Security

Extra, extra! That fake news story might come with malware

Fake news is worrying IT security pros, and there appears to be no end in sight.

istockleolintang.jpg
Image: iStock

For many, fake news and its impact is a recent phenomenon; however, cybersecurity professionals have long been aware of the harm caused by false news in the digital world. James Scott, a senior fellow at the Institute for Critical Infrastructure Technology (ICIT), writes in this ICIT commentary:

"Regardless of your partisan persuasion, your opinion of mainstream media or your opinion of the 'alt-right,' one thing is for certain, 'fake news' is 'old news' when it comes to the weaponization of information by nation states and cyber mercenaries."

SEE: Fake news is everywhere. Should the tech world help stop the spread? (TechRepublic)

Victims are predisposed to interact with news

Cybercriminals make it their business to know every trick in the book when it comes to getting people to do something they'd rather not.

"We humans are vulnerable to manipulation by digital misinformation thanks to a complex set of social, cognitive, economic and algorithmic biases," writes Filippo Menczer, professor of computer science and informatics, and director of the Center for Complex Networks and Systems Research, Indiana University at Bloomington, in the Conversation commentary Misinformation on social media: Can technology save us? "Some of these have evolved for good reasons: Trusting signals from our social circles and rejecting information that contradicts our experience served us well when our species adapted to evade predators. But in today's shrinking online networks, a social network connection with a conspiracy theorist on the other side of the planet does not help inform my opinions."

Scott suggests people are interested in real or fake news because of:

  • a need to be "up-to-date" when it comes to local, national, and world events;
  • a sense of urgency;
  • socio-political polarization; and
  • curiosity and/or fear.

Adversaries, knowing this, tailor their lures to incorporate a popular real-news article or a fake-news article based on current news as an email attachment, as a malicious link to a compromised site, or as a banner bordering an article targeted to potential victims. "Lures range in complexity from precise, error-free custom tailored spear-phishing emails that leverage the target's LinkedIn profile, to typo-filled mass-spam," explains Scott.

SEE: How to avoid getting conned by fake news sites (CNET)

According to Scott, once cyber adversaries have grabbed the attention of unsuspecting users the next step is to get the victim to either communicate sensitive information via an interaction with the attacker or allow the attacker to download and execute a malicious payload that installs malware on the victim's system. This establishes a beachhead the attacker can leverage to move throughout the organization's network and compromise additional systems.

"As an increasing number of adversaries begin to capitalize on news and fake news, the lures will become more sophisticated and more convincing," continues Scott. "The malicious payloads attached to them will become increasingly multifunctional and complex, and the impact on individuals and critical infrastructure systems will increase in frequency and severity."

Social-media platforms gain favor among cybercriminals

Scott mentions that fewer people are frequenting news sites, reading newspapers, or watching televised news with any regularity—they prefer to get daily news via social-media platforms, usually on their mobile devices. This applies to Millennials (adults who are 18- 34-years-old), who are more likely to passively absorb the coverage of societal, economic, and political events.

"Consequently, cyber-threat actors can leverage the publicly-available information about Millennial sub-populations when crafting fake-news social-engineering lures," explains Scott. "That means tailored lures are more effective, are propagated by the victims within social circles, and enable the adversary to influence large portions of an entire generation."

SEE: Don't get fooled by these fake news sites (CBS News)

Real news is also weaponized

Scott believes not just fake news is being used as a weapon; real news is gold to cybercriminals—in particular, prolific headlines, trending stories, and alarming or tragic features that draw the attention of people.

"By either compromising a legitimate news outlet and transforming it into a watering-hole site or by purchasing banner space on the site and directing the users who click to malicious sites, cyber adversaries can capitalize on society's natural proclivity to follow media coverage of major events," writes Scott. "Legitimate news sites may have been some of the earliest targets of APT campaigns, and genuine news articles may have been some of the earliest lures used to spread malware."

Don't lose focus on the cybercriminals

Scott is concerned that fake news is becoming an exercise in finger-pointing. We should not worry about who to blame, but pay attention to cybercriminals who are using information—real or fake—to deliver malicious payloads.

"The evolution and progression of these adversaries are not hindered by unproductive and distracting retroactive feuds over blame and attribution," concludes Scott. "Make no mistake; cyber adversaries will continue to utilize news and fake news lures in their social engineering campaigns."

Also see

About Michael Kassner

Information is my field...Writing is my passion...Coupling the two is my mission.

Editor's Picks

Free Newsletters, In your Inbox