The Covid-19 coronavirus may be novel, but security experts say that the cyber and disinformation strategies capitalizing on the crisis are not.
Old cyber threat actor playbooks are proving their durability as the COVID-19 crisis drags on. Security experts say that the pandemic is proving hackers and nation states need not reinvent the wheel to take advantage of a novel crisis.
COVID-19 Attacks in Full Swing
The emergence of the COVID-19 pandemic has been accompanied by a jump in online threats and attacks of all sorts. The security firm zScaler identified more than 380,000 COVID-themed phishing email campaigns in the month of March, compared with just 1,200 in January. The company also noted more than 130,000 web domains registered using terms related to the virus since the outbreak began. Those domains might be used in phishing attacks or other online scams, according to a blog post by Deepan Desai at zScaler.
But phishing attacks and scams are only part of the problem. Adam Meyers, the Vice President of Intelligence at CrowdStrike, points to an increase in “malicious files observed,” “pandemic related… social engineering,” and info-ops campaigns run by nation-states tracked by the firm.
CrowdStrike and other firms have observed cyber criminal groups and online scammers using anxiety about the pandemic to boost malicious campaigns. Malicious actors are using fake “health update” messages and lures promising “stimulus aid/money” to carry out attacks on users. It’s becoming more likely that the crisis is spurring malicious activity. After an initial spate of attacks on hospitals and healthcare providers, however, ransomware actors seem to be largely staying away from healthcare providers, Meyers said.
2016 Disinformation Playbook Showing Its Longevity
Experts say that the problem didn’t start with COVID. Nation states like Russia and China have been engaging in operations to undermine faith in western democracies for years, most notably with Russia’s interference in the 2016 elections.
Absent overhauls by social media platforms to get ahead of misinformation or policymakers forcing them to set rigorous standards, disinformation campaigns will continue business as usual to capitalize on crises as they arise.
Laura Galante, CEO and founder of Galante Strategies, noted that the gold standard of disinformation is “cyber to kinetic” impacts, in which purely digital campaigns produce physical consequences.
As an example, Galante cites recent protests in Novi Sanzhary, Ukraine. Fake news spread, likely by the Kremlin, led individuals to riot in the streets, protesting their government based on false information surrounding the virus.
And Russia isn’t alone; other world powers are jumping at the opportunity to advance their interests. China is reportedly racing to distance itself from responsibility for the spread of the virus. Most notably, tweets from Chinese officials are spreading theories that the US engineered the virus to create profits selling medicine and supplies to the rest of the world. While seemingly absurd, a Pew poll released in mid-march showed roughly a third of Americans surveyed believed Covid-19 was created in a laboratory.
Prescriptions for Curing Info-Ops
Social media platforms like Facebook and Twitter continue to test solutions to minimize bots and trolls and combat disinformation. Facebook, for example, recently removed pages for rallies in Nebraska, New Jersey and California urging residents to defy government orders to stay at home. Still, their policies to snuff out disinformation remain largely reactive. Scott Shackelford, Professor at the Kelley School of Business, argues that often by the time these giants curb disinformation by removing harmful content retroactively, the damage is already done.
The disinformation problem isn’t new and is many years in the making. As others have noted, the shift from print to visual story telling and the rise of the Internet as a source of information have accelerated the spread of disinformation, destabilized traditional notions of “truth” and displaced traditional gatekeepers like local newspapers, radio- and television stations.
The problem, in 2020, has no easy answers. What remains clear is that mainstay forms of influence by nation-states refuse to go away on their own. Without a paradigm shift to give platforms a fighting chance against Russia and China, their responses will remain inadequate. As the human cost of disinformation rises dramatically in the advent of the coronavirus crisis, not to mention a consequential election on the horizon, the stakes to reel in these campaigns could not be higher.