The novel coronavirus is affecting the world of infosec. From misinformation spread by your Facebook friends, through malware distribution, to the DDoS’ing of health agencies.
We need to take care with security, as well as with hand hygiene. But combating these threats will take more than just soap and water.
What is wrong with people? In this week’s Security Blogwatch, we stay positive.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Halo.
Keep calm and wash your hands
What’s the craic? Catherine Shu and Jonathan Shieber report—joint statement on misinformation:
In an unprecedented move to reassure customers and flag the potential for misinformation about COVID-19 on their platforms, all of the major social media companies … issued a joint statement on their efforts … “to keep our communities healthy and safe.”
…
Tedros Adhanom Ghebreyesus … the World Health Organization’s director-general said last month that disinformation is as dangerous as COVID-19. … “We’re not just fighting an epidemic; we’re fighting an infodemic.”
Why? Craig Timberg, Ellen Nakashima, and Tony Romm illustrate the problem—sources of falsehoods … elude authorities:
Misleading text messages claiming that President Trump was going to announce a national quarantine buzzed into cellphones across the country over the weekend, underscoring how rapidly false claims are spreading.
…
Apps such as WhatsApp and some social media platforms have carried similarly alarming misinformation, much of it with the apparent goal of spurring people to overrun stores to buy basic items ahead of a new wave of government restrictions. … “Stock up on whatever you guys need to make sure you have a two week supply of everything. Please forward to your network.”
…
Those pushing misinformation may be changing tactics away from social media to thwart the major platforms’ efforts to catch and block falsehoods. … As the false texts spread about a looming federal quarantine, the NSC began an interagency effort … to determine who is behind the apparent disinformation campaign.
The best-laid plans, and all that? Rob Price is right—Facebook is wrongly blocking news articles:
Facebook is blocking users from posting some legitimate news articles about the novel coronavirus in what appears to be a bug in its spam filters. … News outlets [included] Business Insider, BuzzFeed, The Atlantic, and The Times of Israel.
It's not clear exactly what had gone wrong, and Facebook did not respond to a request for comment. … Facebook has sent many of its content moderators home, saying it will rely more on automated software instead.
…
Facebook, however, denied that the bug was related to any changes to its content-moderator workforce.
Spare a thought for the poor WfH’ers. Lend Salvador Rodriguez your eyes—Facebook to give $1,000 bonuses to each of its employees:
Facebook on Tuesday told employees that it would give each of them $1,000 bonuses in an effort to support its workforce working remotely. … In early March, Facebook began telling its employees to work from home.
…
The coronavirus has already had a massive impact on the company. Shares of the company are down more than 28% year-to-date as uncertainties around coronavirus drag down the markets.
What the heck is going on? Let’s hear again from NagrothAgain:
Half the country has nothing better to do than panic on Facebook right now.
Also because the filter went sideways so badly that it's been blocking many posts completely unrelated to COVID. My wife posted a picture of our dog, no text, which got whacked for being "spam."
But fear brings malicious opportunists. Brian Krebs cycles in—Coronavirus Map Used to Spread Malware:
Cybercrooks have started disseminating real-time, accurate information about global infection rates tied to the … pandemic in a bid to infect computers. … An interactive dashboard of Coronavirus infections and deaths produced by Johns Hopkins University is being used … to spread password-stealing malware.
…
Security experts began warning of new malicious Web sites … that used interactive versions of the same map to distract visitors while the sites tried to foist the password-stealing AZORult malware.
As long as this pandemic remains front-page news, malware purveyors will continue to use it as lures to snare the unwary. Keep your guard up, and avoid opening attachments sent unbidden … even if they appear to come from someone you know.
Is there a better way? Heed the brain-emittance of Pimpy:
Perhaps the better solution for Facebook to combat fake news is to simply add a "verified by Facebook" badge on to any news article that has been verified as coming from a reputable source, otherwise just assume it's nonsense. The amount of disinformation spread through Facebook far exceeds actual news content.
It gets worse. Shaun Nichols rolls his eyes—Health and Human Services targeted by DDoS scum:
In an impeccable instance of horrible timing, the US government's Department of Health and Human Services (HHS) says it fended off a cyberattack by online scumbags. … With Americans desperate for information about the coronavirus pandemic, the attempted takedown came at the worst possible time.
…
With states and cities across America taking unprecedented steps to slow the spread of the COVID-19 virus, government officials are more than taxed with public awareness efforts.
…
Sadly, it seems that the pattern of utter scum targeting health agencies is a global affair. Administrators in the hospital at University Hospital Brno in the Czech Republic report receiving similar cyberattacks.
Gah! Giggle at jake’s jokes:
I suspect it was normal traffic. It's not like our Sainted gov has anything resembling clues when it comes to the proper care and feeding of an extremely well used web site. Every time I attempt to use a Government website, it's nothing but trouble—almost as if it were designed and built by the lowest bidder, instead of the most competent.
Oh. Wait …
How about some hope? Kevin Roose shifts the narrative—The Coronavirus Crisis Is Showing Us How to Live Online:
I expected my first week of social distancing to feel, well, distant. But I’ve been more connected than ever.
My inboxes are full of invitations to digital events—Zoom art classes, Skype book clubs, Periscope jam sessions. Strangers and subject-matter experts are sharing relevant and timely information about the virus on social media, and organizing ways to help struggling people and small businesses.
…
There is no use sugarcoating the virus, which has already had devastating consequences for people all over the world. … But if there is a silver lining in this crisis, it may be that the virus is forcing us to use the internet as it was always meant to be used—to connect with one another, share information and resources, and come up with collective solutions to urgent problems.
…
Just look at what’s happening in Italy, where homebound adults are posting mini-manifestos on Facebook. … Or see what’s happening in China, where would-be partyers have invented “cloud clubbing,” a new kind of virtual party in which D.J.s perform live sets on apps like TikTok. … Or observe how we’re coping in the United States, where groups are experimenting with new kinds of socially distanced gatherings: virtual yoga classes, virtual church services, virtual dinner parties.
…
All over the country, citizen technologists are using digital tools to strengthen their offline communities. … After spending years using technologies that mostly seemed to push us apart, the coronavirus crisis is showing us that the internet is still capable of pulling us together.
The moral of the story?
Keep calm and wash your hands. Don’t touch your eyes, nose, mouth. Check in on the vulnerable. And don’t fall for any venality.
And finally
You have been reading Security Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or sbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE.
Image source: Renate Köppel (Pixabay)
Keep learning
Learn from your SecOps peers with TechBeacon's State of SecOps 2021 Guide. Plus: Download the CyberRes 2021 State of Security Operations.
Get a handle on SecOps tooling with TechBeacon's Guide, which includes the GigaOm Radar for SIEM.
The future is security as code. Find out how DevSecOps gets you there with TechBeacon's Guide. Plus: See the SANS DevSecOps survey report for key insights for practitioners.
Get up to speed on cyber resilience with TechBeacon's Guide. Plus: Take the Cyber Resilience Assessment.
Put it all into action with TechBeacon's Guide to a Modern Security Operations Center.