allegations and warnings about Huawei, Google has chosen to clarify its position in an article on its support pages (find it here https://support.google.com/android/thread/29434011?hl=en).  The article states that “To protect user data privacy, security, and safeguard the overall experience, the Google Play Store, Google Play Protect, and Google’s core apps (including Gmail, YouTube, Maps, and others) are only available on Play Protect certified devices”.

Google says in the article that sideloaded Google apps will not work reliably on Huawei devices.  Sideloaded apps are those which haven’t been through a certification process to appear in the Store and to run on a Windows device.  The fear is that sideloading apps could mean that apps could be installed which appear to be genuine and normal, but which may have been altered or tampered with in ways that could compromise user security.

What Does This Mean For Your Business?

The Trump administration in the US is keeping the pressure on as regards discouraging countries with which it has security and defence connections, and leverage as an ally or friend with to avoid installing Huawei products in networks, particularly in critical parts.  Clearly, a Republican administration (and in this case, and apparently inward-looking one championing US companies) in a country which has traditionally seen communist China as a threat is likely to be at least suspicious of Huawei products.  It is of course, unknown exactly what evidence exists to support the idea, and it should also be remembered that it is not long since President Trump launched a trade war with China, and may also be additionally conscious of spying issues from foreign powers after the allegations of Russian influence possibly influencing his own election as president.

For US, European, and other trusted tech network product companies from elsewhere, less for Huawei could mean more for them, and the rub-off bad publicity for Huawei also seems to have negatively affected Huawei’s sales of phone handsets, which has meant that US, Japanese and other phone suppliers have picked up more phone business.

In the run-up to next US presidential election, and with UK looking for trade deals outside the EU, it is likely that the US will continue to try and bring the UK and other countries round to its way of thinking about Huawei.

Google In Talks About Paying Publishers For News Content

It has been reported that Google is in talks with publishers with a view to buying in premium news content for its own news services to improve its relationship with EU publishers, and to combat fake news.

Expanding The Google News Initiative

Reports from the U.S. Wall Street Journal indicate that Google is in preliminary talks with publishers outside the U.S. in order expand its News Initiative (https://newsinitiative.withgoogle.com/), the program where Google works with journalists, news organisations, non-profits and entrepreneurs to ensure that fake news is effectively filtered out of current stories in the ‘digital age’.  Examples of big-name ‘partners’ that Google has worked with as part of the initiative include the New York Times, The Washington Post, The Guardian and fact-checking organisations like the International Fact-Checking Network and CrossCheck (to fact-check the French Election).

As well as partnerships, the Google News Initiative provides a number of products for news publishing e.g. Subscribe With Google, News on Google, Fact Check tags and AMP stories (tap-operated, full-screen content).

This Could Please Publishers

The move by Google to pay for content should please publishers, some of whom have been critical of Google and other big tech players for hosting articles on their platforms that attract readers and advertising money, but not paying to display them. Google has faced particular criticism in France at the end of last year after the country introduced a European directive that should have made tech giants pay for news content but in practice simply led to Google removing the snippet below links to French news sites, and removing the thumbnail images that often appear next to news results.

Back in 2014 for example, Google closed its Spanish news site after it was required to pay “link tax” licensing fees to Spanish news sites and back in November 2018 Google would not rule out shutting down Google News in other EU countries if a “link tax” was adopted by them.

Competitors

Google is also in competition with other tech giants who now provide their own fact-checked and moderated news services.  For example, back in October 2019, Facebook launched its own ‘News’ tab on its mobile app which directs users to unbiased, curated articles from credible sources.

What Does This Mean For Your Business?

For European countries and European publishers, it is likely to be good news that Google is possibly coming to the table to offer some money for the news content that it displays on its platform, and that it may be looking for a way to talk about and work through some of the areas of contention.

For Google, this is an opportunity for some good PR in an area where it has faced criticism in Europe, an opportunity to improve its relationship with publishers in Europe, plus a chance to add value to its news service and to help Google to compete with other tech giants that also offer news services with the fake news weeded out.

‘Runet’ Test – Russia Unplugs Itself From The Internet

A little later than its original planned date of April 1st 2019, a recent test-run has seen Russia successfully ‘unplug’ itself from the Internet and prove that it can create its own state-controlled Intranet.

Successfully Creating The ‘Runet’

The test, which was first announced back in February last year, is reported to have gone ahead without users noticing much difference and created what is effectively a giant, fully isolatable domestic intranet which has been dubbed the ‘Runet’.

Why?

Officially, the test to be able to pull up the drawbridge on the wider global internet is to ensure compliance with Russia’s new law called the Digital Economy National Program which came into force in November 2019.  This will require Russia’s ISPs to show that they can operate in the event of any foreign powers acting to isolate the country online with a “targeted large-scale external influence” i.e. a cyber-attack. For (state-owned) ISP’s, this will mean having to install deep packet inspection (DPI) network equipment which will allow Russia’s telecoms watchdog ‘Roskomnadzor’ to be able to identify traffic sources, filter content, and block certain sites. It has also been reported that, as part of the project to create and run the Runet, Russia is working on creating its own Internet address books.

Another official explanation for the value of the test to create the Runet is that it helped to show any vulnerabilities in the growing ‘Internet of Things’ (IoT).

Control

Although this is the official explanation, some western commentators see this as a move towards tighter control and authoritarian rule in a way that is similar to some other countries.  For example, China, which operates its own Great Firewall of China (GFW) for Internet censorship to block access to many foreign websites and to slow down and monitor cross-border internet traffic. Also, Iran operates its own National Information Network, run by the state-owned Telecommunication Company of Iran, which controls access to the web and polices content.

Difficult To Circumvent

Those thinking of circumventing the Runet and other censorship are likely to find it difficult as virtual private networks (VPNs) will not work with the Runet in place and many commentators think that it is likely that the Kremlin will try to stop access to end-to-end encrypted apps e.g. Telegram or WhatsApp.

Interfering

It is likely that one good reason for Russia to be able to cut itself off from the wider Internet is to protect itself from cyber threats in what now appears to be an ongoing war of interference, misinformation, and cyber-attacks between many states.  For example, Russia was shown to have interfered with the last U.S. presidential election and has itself been the subject of large-scale cyber-attacks. That said, the Chinese recently accused the U.S. of conducting “large-scale, organised and indiscriminate cyber theft” after it was revealed that since the 1970s, America’s CIA has been monitoring hundreds of countries via the Swiss cryptography firm Crypto AG.

What Does This Mean For Your Business?

For the Russian government, being able to exert tight control and conduct censorship on this scale, and to operate through a small number of state-owned suppliers not only guards against misinformation and cyber threats but also gives the government the opportunity to wield immense political power over its people. The move is, obviously, being greeted with suspicion and criticism from the west, with concern about the rights of Russian citizens.

Also, for non-Russian companies hoping to do business there, an inward-looking, state-controlled Intranet that favours Russian companies, particularly with tech and communications products and services would make trade there very difficult. Many western commentators are now worried that Russia may be going the same way as China in terms of censorship and access to the world by digital means.

Featured Article – Combatting Fake News

The spread of misinformation/disinformation/fake news by a variety of media including digital and printed stories and deepfake videos is a growing threat in what has been described as out ‘post-truth era’, and many people, organisations and governments are looking for effective ways to weed out fake news, and to help people to make informed judgements about what they hear and see.

The exposure of fake news and its part in recent election scandals, the common and frequent use of the term by prominent figures and publishers, and the need for the use of fact-checking services have all contributed to an erosion of public trust in the news they consume. For example, YouGov research used to produce annual Digital News Report (2019) from the Reuters Institute for the Study of Journalism at the University of Oxford showed that public concern about misinformation remains extremely high, reaching a 55 per cent average across 38 countries with less than half (49 per cent) of people trusting the news media they use themselves.

The spread of fake news online, particularly at election times, is of real concern and with the UK election just passed, the UK Brexit referendum, the 2017 UK general election, and the last U.S. presidential election all being found to have suffered interference in the form of so-called ‘fake news’ (and with the 59th US presidential election scheduled for Tuesday, November 3, 2020) the subject is high on the world agenda.

Challenges

Those trying to combat the spread of fake news face a common set of challenges, such as those identified by CEO of OurNews, Richard Zack, which include:

– There are people (and state-sponsored actors) worldwide who are making it harder for people to know what to believe e.g. through spreading fake news and misinformation, and distorting stories).

– Many people don’t trust the media or don’t trust fact-checkers.

– Simply presenting facts doesn’t change peoples’ minds.

– People prefer/find it easier to accept stories that reinforce their existing beliefs.

Also, some research (Stanford’s Graduate School of Education) has shown that young people may be more susceptible to seeing and believing fake news.

Combatting Fake News

So, who’s doing what online to meet these challenges and combat the fake news problem?  Here are some examples of those organisations and services leading the fightback, and what methods they are using.

Browser-Based Tools

Recent YouGov research showed that 26% per cent of people say they have started relying on more ‘reputable’ sources of news, but as well as simply choosing what they regard to be trustworthy sources, people can now choose to use services which give them shorthand information on which to make judgements about the reliability of news and its sources.

Since people consume online news via a browser, browser extensions (and app-based services) have become more popular.  These include:

– Our.News.  This service uses a combination of objective facts (about an article) with subjective views that incorporate user ratings to create labels (like nutrition labels on food) next to new articles that a reader can use to make a judgement.  Our.News labels use publisher descriptions from Freedom Forum, bias ratings from AllSides, information about an article’s sources author and editor.  It also uses fact-checking information from sources including PolitiFact, Snopes and FactCheck.org, and labels such as “clickbait” or “satire” along with and user ratings and reviews.  The Our.News browser extension is available for Firefox and Chrome, and there is an iOS app. For more information go to https://our.news/.

– NewsGuard. This service, for personal use or for NewsGuard’s library and school system partners, offers a reliability rating score of 0-100 for each site based on its performance on nine key criteria, ratings icons (green-red ratings) next to links on all of the top search engines, social media platforms, and news aggregation websites.  Also, NewsGuard gives summaries showing who owns each site, its political leaning (if any), as well as warnings about hoaxes, political propaganda, conspiracy theories, advertising influences and more.  For more information, go to https://www.newsguardtech.com/.

Platforms

Another approach to combatting fake news is to create a news platform that collects and publishes news that has been checked and is given a clear visual rating for users of that platform.

One such example is Credder, a news review platform which allows journalists and the public to review articles, and to create credibility ratings for every article, author, and outlet.  Credder focuses on credibility, not clicks, and uses a Gold Cheese (yellow) symbol next to articles, authors, and outlets with a rating of 60% or higher, and a Mouldy Cheese (green) symbol next to articles, authors, and outlets with a rating of 59% or less. Readers can, therefore, make a quick choice about what they choose to read based on these symbols and the trust-value that they create.

Credder also displays a ‘Leaderboard’ which is based on rankings determined by the credibility and quantity of reviewed articles. Currently, Credder ranks nationalgeographic.com, gizmodo.com and cjr.org as top sources with 100% ratings.  For more information see https://credder.com/.

Automation and AI

Many people now consider automation and AI to be an approach and a technology that is ‘intelligent’, fast, and scalable enough to start to tackle the vast amount of fake news that is being produced and circulated.  For example, Google and Microsoft have been using AI to automatically assess the truth of articles.  Also, initiatives like the Fake News Challenge (http://www.fakenewschallenge.org/) seeks to explore how AI technologies, particularly machine learning and natural language processing, can be employed to combat fake news and supports the idea that AI technologies hold promise for significantly automating parts of the procedure human fact-checkers use to determine if a story is real or a hoax.

However, the human-written rules underpinning AI, and how AI is ‘trained’ can also lead to bias.

Government

Governments clearly have an important role to play in the combatting of fake news, especially since fake news/misinformation has been shown to have been spread via different channels e.g. social media to influence aspects of democracy and electoral decision making.

For example, in February 2019, the Digital, Culture, Media and Sport Committee published a report on disinformation and ‘fake news’ highlighting how “Democracy is at risk from the malicious and relentless targeting of citizens with disinformation and personalised ‘dark adverts’ from unidentifiable sources, delivered through the major social media platforms”.  The UK government called for a shift in the balance of power between “platforms and people” and for tech companies to adhere to a code of conduct written into law by Parliament and overseen by an independent regulator.

Also, in the US, Facebook’s Mark Zuckerberg has been made to appear before the U.S. Congress to discuss how Facebook tackles false reports.

Finland – Tackling Fake News Early

One example of a government taking a different approach to tackling fake news is that of Finland, a country that has recently been rated Europe’s most resistant nation to fake news.  In Finland, evaluation of news and fact-checking behaviour in the school curriculum was introduced in a government strategy after 2014, when Finland was targeted with fake news stories from its Russian neighbour.  The changes to the school curriculum across core areas in all subjects are, therefore, designed to make Finnish people, from a very young age, able to detect and do their part to fight false information.

Social Media

The use of Facebook to spread fake news that is likely to have influenced voters in the UK Brexit referendum, the 2017 UK general election and the last U.S. presidential election put social media and its responsibilities very much in the spotlight.  Also, the Cambridge Analytica scandal and the illegal harvesting of 50 million Facebook profiles in early 2014 for apparent electoral profiling purposes damaged trust in the social media giant.

Since then, Facebook has tried to be seen to be actively tackling the spread of fake news via its platform.  Its efforts include:

– Hiring the London-based, registered charity ‘Full Fact’, who review stories, images and videos, in an attempt to tackle misinformation that could “damage people’s health or safety or undermine democratic processes”.  Facebook is also reported to be working with fact-checkers in more than 20 countries, and to have had a working relationship with Full Fact since 2016.

– In October 2018, Facebook also announced that a new rule for the UK now means that anyone who wishes to place an advert relating to a live political issue or promoting a UK political candidate, referencing political figures, political parties, elections, legislation before Parliament and past referenda that are the subject of national debate, will need to prove their identity, and prove that they are based in the UK. The adverts they post will also have to carry a “Paid for by” disclaimer to enable Facebook users to see who they are engaging with when viewing the ad.

– In October 2019, Facebook launched its own ‘News’ tab on its mobile app which directs users to unbiased, curated articles from credible sources in a bid to publicly combat fake news and help restore trust in its own brand.

– In January this year, Monika Bickert, Vice President of Facebook’s Global Policy Management announced that Facebook is banning deepfakes and “all types of manipulated media”.

Other Platforms & Political Adverts

Political advertising has become mixed up with the spread of misinformation in the public perception in recent times.  With this in mind, some of the big tech and social media players have been very public about making new rules for political advertising.

For example, in November 2019, Twitter Inc banned political ads, including ads referencing a political candidate, party, election or legislation.  Also, at the end of 2019, Google took a stand against political advertising by saying that it would limit audience targeting for election adverts to age, gender and the general location at a postal code level.

Going Forward

With a U.S. election this year, and with the sheer number of sources, and with the scale and resources that some (state-sponsored) actors have, the spread of fake news is something that is likely to remain a serious problem for some time yet.  From the Finnish example of creating citizens who have a better chance than most of spotting fake news to browser-based extensions, moderated news platforms, the use of AI, government and other scrutiny and interventions, we are all now aware of the problem, the fight-back is underway, and we are getting more access to ways in which we can make our own more informed decisions about what we read and watch and how credible and genuine it is.

Featured Article – ‘Snake’ Ransomware, A Threat To Your Whole Network

Over the last couple of weeks, there have been reports of a new type of ransomware known as ‘Snake’ which can encrypt all the files stored on your computer network and on all the connected devices.

Discovered

Snake ransomware is so-called because it is the reverse order spelling of the ‘ekans’ file marker that it attaches to each file that it encrypts.  It was discovered by the MalwareHunterTeam and studied in detail by Vitali Kremez who is the Head of SentinelLabs and who describes himself as an “Ethical Hacker”, “Reverse Engineer” and “Threat Seeker”.

How Does It Infect Your Network?

Snake can be introduced to a computer network in infected email attachments (macros) e.g. phishing emails with attached Office or PDF documents, RAR or ZIP files, .exe files, JavaScript files, Trojans, torrent websites, unpatched public-facing software and malicious ads.

How Does Snake Operate?

As ransomware, the ultimate goal of the cybercriminals who are targeting (mainly) businesses with Snake is to lock away (through encryption) important files in order to force the victim to pay a ransom in order to release those files, with the hope of restoring systems to normal as the motivator to pay.

In the case of Snake, which is written in Go (also known as Golang), an open-source programming language that’s syntactically similar to C and provides cross-platform support, once it is introduced to an operating system e.g. after arriving in an email, it operates the following way:

– Firstly, Snake removes Shadow Volume Copies (backup copies or snapshots of files) and stops processes related to SCADA Systems (the supervisory control and data acquisition system that’s used for gathering and analysing real-time data). Snake also stops any Virtual Machines, Industrial Control Systems, Remote Management Tools, and Network Management Software.

– Next, Snake (relatively slowly) uses powerful AES-256 and RSA-2048 cryptographic algorithms to encrypt files and folders across the whole network and on all connected devices, while skipping files in the Windows system folders and system files.

– As part of the encryption process, and unlike other ransomware, Snake adds a random five-character string as a suffix to file extension names e.g. myfile.jpg becomes myfile.jpgBGyWl. Also, an “EKANS” file marker is added to each encrypted file.

Ransom Note

Lastly, Snake generates a ransom note named Fix-Your-Files.txt which is posted on the desktop of the victim.  This ransom note advises the victim that the only way to restore their files is to purchase a decryption tool which contains a private key that has been created specifically for their network and that, once run on an affected computer, it will decrypt all encrypted files.

The note informs the victim that in order to purchase the decryption software they must send an email to bapcocrypt@ctemplar.com which has up to 3 of the encrypted files from their computers attached, not databases or spreadsheets (up to 3MB size) so that the cybercriminals can send back decrypted versions as proof that the decryption software (and key) works on their files (and to encourage payment and restoration of business).

Timing

Snake allows cybercriminals to not only target chosen businesses network but also to choose the time of the attack and the time that encryption takes place could, therefore, be after hours, thereby making it more difficult for admins to control the damage caused by the attack. Also, cybercriminals can choose to install additional password-stealing trojans and malware infections together with the Snake ransomware infection.

What To Do If Infected

If your network is infected with Snake ransomware there is, of course, no guarantee that paying the ransom will mean that you are sent any decryption software by the cybercriminals and it appears unlikely that those who targeted your company to take your money would do anything other to help than just take that money and disappear.

Some companies on the web are offering Snake removal (for hundreds of dollars), and there are some recommendations that running Spyhunter anti-malware software on your systems may be one way to remove this particularly damaging ransomware.

Ransomware Protection

News of the severity of Snake is a reminder to businesses that protection from malware is vital.  Ways in which companies can protect themselves from falling victim to malware, including ransomware include:

– Staff education and training e.g. about the risks of and how to deal with phishing and other suspicious and malicious emails, and other threats where social engineering is involved.

– Ensuring that all anti-virus software, updates and patching are up to date.

– Staying up to date with malware and ransomware resources e.g. the ‘No More Ransom’ portal (https://www.nomoreransom.org/ ), which was originally released in English, is now available in 35 other languages, and thanks to the cooperation between more than 150 partners, provides a one-stop-shop of tools that can help to decrypt ransomware infections – see https://www.nomoreransom.org/en/decryption-tools.html.

– Making sure that there is a regular and secure backup of company data, important business file and folders.

– Developing (and communicating to relevant staff) and updating a Business Continuity and Disaster Recovery Plan.

Facebook Bans Deepfake Videos

In a recent blog post, ahead of the forthcoming US election, Monika Bickert, Vice President, of Facebook’s Global Policy Management has announced that the social media giant is banning deepfakes and “all types of manipulated media”.

Not Like Last Time

With the 59th US presidential election scheduled for Tuesday, November 3, 2020, Facebook appears to be taking no chances after the trust-damaging revelations around unauthorised data sharing with Cambridge Analytica, and the use of the platform by foreign powers such as Russia in an attempt to influence the outcome of the 2016 election of Donald Trump.

The fallout of the news that 50 million Facebook profiles were harvested as early as 2014 in order to build a software program that could predict and use personalised political adverts to influence choices at the ballot box in the last U.S. election includes damaged trust in Facebook, a substantial fine, plus a fall in the number of daily users in the United States and Canada for the first time in its history.

Deepfakes

One of the key concerns to Facebook this time around appears to be so-called ‘deepfake’ videos.  These use deep learning technology and manipulated images of target individuals (found online), often celebrities, politicians, and other well-known people to create very convincing videos of the subjects saying and doing whatever the video-maker wants them to. These videos could obviously be used to influence public thinking about political candidates, and as well as having an influence in election results, it would be very damaging for Facebook, which has been very public about trying to rid itself of ‘fake news’ and not to be seen as a platform for the easy distribution of deepfake videos.  No doubt Facebook’s CEO Mark Zuckerberg would like to avoid having to appear before Congress again to answer questions about his company’s handling of personal data, as he had to back in April 2018.

The New Statement From Facebook

This latest blog post statement from Facebook says that as a matter of policy, it will now remove any misleading media from its platform if the media meets two criteria, which are:

  • If it has been synthesised i.e. more than just adjustments for clarity or quality to the point where the ‘average person’ could be misled into thinking the subject of the media/video is saying words that they did not actually say, and…
  • If the media is the product of artificial intelligence or machine learning that has merged, replaced or superimposed content onto a video, in order to make it appear to be authentic.

Not Satire

Facebook has been careful to point out that this policy change will not affect content that is clearly intended to be parody or satire, or videos that have been edited just to omit or change the order of the words featured in them.

Existing Policies

Any media posted to Facebook is subject to the social media giant’s existing comply-or-be-removed ‘Community Standards’ policies which cover, among other things, voter suppression and hate speech.

What Will Happen?

Facebook says that any videos that don’t meet its standards for removal are still eligible for review by one its independent third-party fact-checkers (which include 50+ partners worldwide) and that any photos or videos rated as false or partly false (by a fact-checker) will have its distribution “significantly” reduced in News Feed and will be rejected if it’s being run as an ad. Also, those who see it and try to share it, or have already shared it, will be shown warnings alerting them that it’s false.

Measures

Facebook has taken many measures to ensure that it is not seen as a platform that can’t be trusted with user data or as a distributor of fake news.  For example:

– In January 2019 Facebook announced (in the UK) that it was working with London-based, registered charity ‘Full Fact’ to review stories, images and videos, in an attempt to tackle misinformation that could “damage people’s health or safety or undermine democratic processes”.

– In September 2019, Facebook launched its Deep Fake Detection Challenge, with $10 million in grants and with a cross-sector coalition of organisations in order to encourage the production of tools to detect deepfakes.

– In October 2019, Facebook launched the ‘News’ tab on its mobile app to direct users to unbiased, curated articles from credible sources in a bid to publicly combat fake news and help restore trust in its own brand.

– Facebook has partnered with Reuters to produce a free online training course to help newsrooms worldwide to identify deepfakes and manipulated media.

Criticism

Despite this recent announcement of policy change to help eradicate deepfakes from its platform, Facebook has been criticised by some commentators for appearing to allow some videos which some could describe as misinformation in certain situations (apparently of its choosing).  For example, Facebook has said that content that violates its policies could be allowed if it is deemed newsworthy e.g. presumably, the obviously doctored videos of Labour’s Keir Starmer and US House Speaker Nancy Pelosi.

What Does This Mean For Your Business?

Clearly, any country would like to guard against outside influence in its democratic processes and the deliberate spread of misinformation, and bearing in mind the position of influence that Facebook has, it is good for everyone that it is taking responsibility and trying to block obvious attempts to spread misinformation by altering its policies and working with other organisations. Businesses that use Facebook as an advertising platform also need to know that Facebook users have trust in (and will continue to use) that platform (and see their adverts) so it’s important to businesses that Facebook is vigilant and takes action where it can.  Also, by helping to protect the democratic processes of the countries it operates in, particularly in the US at the time of and election (and bearing in mind what happened last time), it is in Facebook’s own interest to protect its brand against any accusations of not allowing political influence through a variety of media on its platform, and any further loss of trust by its public. This change of policy also shows that Facebook is trying to show readiness to deal with the most up to date threat of deepfakes (even though they are relatively rare).

That said, Google and Twitter (with its new restrictions on micro-targeting for example), have both been very public about trying to stop all lies in political advertising on their platforms, but Facebook has just been criticised by the IPA over its decision not to ban political ads that are using micro-targeting and spurious claims to sway the opinions of voters.

Facebook Bans Deepfake Videos

In a recent blog post, ahead of the forthcoming US election, Monika Bickert, Vice President, of Facebook’s Global Policy Management has announced that the social media giant is banning deepfakes and “all types of manipulated media”.

Not Like Last Time

With the 59th US presidential election scheduled for Tuesday, November 3, 2020, Facebook appears to be taking no chances after the trust-damaging revelations around unauthorised data sharing with Cambridge Analytica, and the use of the platform by foreign powers such as Russia in an attempt to influence the outcome of the 2016 election of Donald Trump.

The fallout of the news that 50 million Facebook profiles were harvested as early as 2014 in order to build a software program that could predict and use personalised political adverts to influence choices at the ballot box in the last U.S. election includes damaged trust in Facebook, a substantial fine, plus a fall in the number of daily users in the United States and Canada for the first time in its history.

Deepfakes

One of the key concerns to Facebook this time around appears to be so-called ‘deepfake’ videos.  These use deep learning technology and manipulated images of target individuals (found online), often celebrities, politicians, and other well-known people to create very convincing videos of the subjects saying and doing whatever the video-maker wants them to. These videos could obviously be used to influence public thinking about political candidates, and as well as having an influence in election results, it would be very damaging for Facebook, which has been very public about trying to rid itself of ‘fake news’ and not to be seen as a platform for the easy distribution of deepfake videos.  No doubt Facebook’s CEO Mark Zuckerberg would like to avoid having to appear before Congress again to answer questions about his company’s handling of personal data, as he had to back in April 2018.

The New Statement From Facebook

This latest blog post statement from Facebook says that as a matter of policy, it will now remove any misleading media from its platform if the media meets two criteria, which are:

  • If it has been synthesised i.e. more than just adjustments for clarity or quality to the point where the ‘average person’ could be misled into thinking the subject of the media/video is saying words that they did not actually say, and…
  • If the media is the product of artificial intelligence or machine learning that has merged, replaced or superimposed content onto a video, in order to make it appear to be authentic.

Not Satire

Facebook has been careful to point out that this policy change will not affect content that is clearly intended to be parody or satire, or videos that have been edited just to omit or change the order of the words featured in them.

Existing Policies

Any media posted to Facebook is subject to the social media giant’s existing comply-or-be-removed ‘Community Standards’ policies which cover, among other things, voter suppression and hate speech.

What Will Happen?

Facebook says that any videos that don’t meet its standards for removal are still eligible for review by one its independent third-party fact-checkers (which include 50+ partners worldwide) and that any photos or videos rated as false or partly false (by a fact-checker) will have its distribution “significantly” reduced in News Feed and will be rejected if it’s being run as an ad. Also, those who see it and try to share it, or have already shared it, will be shown warnings alerting them that it’s false.

Measures

Facebook has taken many measures to ensure that it is not seen as a platform that can’t be trusted with user data or as a distributor of fake news.  For example:

– In January 2019 Facebook announced (in the UK) that it was working with London-based, registered charity ‘Full Fact’ to review stories, images and videos, in an attempt to tackle misinformation that could “damage people’s health or safety or undermine democratic processes”.

– In September 2019, Facebook launched its Deep Fake Detection Challenge, with $10 million in grants and with a cross-sector coalition of organisations in order to encourage the production of tools to detect deepfakes.

– In October 2019, Facebook launched the ‘News’ tab on its mobile app to direct users to unbiased, curated articles from credible sources in a bid to publicly combat fake news and help restore trust in its own brand.

– Facebook has partnered with Reuters to produce a free online training course to help newsrooms worldwide to identify deepfakes and manipulated media.

Criticism

Despite this recent announcement of policy change to help eradicate deepfakes from its platform, Facebook has been criticised by some commentators for appearing to allow some videos which some could describe as misinformation in certain situations (apparently of its choosing).  For example, Facebook has said that content that violates its policies could be allowed if it is deemed newsworthy e.g. presumably, the obviously doctored videos of Labour’s Keir Starmer and US House Speaker Nancy Pelosi.

What Does This Mean For Your Business?

Clearly, any country would like to guard against outside influence in its democratic processes and the deliberate spread of misinformation, and bearing in mind the position of influence that Facebook has, it is good for everyone that it is taking responsibility and trying to block obvious attempts to spread misinformation by altering its policies and working with other organisations. Businesses that use Facebook as an advertising platform also need to know that Facebook users have trust in (and will continue to use) that platform (and see their adverts) so it’s important to businesses that Facebook is vigilant and takes action where it can.  Also, by helping to protect the democratic processes of the countries it operates in, particularly in the US at the time of and election (and bearing in mind what happened last time), it is in Facebook’s own interest to protect its brand against any accusations of not allowing political influence through a variety of media on its platform, and any further loss of trust by its public. This change of policy also shows that Facebook is trying to show readiness to deal with the most up to date threat of deepfakes (even though they are relatively rare).

That said, Google and Twitter (with its new restrictions on micro-targeting for example), have both been very public about trying to stop all lies in political advertising on their platforms, but Facebook has just been criticised by the IPA over its decision not to ban political ads that are using micro-targeting and spurious claims to sway the opinions of voters.

.ORG Silence Continues After ICANN Imposes Temporary Sale Halt

Internet companies are still none-the-wiser about the details of the proposed sale of the .org registry to private equity firm Ethos Capital following DNS overseer ICANN putting a temporary halt on the sale back on 9 December.

What Sale?

The rights to the .org domain registry, one of the largest internet registries in the world, with over 10 million names, was/is due to be sold by ISOC (aka the Internet Society), the parent company of PIR (the organisation that currently runs it) for an as-yet-undisclosed sum to Ethos Capital.

Always Not For Profit

The relatively sudden announcement of the sale caused shock and some dismay within the industry over the thought that a registry that has held its non-profit status since 2003 will now be ending up in private hands. Historically, .org domains have always been the outward sign of non-profit organisations.

About Ethos

Some industry commentators have also expressed concern about the lack of knowledge within the industry about Ethos Capital, and some worries have, therefore, been expressed about how qualified and able they may be to manage the .org registry.

Other Criticism

Other criticisms about the sale, which have been voiced online include:

– Suspicion about possible conflicts of interest e.g. around Fadi Chehade, a former CEO of ICANN who is credited by some with encouraging a free-market approach to internet addresses, and who some appear to believe is connected to Ethos Capital.

– After ICANN lifted the price caps on .org domains for the next 10 years (allowing unlimited price increases on the millions of .org domain names) many high-profile non-profit organisations have rejected ICANN’s claim that the move was simply to make the process consistent with the base form registry agreement and have accused ICANN of disregarding the public interest in favour of ICANN’s own administrative convenience.

– Worries that ICANN’s decision to approve the proposed sale may have been subject to bias and may not have reflected the true strength of feeling against the sale.

– Concerns were even expressed by those who supported the proposal e.g. ICANN’s At Large Advisory Committee (ALAC) and Non-Commercial Stakeholder Group (NCSG).

– Anger that ICANN appeared to move ahead with the decision to lift caps without any explanation, and that there still appears to be a level of secrecy surrounding the sale.

– Suspicion by some that the deal has long been the subject of informal discussion among key players.

Temporary Halt

A temporary halt was placed on the proposed sale of the .org Registry right to Ethos Capital in early December and since then, the Packet Clearing House (PCH) has argued (in a letter to ICANN) that the sale and move to non-profit status would mean less money being spent on .org’s operational costs, and could affect stability and could disrupt “critical real-time functions” of organisations using .org domains.

Silence

There is now a sense of frustration from many parties in the industry over the apparent silence, and the distinct lack of information since the temporary halt was placed on the sale.

What Does This Mean For Your Business?

There are many important organisations that use .org domains e.g. air traffic control, and these, as well as the 10 million others who have .org domains, will be concerned not just about the possible price rises of .orgs due to the lifting of the price cap, but also about the possible disruption and instability that the sale of this kind could cause.

There also appears to be a good deal of anger, concern, and unanswered questions in the Internet market about the decision to sell and the details of the sale, as well as apparent feelings of a possible lack of transparency and feelings that things may possibly have been rushed through with important arguments against the sale not being adequately addressed. That said, ICANN must have seen good enough reason to put a temporary halt on the sale, for the time being.

It remains to be seen exactly what happens next but in the interests of the industry and .org owners, the hope is that there will more communication, information and transparency very soon.