Vulnerabilities / Threats

2/13/2018
10:30 AM
Joseph Carson
Joseph Carson
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Fake News: Could the Next Major Cyberattack Cause a Cyberwar?

In the way it undercuts trust, fake news is a form of cyberattack. Governments must work to stop it.

Fake news — we've all heard about it, but sometimes we struggle to grasp the extent of its impact.

With more people moving online and social media becoming the go-to news source, and with a good chunk of what is put on social media being fake, the reader must determine whether information is true or not. When people believe everything they read, the world becomes an unpredictable place.

In the past, we could easily choose which news source to follow and have a high level of confidence about its accuracy. Today, however, with news arriving to us in a social media feed, both trusted and fake news sources are merged together — and the consumer must decide whether or not to believe the news. With no clear indication of the truth or the source of news on social media, many countries, democracies, and nation-states will struggle with transparency and could become politically instable. It only takes one fake news story within a trustworthy source to devalue an entire news feed, forcing us to question what is real and what is not.

To put it bluntly, fake news is a form of cyberattack and will only grow significantly in 2018 and beyond.

Attribution, Transparency & Response
Fake information has become a major disruption to our way of life, filling our news feeds to influence our actions in an attempt to change the outcome of important decisions, including elections. Rather than focusing on the important needs of citizens — such as taxes, health, and education — many governments are now embroiled in trust and transparency challenges caused by the continuous disruption from cyberattacks. We have seen the governments in both the US and UK increasing focus and attention on recent cyber incidents with little to no transparency.   

Many recent cyber incidents have involved the theft of huge amounts of personal and sensitive information that is then used to pursue and influence our nation's decision-making. Some notable cyber incidents — for example, breaches at Yahoo, Ashley Madison, and Equifax —exposed sensitive data that could be used via news feeds to trigger emotions and reactions. When a cyberattack from another nation-state tries to influence our way of life, our society, or our government, should this be considered an act of war?

Large troll factories and botnet farms are using our stolen personal information to guarantee that our news feeds are filled with fake information that attracts readers to respond and participate, creating a growing trend that encircles friends and family. This could start from a machine-controlled bot that wants you to share malicious information, influence your friends' decisions, and distrust your own government, creating divisions rather than giving you true information.   

National Ownership & International Cooperation
It's clear that cyberattacks are crossing country borders and disrupting our way of life, without nation-states taking responsibility. We hear about cybercriminal groups that are behind many of the major cyber incidents in recent years, including data breaches, ransomware, or the targeting of government agencies' classified information. Companies and governments have linked these cybercriminal groups to nation-states; for example, both FireEye and Symantec have accused North Korea of being behind the WannaCry ransomware, though they haven't revealed concrete evidence and North Korea has denied involvement. Without clear cooperation and transparency, this problem will grow with into increasing numbers of cyberattacks on critical infrastructure, political affiliations, financial institutions, and communications.

To prevent a major catastrophe from occurring, governments and nation-states need to work together on cyber attribution with full cooperation and transparency that holds each other responsible for the actions of criminal organizations operating from within their borders. At the recent World Economic Forum, it was announced that a new Global Centre for Cybersecurity will be launched. This should focus on establishing cooperation between governments so that attribution is possible in the future; if a cybercrime has been committed, the governments involved should work together, similar to the way Interpol works today. It is equally important that governments do not provide a safe haven for cybercriminals to carry out such attacks, especially when they are doing it for financial and political gains  with and extreme aggression.

It is time for governments to act and protect democracy and our way of life. 

Related Content:

 

Black Hat Asia returns to Singapore with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier solutions and service providers in the Business Hall. Click for information on the conference and to register.

Joseph Carson has more than 25 years' experience in enterprise security, is the author of Privileged Account Management for Dummies and Cybersecurity for Dummies, and is a cybersecurity professional and ethical hacker. Joseph is a cybersecurity adviser to several governments, ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard Technologies,  1/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3906
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
CVE-2019-3907
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-3908
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
CVE-2019-3909
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
CVE-2019-3910
PUBLISHED: 2019-01-18
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.