Media

Published on Friday, 01 March 2019 09:00

Last updated: March 2017

OVERVIEW

Cyberspace has made it relatively easier for attackers to gain unauthorised access to media channels to hijack their pervasiveness, credibility, and influence for their own nefarious objectives. These may include: supporting state-level cyber and propaganda campaigns such as through the spread of fake news; falsifying and amplifying the impact of a crisis; and stealing and selling personal identities, among others. Social media’s near real-time distribution of news and other information to a mass audience makes it ideal for carrying out those activities.

media

In a highly-connected society like Singapore, where almost 80 per cent of the population are active social media users, such activities have the potential to cause public alarm, undermine trust in legitimate information sources and government communication. Even as media and infrastructure owners continue to take steps to secure their channels or networks, individuals and entities need to practice proper cyber hygiene too to lower the risk of compromise to their online lives.

REPORTS

MIND THE MALVERTISING

Malicious advertising (“malvertising”) typically lures victims by enticing them to click on banner or pop-up ads on websites. A campaign last year did not even require one to click on these ads. Reportedly run by a group dubbed AdGholas, the campaign leveraged weaknesses in the Microsoft Internet Explorer and Edge browsers to deliver banking Trojans and ransomware to users’ computers.

Despite efforts to scan ads for malicious code, ad networks still fall victim to groups such as AdGholas who run sophisticated campaigns using tactics to avoid detection, such as small adjustments in code to steer clear of victims who are likely security researchers.

Avoid suspicious websites, and patch your Web-enabled devices regularly to reduce the threats from malicious ads.

Read on by clicking on the story below:


PENDING US CONGRESSIONAL BILL DEFINES TV, RADIO AS ‘CRITICAL INFRASTRUCTURE’

The Cybersecurity Responsibility Act, introduced in the US House of Representatives in March 2017, would require the Federal Communications Commission to adopt rules on cybersecurity protections for communications networks. It defines those networks as “for the provision of… radio or television broadcasting, cable service, direct broadcast satellite service, or any other communications service”. The Bill would next have to be approved by Senate before it enters into legislation.

Read on by clicking on the story below:


HACKERS HIJACK PROMINENT TWITTER ACCOUNTS

Twitter accounts of news and other organisations have been hacked to spread fake news, ideological messages and other information. Accounts belonging to Amnesty International, BBC North America, German newspaper Die Welt, Duke University, Forbes Magazine, New York Times, and Reuters Japan have been compromised.

For instance, on 22 January 2017, hackers hijacked the New York Times Twitter account and issued a “breaking news” alert just two days after the US Presidential inauguration. The tweet sent through @nytvideo said: “BREAKING: leaked statement from Vladimir Putin says: Russia will attack the United States with Missiles”. After NYT took down the post, hacker group OurMine “re-hacked” @nytvideo to show how easy it was to compromise the account.

Amid rising tensions between Turkey and the Netherlands, content supporting Turkish President Recep Tayyip Erdogan, along with Turkish-language hashtags reading “NaziGermany” and “NaziHolland”, was posted on Twitter on the morning of the Dutch elections on 15 Mar 2017.

Perhaps a note to self: verify before sharing or forwarding news alerts, especially those that are potentially alarming.

Read on by clicking on the story below:


SOCIAL MEDIA: A HUNTING GROUND FOR CYBER CRIMINALS

The interconnectivity of social media and the “inherent trust” that people have in it makes it the perfect medium for proliferating malware, conducting social engineering reconnaissance, stealing credentials, and trading stolen information.

Malware proliferation is the most widespread threat; infected advertisements and drive-by downloads – where malware infects devices when users merely visit a website that is running malicious code – can make anyone a victim or even a conduit for a more serious cyber-attack. Do think twice before clicking on an e-mail attachment, an unfamiliar Web link, or a pop-up ad.

Read on by clicking on the story below:


BROWSER MALWARE INFECTION LEADS TO LEAK OF 32MILLION TWITTER ACCOUNT PASSWORDS

Hackers are believed to have used malware infecting browsers such as Firefox or Chrome to collect more than 32 million Twitter login credentials. The information was put up for sale in the dark web.

LeakedSource, a site with a search engine of leaked login credentials, suggested that people tended to re-use passwords across several social media sites, and used poor passwords such as “123456” and “password”. Tip: Turn on two-factor authentication and vary passwords to reduce the risk that various social media accounts are not hacked all at once.

Read on by clicking on the story below:


PHILIPPINE LAWMAKER SEEKS PENALTY AGAINST SOCIAL MEDIA TO STRENGTHEN CYBERSPACE PROTECTION

A Philippine lawmaker is proposing to take social media companies to task if they allow fake news to propagate on their pages. Senator Francis Pangilinan said the intent is “to protect the integrity of cyberspace”, to prevent social media from becoming a tool for sowing dissent and undermining constitutional freedoms.

He noted that Facebook, with 47 million accounts in the Philippines, is considered the most popular and “highly trafficked social media networking site”. He added that the propagation of fake news stories has become an “effective weapon of several political operatives to influence public opinion and national discourse”.

Read on by clicking on the story below:


SOURCES INCLUDE: Bank InfoSecurity, Multichannel, Security Affairs, The Verge, BBC, TechCrunch, Philippine Daily Inquirer