TechLetters #29 - dangerous cyber tool in use; HSE patient data is leaked; Belgium hacked; auditing AI systems is very difficult, on professional disinformation tactics applied to vaccines...
Security
Wiper cyber tool. An ‘Apostle’ group created and deployed a data-destroying tool (wiper), disguised as ransomware, in fact, not so. We know this cyber-tool design pattern from the NotPetya worm in 2017: its target was havoc and disruption, not monetary gain. If used within an ongoing armed conflict, it would technically be designated as cyber weapon, means or methods of warfare.
HSE incident continued. Irish public health compromise is a developing story. Patient data is being leaked. Not fun.
BE gov hacked. Belgian Ministry of Internal Affairs hacked (via MS Exchange servers). For two years (since April 2019). That’s a pretty impressive dwell time.
AI auditing is complex. Indeed, not a piece of cake. Small white paper on the topic. “AI is not secure by design”.
Black vaccine PR/disinformation. Mysterious PR(?) agency hiring influencers in France to discredit vaccinations and vaccines, specifically Pfizer. For example - to spread false, exaggerated data concerning the mortality rate. Is this still “PR”, even? Looks like informational destabilization.
Cyber espionage vs Russia. A cyber espionage activity has been detected in Russia, targeting government organisations. Technical report here (in Russian)
Technology Policy
Covid origins and implications for disinformation. Oddly, the lab-leak hypothesis of Covid19 origins is back in the mainstream. After much time of being cleansed from the public opinion venues, including social media, including via technical censorship means (under the disguise of fighting disinformation)? Here's the example of Facebook using this to modulate the public discussions, eschewing certain topics from the public existence, under the guise of 'meritocracy'.
we are expanding the list of false claims we will remove to include additional debunked claims about the coronavirus and vaccines. This includes claims such as:
COVID-19 is man-made or manufactured
Meanwhile, this is no longer an aspect of ‘conspiracy theoretic’ thinking. In fact, maybe it never was?
Other
More fraud, please? A good-intentioned counter-intuitive call to commit more fraud in Computer Science research: “Undermining the credibility of computer science research is the best possible outcome for the field, since the institution in its current form does not deserve the credibility that it has” (link).
In case you feel it's worth it to forward this letter further, I leave this thingy below: