Welcome to Cyber Security Today, the Week In Review edition. It’s Friday October 30th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. This week I’ll be looking at the news with guest analyst Dinah Davis of Arctic Wolf. But first a roundup of the top news in the past seven days.
Developers continue sneaking questionable apps into the Google Play Store, and Google keeps having to delete them. The latest bunch were discovered by security firm Avast. The apps are games. However their real purpose is to plant adware on victims’ smartphones. The developers get money from advertising networks that pay for apparent clicks on the ads — ads you don’t want. Always be careful what you download.
The FBI and the U.S. Cybersecurity and Infrastructure Agency are warning that ransomware attacks against hospitals may increase. The agencies said they have credible information that a new wave of attacks are about to happen. Healthcare institutions are urged to have and practice their business continuity plans, train employees to be careful opening attachments and to install software patches quickly.
Coincidentally this month here in Canada the province of Ontario announced a panel of experts will look into ways of helping publicly-funded organizations like hospitals, municipalities and school boards to increase their cybersecurity.
Meanwhile the ransomware gang called REvil told the Bleeping Computer news service it has made more than $100 million in the past 12 months. That claim could not be verified.
Security researchers found an Internet-connected irrigation management application made by a Motorola division has a big vulnerability: There’s no default password on the administration console. That means a hacker who gets access could easily take over a system. Users of the software have been warned.
Finally, after lots of complaints Zoom is starting to add end-to-end encryption to its videoconferencing service. That helps protect meetings from eavesdropping. Right now it’s a technical preview before the final version.
This week’s guest analyst is Dinah Davis, vice-president of research and development at Arctic Wolf. With the U.S. elections taking next week we should talk about potential election interference, misinformation and disinformation.
Unfortunately the Internet is a great vehicle for countries and activists to sew confusion among electorates. Last month Microsoft said it detected groups operating from Russia, China and Iran launching online attacks on people and political organizations associated with campaigns in the U.S., the FBI told Congress that Russia is spreading misinformation through social media, ransomware hit an American county’s election infrastructure and this week a group of British members of Parliament demanded an independent inquiry into allegations of Russian disinformation there.
Dinah, are countries prepared to deal with online threats to democracy?
“I think they are today. Four or five years ago, I don’t think they were as is evidenced by what we found out about what Russia did with the 2016 elections in the U.S. There’s really two strategies for foreign nations to interfere: They can either change the actual votes, or they can try and change the minds of the people who are voting. Changing the votes is hard in Canada. I would say it’s virtually impossible with how our voting system works. The ballots are paper, they’re counted electronically for speed but recounted manually for accuracy. Each party has a representative at every polling station., and it’s overseen by a bipartisan third party.
“In the U S is a little harder. because every state and county can decide how the voting will happen … I think foreign nationals have gone more with trying to change the minds and that’s definitely where they went in 2016.”
Are social media platforms like Facebook, Twitter, and others are trying to catch misinformation. It seems they can’t delete fake accounts fast enough. Are they doing enough?
“I don’t think they’re doing enough. I think they are making more of an effort now than they ever have, though. And I think they are trying to go in the right direction. It’s a sticky situation. You want to stop disinformation, but you don’t want to prevent freedom of speech. You don’t want to stop legitimate conversations from happening. So it’s not, it’s not a cut and dry thing.”
To hear the full conversation with Dinah click on the ‘play’ arrow above.