The fake pdf attached to the "PURCHASE ORDER 05-30-2023" email contains a link, from which you download a tgz file with a TAR, inside which there is an exe: the malware.
EU, ENISA suggests how to increase members cyber security ahead of elections
Electoral processes in the EU are at high risk of cyber attacks for different motivations. ENISA issued some suggestions to better protect the votes. Starting from the one for the European Parliament
ENISA, the European Union Agency for Network and Information Security, issued some suggestions on how to increase the cyber security of the next EU elections. The occasion is the upcoming vote for the European Parliament. In fact, there is a high risk of attempts to meddling by cyber means. Threat actors have different motivation. From financial gain (cybercrime) to fame and reputation, or to provoke chaos and anarchy, undermine trust in democracy, and subvert political opposition (state-sponsored hackers). While the risk associated with the voting process can be considered to be somewhat reduced, nonetheless, the public political campaigning process is susceptible to cyber interference, as seen in the past election campaigning processes, compromised due to data leaks.
The ENISA recommendations to increase EU cyber security ahead of elections
The most important recommendations that ENISA to increase the EU members cyber security in order to protect elections are many. The most important are 8:
- Member States should consider introducing national legislation to tackle the challenges associated with online disinformation while protecting to the maximum extent possible the fundamental rights of EU citizens;
- Member States should continue to actively work together with the aim to identify and take down botnets;
- Consideration should be given to regulation of Digital Service Providers, social media, online platforms and messaging service providers at an EU level to ensure a harmonised approach across the EU to tackling online disinformation aimed at undermining the democratic process;
- The above players are also advised to deploy technology that will identify unusual traffic patterns that could be associated with the spread of disinformation or cyber attacks on election processes;
- A legal obligation should be considered to classify election systems, processes and infrastructures as critical infrastructure so that the necessary cyber security measures are put in place;
- A legal obligation should be put in place requiring political organisations to deploy a high level of cyber security in their systems, processes and infrastructures;
- Official channels/technologies for the dissemination of the results should be identified, as well as back-up channels/technologies that validate the results with the count centres. Where websites are being used, DDoS mitigation techniques should be in place.
- Political parties should have an incident response plan in place to address and counter the scenario of data leaks and other potential cyber attacks.
AI has a potential against Fake News and online disinformation, but humans remain the core in fighting the phenomenon
According to ENISA, online disinformation represents another tool that may be used by malicious actors to influence human decision-making. So-called “fake news” has gained the attention of the media and policymakers due to reports of its misuse in both the media and on social networks with the intention to influence the opinions of citizens, which potentially have a consequential effect on voting choices. Examples include the alleged interference in the British EU membership referendum, 2016 US and 2017 French presidential elections. Other documented examples include the use of social media profiling to target voters without either their knowledge or their consent. Artificial Intelligence (AI) have a potential in combating online disinformation. However, alone is not a silver bullet. AI will have difficulty in addressing cultural differences, political humour, cynicism, satire, and other non-literal means of communication. Consequently, any analyses must be validated by humans.