At a glance.
- India cracks down on disinformation.
- Joint advice on cybersecurity from NCSC and CISA.
- Governments improvise contact tracking tools.
- Front company for Chinese intelligence services' cyber operations?
India's government cracks down on disinformation.
Reuters reports that the Indian government has asked both Facebook and TikTok to remove users they determine to be spreading misinformation about COVID-19. The authorities are particularly concerned about mis- or disinformation directed at Muslim audiences. India has had unfortunate experience with local violence inflamed by social media. According to the Mumbai Mirror, the authorities are serious about prosecuting those who promulgate “fake news” and “hateful posts” in social media. One-hundred-thirty-two cases are open, and thirty-five arrests have been made so far.
British and American cybersecurity agencies issued joint advice on cybersecurity practices during the COVID-19 emergency.
The UK’s National Cyber Security Centre (the NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint public warning about ways in which the pandemic and the emergency measures put in place to contain it have given rise to a wave of cyberattacks. The advisory introduces its warnings like this: “Both APT groups and cybercriminals are likely to continue to exploit the COVID-19 pandemic over the coming weeks and months. Threats observed include:
- “Phishing, using the subject of coronavirus or COVID-19 as a lure,
- “Malware distribution, using coronavirus- or COVID-19- themed lures,
- “Registration of new domain names containing wording related to coronavirus or COVID-19, and
- “Attacks against newly—and often rapidly—deployed remote access and teleworking infrastructure.”
Governments work to improvise automated contact tracking.
Privacy concerns run neck-and-neck with public health during the COVID-19 pandemic. Many governments are scrambling to find ways of tracking contacts at scale during the emergency. As Computing reports, there’s a general search for tools that can do this in ways that don’t compromise individual privacy, but so far the apps being deployed aren’t inspiring confidence in this respect.
Researchers at ZeroFox report that the governments of Italy, Colombia, and Iran have stumbled badly with respect to the privacy protections of the mobile apps they’ve pushed out. It seems reasonable to assume that this is a more general problem. ZeroFox doesn’t attribute the privacy issues to bad intent, not even, we observe in fairness, in the case of Iran. It’s just a difficult problem to solve.
There's also the issue, which Computing also notes, of rolling back emergency surveillance once the emergency has passed.
RAT-herding by a government front?
One of the more interesting features of yesterday’s BlackBerry Cylance report on a decade-long record of RAT-herding by five related threat groups working on behalf of the Chinese government is its identification of a possible front company. World Wired Labs is the purveyor of the nominally legitimate administrative, incident response, and parental monitoring tool NetWire. The researchers assess NetWire as a Remote Access Trojan. Legitimate tools can certainly be abused, but World Wired Labs seems curiously elusive, with curiously vague contact information: the company is based, for example, as the researchers put it, “somewhere in Belize.” No address, no convenient Google map, etc., which is certainly not the norm for a conventional company that's happy to be contacted. It is, however, consistent with a front operation. CyberScoop has an interesting summary of those aspects of the research that seem to cast suspicion on World Wired.