PROTECTING YOURSELF FROM AN INTERNET ATTACK
Tens of millions of Americans are now working remotely from their homes. Upwards of 100 million more American school children and young adults are studying in K-12 or college programs from their homes as well. With no restaurants, theaters or shows to attend, we’re watching streaming videos or playing video games in record numbers. We’re also using cell phones, tablets, and laptop computers at unprecedented levels.
Julia Alexander, who writes for The Verge, cited proof of this in a column on March 27. With the advent of social distancing:
- Binge watch in March is up 65 percent compared to the prior month on HBO
- Movie watching on HBO is up 70 percent
- Netflix has seen a surge in streams
- Disney Plus reports a massive subscription sign-up
- Twitch has seen a 31 percent growth in viewership
- YouTube Gaming has seen a 15 percent increase
Internet Service Providers (ISPs) are being stretched thin due to the burgeoning growth. AT&T CEO Randall Stephenson says mobile WiFi calling is up 100 percent, and mobile data is up 40 percent. In some countries, providers have cut back from HD to standard definition videos. YouTube announced in March that for one month it would automatically degrade videos down to standard definition around the world. Amazon is also taking steps to reduce bit rate streams in countries across the globe.
All of this is happening away from offices, schools and colleges/universities – places which provide firewalls and other forms of security to protect their users. As a result, Americans are more vulnerable than ever to cyberattacks. In this environment, it is up to us to be the first line of defense against cybercriminals, scammers, and phishing attackers.
“Cybercriminals and other hackers are always to looking for any opportunity to gain an advantage. Be on guard against hackers who are using the confusion around working changes caused by COVID-19,” wrote David Mastny, Director of IT Security at Cuyahoga Community College, in an e-mail to college employees on April 3. “Many hackers favor social engineering attacks like phishing that use email to get you to open an attachment, click a link, or take some other action.”
Mastny and many other IT professionals advocate taking a HOVER TO DISCOVER approach any time you see a questionable message. You do this by “hovering” the mouse cursor over a link BEFORE clicking to see where it leads without actually going to the site. If it looks weird or the site is not related to the sender, it is probably malicious. Hovering looks like this:
After hovering, if the site the message is sending you to looks wrong, you should report it as a phishing attack to your employer or school.
If you are using a mobile device, with software such as the free MICROSOFT OUTLOOK app, you can LONG PRESS on the link by pressing for several seconds and will see the same information as hovering. Long
Press looks like this:
Mastny and all IT security professionals are rushing to provide new education and training to their employees. If you receive an update on IT security from your workplace, pay attention to it. The information might prevent you from a cyberattack.
ONE MORE TIP – If your employer or school offers a virtual private network (called VPN, VMI or VDI most frequently) use it. Applications running in a VPN have the functionality, security and management of the private network. That way you have some additional defense against phishers and scammers.
Snopes, Facebook, Twitter, and others are all “taking hits” in the fight to defeat Coronavirus.
Snopes began in 1994 as an online website to debunk urban legends, long before the advent of social media. Accompanying the outbreak of the global Coronavirus pandemic has been an epidemic almost as bad – Disinformation (DI) and organized campaigns aimed at misinforming the public about origins of Covid-19, treatments, and even the disease’s basic symptoms.
The DI campaigns are overwhelming the fact checkers, and also leaving the social media platforms hard-pressed to take corrective action. How bad is it? The World Health Organization stepped up its regular briefings and communications efforts about Covid-19 and cited reports about the Coronavirus as becoming a news “infodemic” on February 3. In the two months since then, hundreds of different conspiracy theories and outright DI campaigns are spreading virally via the Internet.
Here is a quick review of the four categories of fakes in the online world:
- HOAX – People who simply enjoy fooling others with fake reports. Numerous celebrities have all “died falling off a cliff while hiking in New Zealand” in years past. A prankster in Georgia takes credit for these stories. He simply enjoys showing the world how gullible the news media is.
- SATIRE – The Onion and The Babylon Bee are two of the biggest practitioners of satirical stories on the web. This is the internet version the “Weekend News Update” first introduced on the television show “Saturday Night Live” in the 1970s. One hundred percent of the stories on these sites are made up and designed to elicit a laugh (and to get you to visit their web sites so they can sell more advertising.)
- PROFITEERS – This is more serious, at least for those putting time and effort into the process. Profiteers can take on two forms, one more insidious than the other
- Clicks – the actors or companies involved are making money simply by getting you to view their false content. There were thousands of fake news stories planted by “official” sounding websites in the 2016 election campaign, for example. Some of them came from young men called “content farmers” from the nation of Macedonia, who learned that they could make a lot of money from advertising revenue generated from hits on their fake stories. They had no interest in the outcome of the election, but only how to make money on gullible people reading their stories.
- Sales – the actors or companies involved is trying to sell “cures” or products, usually scams, on the Internet. Hundreds of “cures” for Covid-19 are available on various websites, all aimed at getting into your wallet or (even worse) stealing your credit card number.
- MALICIOUS CONTENT – The worst kind of fakes are intentionally and repeatedly putting out false information as part of a planned effort to subvert the truth, reduce faith in democracy and the democratic process, and/or to advance their own agendas. Russia, China, and Iran are all the leading national practitioners of these DI campaigns. Here’s just one example: Last year the New York Times chronicled Russia’s DI campaign to discredit and scare the public over the adoption of 5G WiFi systems. Tragically, its working (see below).
Fake news and DI has spread even faster than the Coronavirus. Snopes has just 10 employees. It has seen 36 million unique visitors to its website in the last 30 days, a 50 percent rise in traffic. It has debunked hundreds of false stories and is checking dozens more every day. The Coronavirus is “the deadliest information crisis we might every possibly have,” says Vinny Green, Snopes’ chief operating officer. Snopes is now adding five more employees to avoid becoming overwhelmed by its visitors.
Social media platforms are also increasing their security personnel, relying more on algorithms to block or take down “inappropriate” content, and — upon investigation — removing malicious content from their services. Facebook Twitter, and other platforms are all reporting rises in the number of accounts they are removing. If you are curious, at the bottom of this column you can see links to websites where Twitter and Facebook report their removal of inauthentic content from their platforms.
What’s truly tragic is that, in some countries and in some circumstances, the DI campaigners are winning. For example, three times in recent weeks citizens in Great Britain have set 5G WiFi cell towers ON FIRE because of unfounded fears that there is a connection between 5G service and Coronavirus! Another story in The Verge (linked below) has the details.
There has been a Russian-led DI campaign for some time now aimed at convincing people in democratic nations that 5G service is harmful. In the U.K., one local radio station even gave a (alleged) “nurse” a 20-minute interview during which she cited phony evidence about the harms of 5G WiFi.
That would never happen in the U.S. Or has it already happened? Citing a 2017 U.S. Director of National Intelligence Report, the Times says that videos posted from the Russia news-propaganda site Russia Today have 1 million views per day.
JOURNALISTS: FIRST DRAFT STEPS UP
At the beginning of March, I was fortunate to attend a Live Simulation seminar at Ohio University, presented by the organization First Draft. For the past five years, First Draft has been on the front lines of communication and education of journalists about the dangers of DI and DI campaigns.
In response to the explosion of DI over the Coronavirus, First Draft has developed a menu of resources for reporters, editors, news directors, and other journalists. It includes:
- Newsgathering and verification tools
- Ethics and responsible reporting guidance
- A database of debunks of mis- and disinformation
- Data and information sources
- A searchable reading list
- FAQs that journalists may have
- Links to sign up for video calls on reporting coronavirus
Of special note is the database, which collates output from more than 70 organizations and is sourced from both Google’s Fact Check Explorer and Poynter’s International Fact Checking Network (IFCN). The IFCN was launched in 2015 as a collaboration of global fact checking all over the world. It has collectively published more than 800 fact checks about coronavirus in the first seven weeks of the outbreak and is continuing to publish regular updates on coronavirus misinformation.
First Draft has developed a terrific acrostic and a visual to remind journalists and all of us about disinformation – don’t be SHEEP. In this acrostic, the word stands for Source, History, Evidence, Emotions and Pictures. See the visual below.
Kudos to First Draft, and thank you to its many supporters and to the media outlets who rely upon its resources during this crisis. DON’T BE A SHEEP.
(NOTE: The next part of “China vs. the Truth” will appear later in April. Due to the rising number of phishing attacks and disinformation, I thought it best to provide information for a public service and for advice to journalists and media outlets with this column.)
Permission is granted to reuse all or any portion of this content. Connect with the author at firstname.lastname@example.org or via Facebook or Twitter.
MORE LINKS TO SOURCES