MY TAKE: The many ways social media is leveraged to spread malware, manipulate elections

Remember how we communicated and formed our world views before Facebook, Twitter, Instagram, Reddit, CNN and Fox News?

We met for lunch, spoke on the phone and wrote letters. We got informed, factually, by trusted, honorable sources. Remember Walter Cronkite?

Today we’re bombarded by cable news and social media. And Uncle Walt has been replaced by our ‘friend circles.’

This is well-understood by those with malicious intent and hacking capabilities. And this is why they’ve adopted social media as the go-to platform for spreading malware and propaganda.

Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks, has been studying this development closely. I spoke with Hahad at Black Hat USA 2018. Give a listen to our full conversation on the accompanying podcast. Here are a few takeaways:

Faked social media

It’s human nature to trust people a little more who are in your circle of friends. We’re wired to relax our judgment and click more quickly on items sent by someone we’re familiar with, be it an image, a document, a video clip or a webpage link.

It goes further than that, Hahad argues. He contends that a lot of us tend to more quickly believe the information shared by our circle of friends, and that we often fail to verify and think critically. And this is exactly what Hahad and his team of security analysts observed during the 2016 elections.

“The most publicly visible aspect is swaying voter opinion on certain questions,” he explains. “That has been happening through the fake accounts we know of, through a lot of the fake websites that have been specifically put up to promote certain views, and some of that was to mostly sway discourse.”

The second aspect was less publicized, but it is a technique regularly used in the past to compromise users and businesses. The bad actors went phishing to gain access to candidates’ inner circles, like the DNC hack. It’s all about gaining insider intelligence and gain control of devices and networks, and then using it against the candidate – now or later.

Under attack

The evidence is deep and clear that the 2018 elections are under attack, as hackers have attempted to break into voter databases and compromise voting software and machines.

“What has been real captivating recently is the attacks coming from random people that you may not know within your circle of friends,” he told me. “It has become a ‘let me compromise a first layer of friends and then use their account to send you the true malware and links that I want you to click on.’”

Big distinctions are emerging when comparing 2018 election tampering to 2016. This time around Facebook, Twitter, Google, Reddit, Instagram and other media sites profess to be prepared to deal with threat actors spreading disinformation.

Indeed, the social media companies are in good position to monitor for activity distributed by the Russian botnets that were so prevalent in spreading false and divisive memes in the 2016 election. And they have the technical chops to keep the Russian propaganda botnets in check.

However, a new variable is in play this time around. This is a midterm election, with no national presidential race. Disinformation campaigns – and any election tampering — will be carried out state by state and county by county.

Preserving democracy

Dishonorable actors by necessity must localize their attacks. That said, Hahad expects smaller scaled attacks targeting specific locations and candidates. Collectively, these attacks could turn out to be just as effective at this local scale, as the nationwide attacks were in swaying the 2016 presidential elections.

Smaller, localized attacks will be much more difficult for the social media giants to detect and deter.


“The signal is getting lost in the noise,” says Hahad. “It is important for the platforms deploying the analytics to try and focus on some of the areas, some of the demographics that really matter, and apply techniques on a smaller scale.”

This is stacking up to be an enormous challenge for Twitter, Facebook, Google et. al. Hahad argues that the burden lies squarely with the social media platform providers to step up and do all that they can to remove the shroud of an overtly manipulated election.

Yet there is nothing, really, to compel them to act honorably and for the greater good of the country. Our one hope is that the powers that be at Twitter, Facebook, Google et. al, will recognize the value of preserving the democratic principles and institutions that made their existence possible – and can assure their futures.

Last Watchdog’s Sue Poremba contributed to this report.

 (Editor’s note: LW has provided consulting services to Juniper Networks)

*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: