At a glance.
- Deception as the entering wedge of espionage.
- COVID-19 vaccine disinformation.
Deception as an entrée for espionage.
Researchers at the cybersecurity firm Volexity report that OceanLotus, the Vietnamese cyberespionage crew also known as APT32, is using an array of bogus Web sites and Facebook pages to attract victims. CyberScoop notes that OceanLotus has since its discovery in 2017 been particularly active against foreign corporations doing business in Vietnam.
This is worth noting from the point-of-view of disinformation because the websites were sufficiently convincing to persuade the researchers (for a brief time) to think they were legitimate sites that a threat actor had compromised. Most of the content was harmless, consisting for the most part of articles scraped from news outlets. Only a few of them held malicious redirects:
“However, upon closer inspection of the websites, Volexity found the sites were not compromised, instead they were created and operated by OceanLotus. Each of the websites appears to have had a decent level of effort to build it, as there are numerous variations in themes, content, and even custom images and slogans. The websites all claim to be news sites and contain a great deal of benign content, with no malicious redirects or profiling in place on the vast majority of pages including the main index page. Instead, generally speaking, only a handful of specific articles within each site contain malicious content.”
OceanLotus seems to have spearphished for many of its victims, and to have attracted others by letting their sites function as watering holes that user interested in certain topics would search and surf their way into. The goal appeared to be credential harvesting, and in some cases installation of spyware.
Implausible COVID-19 disinformation.
Reports say that Britain’s GCHQ has gone on the offensive against anti-vaccine propaganda. The Times says that the SIGINT agency is using techniques proved against Islamic State online activity against state-sponsored purveyors of vaccine disinformation. It’s not a comprehensive rumor-control effort, but operates against state-directed disinformation only.
According to Reuters, GCHQ is “taking down hostile state-linked content and disrupting the communications of the cyber actors responsible.” The campaign against which GCHQ’s efforts are directed is Russian, Engineering and Technology reports. The Week suggests the motive for the disinformation is at least partly commercial, since Russia is interested in seeing widespread adoption of two vaccines developed in that country. The disinformation is directed against a COVID-19 vaccine developed in the UK by AstraZeneca and Oxford University.
One might think that such disinformation would take the high-toned, friend-of-nature line that circulates in the tonier, upper-middle-class precincts where vaccine-skepticism seems to have taken root. They might have taken the familiar line that vaccination causes various childhood developmental impairments, etc. Not true, of course. Although vaccines have had their troubling side effects (consider the swine flu vaccine problems in the mid-1970s, for example) the widely believed claims about, say, the generally malign effects of childhood vaccination haven't held up to scientific scrutiny.
No, the line straight out of Moscow is a lot scarier and much more direct in terms of its proposed cause-and-effect. It's also a lot more tabloidesque. Here’s the story. So these eggheads at Oxford and AstraZeneca came up with this vaccine, right? But did you know that they used a chimpanzee virus to make it? And so it stands to reason that anyone who gets the vaccine has just got to turn into an ape, on account of they made their vaccine from like some chimpanzees or something! What the hey! Chimps, man!
Edward Jenner, call your office. Maybe using cowpox wasn’t such a good idea after all. Weren’t there all those cattle-people mooing out there in the countryside? What? No? Well maybe the whole ape-man risk is being overstated here. Or else there’s some seriously mad science going on in the Urals.
But it seems more likely that this view of vaccine trials is more informed by repeated viewings of The Fly—the Vincent Price version, not the Jeff Goldblum remake—than it is by the history of medicine. The whole story is more Seymour’s Fright Night than it is the New England Journal of Medicine.
We hope that few are persuaded by the Russian campaign, and above all we wish GCHQ good hunting.