News for the cybersecurity community during the COVID-19 emergency: Tuesday, May 19th, 2020. Daily updates on how the pandemic is affecting the cybersecurity sector.
Contact tracing and privacy in France.
France is proceeding with its centralized approach to COVID-19 contact tracing, ZDNet reports. Authorities maintain that this is being done with due regard for preserving users' privacy. The government is particularly interested in the utility the system, StopCOVID, might have in containing a recurrence of the virus. Earlier this month Medium offered a summary of the app's development, including its goals and prospects.
COVID-19 virus scams and other pandemic curiosa on the Dark Web.
Researchers at Trustwave's SpiderLabs describe the various pandemic-related scams they're finding on the Dark Web, and note some of the underworld reaction to them. They do note that the criminals follow the news (like everyone else), swap advice about staying healthy, express concerns about the consequences of the pandemic for their own enterprises, etc.—in short an inverted version of the kind of chatter one sees in legitimate channels.
But the more interesting material reveals the deliberations and plans that directly shape the criminal enterprises themselves. For example, there's chatter about demand for masks, and whether that presents an opportunity for various forms of illicit trade. Masks and other medical supplies are being offered for sale in online souks that normally hawk contraband. Those same markets also offer patently bogus nostrums, most prominently COVID-19 vaccines, which of course don't exist. Accompanying the offers are an array of bogus stories alluding to widespread cover-ups and misinformation by various authorities.
The underground markets are themselves feeling some of the pain legitimate markets are experiencing. They warn their customers that they may expect service disruptions, and they shed virtual crocodile tears over the health risks vulnerable customers (like drug abusers) face during the pandemic. And some of the subsectors of the criminal-to-criminal market seem to be feeling considerable pain. Carding in particular appears to be experiencing a rough patch. Why this is happening is unclear, and seems to call for explanation. Perhaps with the general slowing of economic activity there's been a reduction in available inventory, and with the relative scarcity of new stolen numbers, carders are recycling their wares in the souks. Criminals who have access to new stolen cards are reserving them for their own use.
Phishing for the unemployed.
In their study of the underground and its behavior during the pandemic, Trustwave does credit some of the criminals with expressions of good intentions about the larger, common good: "it’s important to note that many members of the underground community explicitly avoid and implore others to avoid trying to profit from the situation and not making life harder than it is already." Maybe, and to be sure there's no doubt that SpiderLabs have observed what they've observed. On the other hand, by their works shall you know them, and those works remain bad.
A different story provides an example of such works. The New York Daily News reports that at least one job placement agency, ABS Staffing Solutions, has been impersonated by scammers seeking to collect personal information from job-seekers looking for work during the pandemic-induced downturn. The criminals are using a website (complete with bogus branding) and texts to lure their victims.
Consequences of misinformation.
ABC News reports that the US Department of Homeland Security, the FBI, and the National Counterterrorism Center have issued an advisory to law enforcement authorities warning them to expect vandalism directed against 5G and other telecommunications infrastructure. "Violent extremists have drawn from misinformation campaigns online that claim wireless infrastructure is deleterious to human health and helps spread COVID-19, resulting in a global effort by like-minded individuals to share operational guidance and justification for conducting attacks against 5G infrastructure, some of which have already prompted arson and physical attacks against cell towers in several US states." Such attacks, hitherto more commonly observed in Europe, have begun to appear in the US as the bogus theory of a link between cellular networks and COVID-19 gain traction.
Some of this vandalism predates the emergence of the COVID-19 virus, and therefore also predates the misinformation that's now driving the incidents, Business Insider notes. Arson was reported at cellular infrastructure sites as early as December of 2019.