News for the cybersecurity community during the COVID-19 emergency: Tuesday, April 28th, 2020. Daily updates on how the pandemic is affecting the cybersecurity sector.
Hacking research, contact tracing, and disinformation's toll.
A Chinese biomedical research firm is hacked.
HackRead reports that security firm Cyble says it's found evidence that the biomedical company Huiying Medical has been hacked, and that some of its stolen data are now for sale in the dark web. Cyble's report says that a threat actor, nom de hack "THEOTIME," whose claims Cyble deems "credible," is asking 4 Bitcoin for Huiying data. The stolen information is said to include:
- "Users — 1.5 MB"
- "Technology + source code — 1GB"
- "Knowledge for Covid-19 Experiments information — 150 MB"
Huiying Medical gained a degree of fame (or notoriety) for its strong claims, reported by VentureBeat and others, that it has a method of using CT scans to detect COVID-19 infections, and that their technology has a 97% accuracy rate. The US Centers for Disease Control and Prevention recommend against using either CT scans or X-rays for COVID-19 diagnosis, as do radiological professional organizations in Canada, New Zealand, the US, and Australia.
Contact tracing updates.
Apple and Google are rolling out their decentralized contact-tracing app, and it's found favor in some places, Germany among them. Britain's National Health Service will not, however, be using it. The NHS is pursuing its own system that will also use Bluetooth Low Energy signals as a proxy for close approaches to possible sources of infection, but the BBC says NHS wants the data centralized, the better to adapt them to closer management of the pandemic. According to the New Statesman, British health agency has brought in US big data company Palantir to help them develop their preferred alternative.
One consequence of telework: diversion of security workers.
The growth in remote work during the pandemic has produced one not entirely obvious effect: more work for company security teams. To be sure some of the increased workload is entirely foreseeable, since telework at such a large scale presents unfamiliar security challenges. But SC Magazine reports the results of a survey by NNT Technologies that show the diversion of security personnel into tasks that belong more narrowly to IT. As many as 47% of security workers have been set to performing tasks like equipping a mobile, remote workforce. Some of this is inevitable and arguably sensible, but it's worth recognizing that security people nowadays probably have more IT fish to fry than they would in normal times.
The personal toll of state-sponsored disinformation and the madness of crowds.
It's easy to become accustomed to thinking of disinformation and misinformation in terms of their large-scale effects on societies and the politics that surround them. But they have personal effects, too, in what may serve as a reminder that the familiar New Left slogan, "the personal is political," might be reversed.
First, the madness of crowds. In India, a man whose family suffered from COVID-19, properly quarantined themselves, and recovered, is being hounded online by people who claim (falsely) that one of the family had in fact died of the virus, and moreover that harsh local restrictions are the family's fault. "When a health officer called me I explained the matter to him. Later, an online news portal carried fake news that the district administration had announced a ‘double lockdown’ at Manacaud and Ambalathara areas which fall under hotspot due to the irresponsibility of my family. We won’t do that,” Bin Sagar told the Indian Express. He's taken legal advice.
And then state-run disinformation finds amplification when it finds its audience. The Chinese Communist Party's claims that COVID-19 was brought to Wuhan in October by US Service Members participating in the World Military Games (a kind of good-will olympics among the world's military services) have been widely broadcast by Chinese official statements (often in the form of a call for investigation, sometimes with the suggestion that the virus was an American bioweapon). US Secretary of Defense Esper calls this allegation "completely ridiculous...and irresponsible," and we're with him on that.
But not everybody is, and "everybody" in this case includes some YouTubers. CNN reports that one US Army Reservist who participated in the games has been called out as the source of infection, and is receiving all the hostile attention one would expect. The charge that the Reservist, Maatje Benassi, is the patient zero of the infection and the prime mover in the pandemic is of course absurd, but that hasn't prevented YouTubers from pushing it, acting in effect as a kind of cyber mob.
Prominent among the YouTubers flacking the story is George Webb, whom CNN calls a "misinformation broker" but who describes himself as "investigative journalist." Mr. Webb has propounded numerous conspiracy theories in the past, to the extent that Google has stopped running ads in his channel. He is, as he would put it, only asking questions, but the questions are specific and damaging, especially to the Benassis, who have nothing to do with the virus at all. Only asking questions, mostly, but one might reflect that a traditional moralist would have treated false suggestion as itself a form of false witness.
Virtual conferences: an update.
Billington CyberSecurity is presenting its next CyberVirtual Roundtable on May 8th. This one concentrates on the US Department of Defense and its Cybersecurity Maturity Model Certification: Preparing for the CMMC Requirements, Even During the Pandemic.