In the age of fake news, as individuals we are being encouraged to check the sources of information that we use. One of the primary sources that we are often told can be trusted, is our own government, especially on political topics. In this instance, a governmental emergency early warning network was compromised by hackers in Australia.
What happened?
Australian emergency warning service The Early Warning Network, was recently hacked by an unknown group of attackers, who used the service to distribute a message to registered individuals: “EWN has been hacked. Your personal data is not safe. Trying to fix the security issues,”.
If this sounds like something out of the plot of a film, that’s because it’s not far off: In Die Hard 4 terrorist hackers released news about a fake attack on the Whitehouse, causing widespread panic and concern.
Why does it matter?
Luckily, in this instance, the hackers didn’t attempt to send out a fake emergency alert. However, emergency systems are designed to facilitate mass communication—particularly in situations where other sources of information may not be available for fact checking—so, misuse is a major concern.
In short, an emergency system that no one trusts is useless.
What can we learn?
With information so easily obtainable online, it is important for trusted primary sources to stand out above the rest of the noise and maintain that trust.
This situation demonstrates one of the key risks of backup and emergency systems; they must be easy to use, resilient, and secure enough to avoid misuse by unauthorised parties. This will ensure the trust factor does not deteriorate.
Of course, such competing factors can often compromise each other without careful design.
All too often, security is solely focused only on confidentiality (keeping things secret), but it is important to remember that integrity (ensuring that information is correct) is equally a security concern. As governments and companies move more services—and methods of information dissemination online—they need to take great care to ensure the integrity of the data they release. Failure to do so, can result in reputational risks primarily but, in the long term, a breakdown of trust between official information and the intended recipients may cost lives.
For more information about this story.
Insights
The 'oligarchisation' of politics online - Digital Threat Digest
Everything that I have learned about the US elections this year has been against my will. Don't get me wrong, I am well aware that whoever controls the White House has significant impact around the world, and I will admit that keeping up with American politics makes me a better analyst.
Threat Intelligence and the Hydra of decentralised Extreme Right-Wing organisations
Digital threat intelligence helps us respond to harmful entities and their activities online. As our professional investigation capability evolves, so do the online tactics of threat actors themselves, in something of a perpetual cat and mouse game.
Weather seeding and FEMA patrols: Conspiracy to armed action - Digital Threat Digest
I don’t think many people have escaped the devastating news about the recent hurricanes that have hit the US in recent weeks.