Monthly Archives: July 2019

Home / 2019 / July

Newly Discovered Ransomware Sheds Light on the Threat

Corporate researchers recently uncovered a new type of ransomware which was attacking devices used for file storage and backup.  The researchers described the attack on the storage devices as “brute forcing weak credentials and exploiting known vulnerabilities in targeted attacks.”

Ransomware is malicious software, or malware, that denies victims access to their data or computer system until the victims pay a ransom.  It can be delivered via an infected website, or through phishing emails, and is an especially frustrating form of attack because it prevents victims from functioning electronically—at all.  Victims are offered an ultimatum: Either pay the ransom, or lose all your data.  This can be devastating to an individual, a small company, or even a local government.

Simple but deadly

The ransomware in question affected devices with media player and device storage functionality which were manufactured by the company QNAP, which has customers from all around the world and offices in over sixteen countries.   The attack was executed with simple source code of less than 400 lines.

Victims were shown a ransom note that informs them about their locked data and directs them to a Tor website where they can make the ransom payment in bitcoin.

Fortunately, this attack was identified and the vulnerabilities to it were patched before harm could be done, but its potential for damage was multinational in scope.

Deepfakes on Social Media

Deepfakes are becoming a thorn in the side of social media companies which already under pressure to combat fake news and identity theft.  For example, Facebook is struggling to get ready for elections, yet still suffers from many fake accounts, which are themselves vehicles for fake news.  Deep fakes exacerbate this problem.

Deepfakes on social media affect elections: Report

Quartz, a popular news site, reports that deepfakes are likely to influence the 2020 elections. Social media platforms are slowly becoming a primary source of news, and unfortunately, the news is too often incorrect. News posted and shared on these platforms could be fake news or misinformation.

Yvette Clarke a member of the U.S. House of Representatives, argued that, in light of the manipulated footage of Nancy Pelosi and a similar, more recent video of Bernie Sanders, if people in the U.S. can believe that doctored videos of presidential candidates are real, then the country’s democracy is endangered.

Clarke suggested a proposal for the DEEPFAKES Accountability Act , which will not only protect victims of deepfake content, but also hold perpetrators accountable.  She argued that Congress needs to work with experts like the ML (Machine Learning) computer engineers and data scientists as well as tech giants, to combat deepfakes.

Deep fakes and identity theft

Clarke drew attention to the effect that deepfakes can have on identity theft as well.  She contended that Congress needs to update statutes for false impersonation and identity theft to include digital impersonation, and  recommended training on the deepfake technology for better prevention of the problem.

Identity theft remains a significant problem.  A report by Barclays in the UK found that almost one third of older people have been scammed.  But the elderly are not the only victims, and deepfakes will only make the problem more difficult.

Nevertheless, these are some of the classical steps to help prevent identity theft:

  • Don’t believe all ads claiming celebrity endorsement to be genuine,
  • Do not click on posts that you are suspicious of,
  • If you fall victim to a scam, report it to authorities immediately, and
  • Stay away from “too-good-to-be-true” offers


Twitter Comes Up With Warning Labels for Abusive Tweets

Twitter will soon be slapping warning labels on abusive tweets if they violate its rules. The company recently announced its new policy, which will combat hateful and threatening tweets. A tweet which violates Twitter’s rules but also involves matters of public interest will come with a warning label.

Politicians to be affected by the new Twitter policy

Politicians and world leaders who tweet to abuse or threaten others will be affected by the new policy. The company has been censured by many for allowing the US President to tweet controversial messages, for example, and this new policy may have been brought to answer the critics.

President Trump, however, may see this new policy as another bias against him and like-minded politicians. Twitter’s new policy will apply to all political candidates, government officials and other public figures who have more than 100 thousand followers. Twitter will not remove the tweets altogether because it does not want to interfere with content which is of public interest.

Jennifer Grygiel, professor at Syracuse University, said that Twitter has enacted the new policy because of Trump’s social media activity. The U.S. President has used words like “stone cold LOSER” and “a lowlife” in his tweets, which may not be violation of Twitter policy, but can be a form of harassment.

New Policy will not apply to past tweets

Research Analyst Keegan Hankes, who focuses on far-right extremist propaganda online, said the company is arguing that hate speech could be in the public interest, and while he believes hate speech is never in the public interest, he does think that the labelling policy is a step by Twitter in the right direction.

The new policy will not apply to past tweets. The company will also remove tweets that warrant removal, for example, a direct threat.

The new policy is not retroactive and will not apply to non-political leaders, celebrities or influencers.


The EU’s Demand that Social Media Companies Step Up Their Efforts to Combat Fake News

In a joint statement, European Union officials acknowledged that social networks like Twitter, Facebook and Google have increased their efforts to combat fake news, but agreed that more “needs to be done” in view of ongoing threats to elections.

Progress in Efforts to Combat Fake News

The EU said it reported evidence of coordinated inauthentic behavior like fake accounts and bots trying to spread misinformation across platforms before the European Parliament elections at the end of May. The EU officials noted that they found “continued and sustained disinformation activity”, especially linked to Russian sources, trying to influence voter preferences.

The report found that all platforms have made progress since January towards better transparency in political advertising, qualifying that while Facebook has taken steps to make sure there is transparency in issue-based advertising, Twitter and Google still need to catch up. Facebook reported removing 2.2 billion fake accounts in the first quarter of 2019, which was nearly twice the number it removed in the prior quarter.

The report said that the online platforms have come up with solutions, like increased restrictions on political advertising and hiring fact-checking teams, to combat fake information. The EU officials said that they expect tech companies to maintain their momentum and step up their efforts.

EU demands more data from online platforms to tackle fake news

In order to tackle fake news and misinformation, the EU officials said they require adequate human resources and continuous research to detect and expose fake news campaigns, counter new practices and trends and raise preparedness. Examples of the report’s suggestions included increasing cooperation by the tech companies with fact checkers; allowing users to detect disinformation in a better way; and providing the research community with meaningful access to data to tackle fake news.


Ransomware Attack Forces Aerospace Company to Shutdown Manufacturing

Belgian-based aerospace manufacturer ASCO Industries shut down some of its units because of a ransomware attack on June 7, requiring the company to send home most of its staff. The attack put over 1,000 of its 1,400 global workers out of action and shut down manufacturing units in Germany, Belgium, Canada and the United States.

A Ransomware attack is a cyber attack in which hackers infect a computer system with a malicious code that shuts it down or renders it inoperable.  The attackers then make demands—such as payment, often in cryptocurrency—in exchange for a key that will enable the victim to restore its systems.

ASCO to be acquired by Spirit AeroSystems soon

Asco confirmed the malicious intrusion to the Belgian news publisher Data News but refused to provide any additional information on the matter. According to reports, the company took outside help to help solve the issue.

ASCO is currently in the process of being bought by Spirit AeroSystems – a Wichita, Kansas-based first-tier aerostructures manufacturer.  There has been no indication by either of the two companies that this cyber-attack would pose a problem in the acquisition of Asco.

Was it a ransomware attack or just a malware?

As the company has not released an official statement on the incident, some experts are even questioning whether it was a ransomware attack. Larry Trowell, principal security consultant at Synopsys, said his company does not know what has happened yet, and since it has not seen evidence that it was a ransomware attack, thinks it may be a direct attack or simply malware.