As Coronavirus Infects The Internet, Are Google And Twitter The Cure?

Given the severity of the coronavirus outbreak, a previously unknown virus that has been declared a public health emergency of global concern, it was inevitable that the internet would have a leading role as this global drama played out. It was equally inevitable that "the cyber" would take the part of both hero and villain.

Coronavirus outbreak used by cyber-criminals to spread malware

The BBC reports that there have been around 10,000 confirmed cases of coronavirus, and more than 200 deaths so far. A virus that has already spread to 22 countries. This is, without a doubt, a news story of global importance. It would have been a minor miracle, then, had the appetite for information regarding the deadly outbreak not been exploited by cyber-lowlife. I don't believe in miracles, of any size, and none has been evident here. Cyber-criminals have just one motivation: to make money fast. They will do whatever it takes to achieve this, and that includes exploiting coronavirus fear, uncertainty and doubt. And, yes, cyber-criminals have already started phishing campaigns related specifically to the coronavirus outbreak.

On January 22, the U.S. government Cybersecurity and Infrastructure Security Agency (CISA) issued an alert for people to be aware of an increase in targeted Emotet malware attacks. It is the Emotet group that has been behind the first wave of coronavirus malware campaigns. Using emails that purport to come from official public health centers, the heartless hackers attach Microsoft Word documents that supposedly contain advice on protection against contracting the virus. It is hardly surprising, given the circumstances, that people open those documents. If they do, however, then a message informing them to enable content will appear, and the infection is made. It then uses the infected computer to spread the malware campaign further. Distribution isn't the only motive; there's a credential-harvesting payload as well. But it doesn't stop there. The Emotet payload will also log your browser history and search for documents that will then be transferred to the cyber-criminal servers.

"The sole intention of these threat actors is to play on the public’s genuine fear to increase the likelihood of users clicking on an attachment or link delivered in a malicious communication," Dr. Francis Gaffney, director of threat intelligence at Mimecast, said, "to cause infection, or for monetary gain."

Researchers at IBM X-Force, who first reported the Emotet coronavirus campaign, said that they expect to see "more malicious email traffic based on the coronavirus in the future, as the infection spreads."

Mitigating the coronavirus malware infection risk

As always, the recommended mitigation against such Trojan-dropping malware is to not click on unsolicited links or open attachments to those emails. Spread the word of this campaign to as many people as you can, family, friends and work colleagues. The more people who are aware of it, the less will likely be infected by Emotet. "It is vitally important to be aware of this," said Dr. Gaffney, "I urge everyone to be vigilant at this time in relation to any emails or electronic communications purporting to be in relation to the support of those affected by the coronavirus."

The coronavirus cyber-infection isn't just about malware

Unfortunately, the degree to which the online world has responded negatively to the coronavirus isn't just limited to cyber-criminals and malware distribution campaigns. Misinformation regarding the spread of the virus, and a variety of disingenuous claims of cure, is rife across social media. There are conspiracy theory tweets claiming that the Bill and Melinda Gates Foundation was funding the "patented virus," and TikTok videos suggesting the Chinese government created the disease. The level of misinformation goes way beyond being just a "fake news" issue, in times like these such postings can be dangerous by selling snake oil cures or simply pushing baseless, incorrect, advice.

How the cyber is fighting back against coronavirus misinformation

Google has activated an SOS alert in conjunction with the World Health Organization to enable easier access to safety information. Google SOS alerts display news content that is relevant, as well as relevant localized updates if needed.

Google has also announced that, via Google.org, it has made a direct grant of $250,000 (£189,000) to the Chinese Red Cross and a fund-raising campaign that had raised more than $800,000 (£606,000) as of January 30.

In a blog posting, Twitter said it has "invested significantly in our proactive abilities to ensure trends, search, and other common areas of the service are protected from malicious behaviors," as part of a system to help people find credible coronavirus information while removing disinformation. This is all part of an expansion of Twitter's "KnowTheFacts" prompt that was created to help people find credible information regarding vaccinations.

In the U.K., the Department of Health and Social Care has partnered with Twitter to highlight guidance at the very top of any coronavirus-related search. Similarly, Twitter announced that it had adjusted the search prompt in key countries to "feature authoritative health sources when you search for terms related to coronavirus" so in the U.S. you'll see credible information from Centers for Disease Control and Prevention.

There are also coronavirus partnerships in place for Australia, Brazil, Canada, Denmark, France, Germany, Hong Kong, Japan, Malaysia, New Zealand, Philippines, Singapore, South Korea, Spain, Taiwan, Thailand and Vietnam.

Meanwhile, Facebook has said that it is also "working to limit the spread of misinformation and harmful content about the virus and connecting people to helpful information." In a posting, the social network said that a global network of third-party fact-checkers is reviewing content and "debunking false claims" to reduce the spread on both Facebook and Instagram platforms. Content that has been flagged by global health organizations or local health authorities as being likely to "cause harm to people who believe them" will be removed, the Facebook statement confirmed.

TikTok has also introduced new measures to report videos that may contain deceptive information. "If you come across a video you believe may contain intentionally deceptive information, you can report it by selecting the new 'misleading information' category," Rey Allie, from trust and safety product strategy at TikTok, said.