Home

RobbinHood – the Latest Ransomware in Town

A new ransomware hitting the computer universe is called RobbinHood.  It targets companies and networked computers. It doesn’t spread through traditional media like spam emails or links.  Instead, it spreads through other methods like trojans that give access to the hackers.

Ransomware is malicious software which attacks computers and networks, and interferes with their use.  Many ransomware programs encrypt and lock the victims’ data. They then offer to unlock it only in exchange for ransom payments. The ransom demand often requires payment in cryptocurrency.

To avoid being caught by security software and defenses, hackers using RobbinHood work to execute the ransomware as quickly as possible when performing a network-wide hack.

Prevention is key

Good general cyber-security practices are important in protecting against ransomware attacks like RobbinHood.  Of course, it is important to use antivirus software that can remove the ransomware before it is executed.

Additionally, it is important to deploy a range of technologies to disrupt as many stages of the attack as possible. These include enabling important functionality in endpoint security software, and integrating the public cloud into security strategies. Other approaches include strong security practices like using complex passwords, regular patching, multi-factor authentication, data backups, limited access rights, and locking down vulnerable remote access services. Finally, there is the human element: continuing to invest in employee security training.  Human beings are often the weakest link in cybersecurity.  Therefore, strengthening user awareness is therefore an essential element to protecting against cyber threats.

Fake News About COVID-19 is Very Real and Very Dangerous

Coronavirus, or COVID-19, is slowly becoming a nightmare for people across the world. Some countries are on lockdown, and many people are now working from home. The Internet is a major source of information for so many around the world.  Therefore, false information shared online can have a significant negative effect.

Misinformation poses a threat

People have shared fake news and misinformation about COVID-19 to millions on social media.  Some people are posting or sharing false information about the virus that they believe is true; fewer, presumably, are spreading misinformation on purpose.  But misinformation is dangerous.  In some places, where people are asked by health officials or other authorities to stay at home and avoid public areas, the onslaught of misinformation is having the most impact.

Due to the rising fear of the virus, people are hoarding items which are essential for all, like masks and sanitizers.  This can lead to shortages.

False claims can have a huge impact on public health. At a time when people should stay at home and take precautions to stop the virus, these false claims can have an opposite effect, misleading them to behaviors that help its spread.

The role of social media in stopping fake content

Social media networks are trying to combat the fake content on their platforms. For example, YouTube demonetized all coronavirus content shared by users who do not follow its guidelines or who are not news organizations.

Facebook has taken measures to flag posts that advertise coronavirus cures or spread COVID-19 related myths. Twitter said it will continue to review and remove tweets that do not follow its rules.

Of course, the main spreaders of fake news are people.  It is up to us to filter information in a sober and critical way and not become vehicles for spreading misinformation.

 

Hacking Twitter

A well-known hacking group struck again and hijacked Twitter accounts for FC Barcelona and the Olympics.  This hack marked the reappearance of the hacking group, OurMine, and also revealed some of the vulnerabilities of Twitter accounts, especially with regard to third party tools.

The hackers’ and Twitter’s sides of the story

Twitter issued a statement that the OurMine group hijacked the accounts using a third-party platform.  Twitter added it took security precautions once it became aware of the hack.  It locked the compromised accounts and started working with its partners to restore them.

OurMine said that it used security issues with employees in order to gain access to a third-party application.

This is not the first time the group has hijacked a sports account – just before the Super bowl last month, it compromised the accounts of several NFL teams, including the Chiefs and the 49ers.

The hacking exploits have drawn media attention to its claims that everything is “hackable.”

 White Hat?

OurMine claims five members and purports to be a “white hat” group, which hacks simply to raise awareness of cyber vulnerabilities.  After hacking the official Twitter account of the Olympics, the group posted, “Hi, we are OurMine. Everything is hackable.”

The victims – the International Olympic Committee and FC Barcelona – -are investigating.  What is certain is that, whether OurMine is “white hat” or not, it has drawn attention to the risk of a hack of social media.

 

 

Next Technique in the Fake News War: Flagging Photoshopped Images

Fake news and misinformation travel through social media platforms in text posts, photos and videos.  Therefore, tech companies try to control their spread using algorithms and artificial intelligence, but combating misinformation is not easy. This is why social networking sites look for new ways to prevent fake news.  A recent approach is flagging photoshopped images.

Making it easier to identify photoshopped images

Fake news has become a tool for both political and economic gain.  Some people spread fake news to drive more clicks, get more followers, and make more profit. However, others spread it to influence public opinion, and even elections.

Instagram recently decided to flag photoshopped images as part of its efforts to restrain fake news. One blogger described Instagram’s decision by saying that it looks like “Instagram x Facebook will start tagging false photos/digital art.”

The new feature will add a warning on images which Instagram considers digitally altered. Users who want to see the actual image can view the image by simply clicking on it. With a click, they can read why Instagram hid the image.

Another step in a constantly changing battle

Instagram’s step of flagging photoshopped images tries to include transparency in the process.  The flagged images will be blurred, and users who click on them will see the names of the sources and fact-checkers involved.

 

Social Media versus Coronavirus Misinformation

The coronavirus has caused a great deal of fear worldwide. The World Health Organization (WHO) has already declared it a public health emergency. Most of the over-80,000 cases of Corona worldwide to date have been in China.  However, the virus is spreading and has surfaced in countries around the world.

Many people know about the virus but do not have complete information about its symptoms, causes and means of prevention. One central reason is the misinformation spread by fake posts on social media. Social media companies are starting to respond.  Facebook, for example, has deleted fake posts about the virus.

The Coronavirus challenge for Facebook

Facebook is checking virus-related content posted on its platform.  User reports of “fake news” posts about Corona are an important part of its battle against hoaxes and misinformation.

Coronavirus has also challenged sites like YouTube.  YouTube said it would delete content about the virus that contains conspiracy theories or false claims that have been flagged by local health authorities and global health organizations.

Why Coronavirus fake news is especially harmful

Social media sites have been battling fake news in general for some time, but fake news about the virus can lead to physical harm and even death.  This makes it even more serious.  Therefore, Facebook announced that fake posts related to the virus would violate its ban on misinformation leading to physical harm.

Facebook is not alone in taking steps to prevent health-related misinformation.  TikTok, Twiter, Pinterest have all instituted measures to combat this phenomenon. Twitter reported that it found over 15 million tweets about the coronavirus within a month. However, it did not see any coordinated attempts to spread fake content.

 

Public and Private Sectors Tackling Cyber Threats

 

The interests of the public and private sectors do not always align.  However, a recent case shows how the cooperation of the two sectors can lead to protecting the public from cyber threats. The U.S. National Security Agency alerted Microsoft about a major security flaw in its Windows 10 operating system.

Hackers could have easily exploited the flaw

The flaw was severe and the NSA said hackers could easily find a way to exploit it.  Microsoft patched the flaw the same week it was reported.

The flaw allowed hackers to easily design fake security certificates that would give them a free pass to run malicious software on Windows devices. Because of the fake security certificates, everything would look legitimate to a Windows’ system.  Users would be unaware of any malicious files because digital signatures would appear to have come from a trusted provider.

Working together and tackling cyber threats may be a positive sign for public-private cooperation

The cooperation between Microsoft and the NSA is a good example of how two different industries can work together. The cooperation very likely prevented a significant cyber attack.  Michael Kaiser, former executive director of the National Cyber Security Alliance, said that the level of trust and sharing between government and business a decade ago was not high. This recent cooperation between the NSA and Microsoft may indicate that things are changing for the better.