Malware

SPOTLIGHT ON SECURITY

Bot Armies Boost Candidates’ Popularity on Twitter

Internet bots have many useful online purposes, but they have a dark side, too, as three researchers demonstrated in their analysis of Twitter traffic during the first presidential debate between Hillary Clinton and Donald Trump.

Bots are used to automate functions on the Net. For example, if you belong to several social networks, you could use a bot to post a photo to all of them at once, saving the time of logging onto each network and posting the pic individually.

What the researchers found was that bots also can be used to amplify support on Twitter.

Manufactured Support

The researchers tracked how automated accounts were tweeting messages with hashtags associated with the candidates. For example, #makeamericagreatagain or #draintheswamp for Trump; #imwithher for Clinton. They found that one-third of all tweets using pro-Trump hashtags were created by bots and one-fifth of all Clinton hashtags were generated by automated accounts.

How might that affect public opinion?

“They act as a prosthesis for small groups of people to affect conversation on social media,” said Samuel Woolley, director of research at Political Bots, a project to assess the effect of automated advocacy on public life. Woolley coauthored the report on debate bots with Bence Kollanyi of Corvinus University and Philip N. Howard of Oxford University

The effect of that prosthesis can be multiplied by news media.

“A lot of conversations on social media, especially those followed by journalists, are about what’s trending and what candidate has a lot of support online,” Woolley told TechNewsWorld, “but what we found was that a lot of traffic surrounding Donald Trump and Hillary Clinton is actually manufactured.”

The researchers do not know who is behind the bots, but the practice isn’t new.

“We know that in the past, Republican and Democratic candidates in the United States have been connected to either social media management or content management firms or ‘astroturf’ activists that have built bots for the candidates,” Woolley said.

Gravy for Nation-States

Such bots were used in the 2008 special election to fill Ted Kennedy’s Massachuetts Senate seat in 2008, according to a 2010 study by two researchers at Wellesley College, Panagiotis Takis Metaxas and Eni Mustafaraj.

A conservative group in Iowa, the American Future Fund, set up nine Twitter accounts that sent 929 tweets and reached more than 60,000 people with messages accusing the Democratic candidate in the race, Martha Coakley, of being anti-Catholic, the researchers found.

Nation-states aren’t above using such tactics either.

“Political actors and governments worldwide have begun using bots to manipulate public opinion, choke off debate, and muddy political issues. Political bots tend to be developed and deployed in sensitive political moments when public opinion is polarized,” Woolley and his colleagues wrote in their report.

“We know for a fact that Russia, as a state, has sponsored the use of bots for attacking transnational targets,” Wooley pointed out.

“Other governments do it, too. We’ve had cases in Mexico, Turkey, South Korea and Australia,” he added. “The problem is that a lot of people don’t know bots exist, and that trends on social media or even online polls can be gamed by bots very easily.”

Distorting Democracy

Bots aren’t just a Twitter problem — they’re an Internet problem.

“The proportion of bots to humans on the Internet is about 50-50,” said Tim Matthews, vice president of marketing at Imperva.

“Any task that is repetitive or mundane or can be simply automated is a likely candidate for a bot to take over,” he told TechNewsWorld, “so it’s not surprising to see more and more bots being used in social media for that reason.”

Bots have many good uses. For example, Web spiders are bots used by search engines to keep their indexes current. However, in a political context, they can have undesirable effects.

“These sorts things can distort democracy if used for purposes of propaganda, but they can be used to support democracy if they’re used for beneficial reasons,” Woolley said.

That said, “there has to be some kind of regulation of this — whether by the platforms themselves or government or advertisers,” he added. “At the moment, there’s a lot of fake political speech online, and it can definitely affect the way that people perceive politics and democracy.”

Tech-Support Scams

Tech support scammers raked in US$1.5 billion in 2015, based on Microsoft’s estimates, and the problem is getting worse, suggests a recent report from Malwarebytes.

Once carried out by telemarketers making cold calls, these scams now operate through tech support lines listed on websites, or they use pop-ups to get victims to call, the report notes. Instead of receiving help, users find their computers held for ransom.

These tech support scams aren’t easy to spot, the report notes. Their tactics have become so advanced that almost anyone could fall for their tricks.

Further, getting on a tech support scammer’s call list can be a descent into cold call hell for a consumer.

“It got so bad, I canceled my landline,” said Jean-Philippe Taggart, a senior security researcher with Malwarebytes Labs.

“I wasn’t getting any more phone calls except those from people pretending to be from Microsoft telling me that my computer was infected,” he told TechNewsWorld.

From Cold Calls to Ransomware

When consumers began hanging up on the scammers’ cold callers, they changed their tactics. “They moved to targeted advertising that masquerades as error messages,” Taggart explained.

When consumers browsed certain websites, a pop-up ad resembling an error message appeared on the screen with instructions for calling “support.” Once contact was established, the scammers used social engineering to wring money from the consumers.

Now some tech support scammers have gone beyond pop-ups.

“They’re starting to use malicious software,” Taggart said.

They’ll buy a spot in a software bundle to have their software installed with legitimate offerings in the package.

“The software will lock up your computer, so the victims are no longer people who lack computer savvy,” Taggart explained. “If you get one of these attacks as a vector, you’re stuck. You can’t use your computer until you call fictitious tech support.”

Breach Diary

  • Oct. 17. StartPage, a European meta search engine, announces it’s dropping Yahoo search from its website because of Yahoo’s lack of openess about privacy and a massive data breach in 2014.
  • Oct. 17. Katy Independent School District in Texas warns 78,000 students and staff members their personal data is at risk due to a data breach.
  • Oct. 19. Czech police announce they have arrested a Russian citizen in Prague wanted by the FBI in connection to 2012 data theft of 117 million passwords at LinkedIn.
  • Oct. 18. Redbus, an Indian online travel ticketing platform, confirms data breach that may have compromised more than 4 million accounts. Company advises all its users to reset their passwords.
  • Oct. 18. Veracode releases “State of Software Security” report, which includes finding that about 97 percent of Java applications contained at least one component with a known vulnerability.
  •  
  • Oct. 19. Federal Reserve, FDIC and OCC issue notice of proposed rulemaking seeking comments on a set of enforceable cybersecurity standards for banks with more than US$50 billion in assets.
  • Oct. 20. National Payments Corporation of India reports some 3.2 million payment cards have been compromised in massive ATM security breach.
  • Oct. 20. Weebly, a San Francisco-based website creation company, starts notifying more than 43 million customers their personal information is at risk due to data breach that occurred in February.
  • Oct. 21. Kenya Commercial Bank dismisses reports earlier in the week that it was the victim of a data breach. It says the reports were based on malicious information aimed at upsetting its customers.
  • Oct. 21. Baystate Health in Springfield, Massachusetts, announces personal data of 13,000 patients is at risk from data breach in August.
  • Oct. 21. John McAfee tells CSO Online that his sources on the Dark Web lead him to believe that Iran was behind the hack of the Democratic National Committee in July.

Upcoming Security Events

  • Oct. 31. Can Privacy and Government Encryption Backdoors Co-Exist or Is It an Oxymoron? 1 p.m. ET. Webinar by Twistlock. Free with registration.
  • Nov. 1-4. Black Hat Europe. Business Design Centre, 52 Upper Street, London, UK. Registration: before Sept. 3, Pounds 1,199 with VAT; before Oct. 29, Pounds 1,559 with VAT; after Oct. 28, Pounds 1,799 with VAT.
  • Nov. 3. Vawtrak v2: The next big banking Trojan. 11 a.m. ET. Webinar by Blueliv Threat Intelligence Research Labs. Free with registration.
  • Nov. 3. Benefits and Implementation of EMV Tokenization for Stronger Payments Security. 1 p.m. ET. Webinar by Smart Card Alliance. Free with registration.
  • Nov. 7. The Cybersecurity Agenda for the Next President. 2 p.m. Online panel discussion. Free with registration.
  • Nov. 8. One Firewall to Rule them All! 5 a.m. ET. Webinar by Fortinet. Free with registration.
  • Nov. 8. Withstanding a Ransomware Attack: A Step-by-Step Guide. 9 a.m. ET. Webinar by Netwrix. Free with registration.
  • Nov. 8. How Can I Automatically Find and Fix My Data Security Blind Spots? Noon ET. Webinar by Compliance Engineering. Free with registration.
  • Nov. 8. Addressing Security Analyst Fatigue in the SOC. 2 p.m. ET. Webinar by Syncurity. Free with registration.
  • Nov. 9. Don’t allow security & data regulations to slow business transformation. 6 a. m. ET. Webinar by Symantec and Bluecoat. Free with registration.
  • Nov. 9. Data Protection & Incident Response. 9 a.m. ET. Webinar by the Cyber Management Alliance. Free with registration.
  • Nov. 9. Data Protection: Going Beyond Encryption and Residency. 9 a.m. ET. Webinar by FireEye. Free with registration.
  • Nov. 9. Learn how to prevent the worst from happening when it comes to key loss 11 a.m. ET. Webinar by Product Marketing. Free with registration.
  • Nov. 9. Abusing Bleeding Edge Web Standards for AppSec Glory. Noon ET. Webinar by Cyph. Free with registration.
  • Nov. 9. Data Protection & Incident Response: Protecting Your Assets During a Crisis. 2 p.m. ET. Webinar by Iconic Security.
  • Nov. 9. Using Privileged Access Management to Beat Back Insider Threats. 4 p.m. ET. Webinar by Onion ID. Free with registration.
  • Nov. 9-10. SecureWorld Seattle. Meydenbauer Center, 11100 NE 6th St., Bellevue, Washington. Registration: conference pass, $325; SecureWorld Plus, $725; exhibits and open sessions, $30.
  • Nov. 10. How to Protect Your Organization’s Confidential Data. 10 a.m. ET. Webinar by BrainStorm. Free with registration.
  • Nov. 10. Protect Against Cyber Attacks with Deep Learning. 11 a.m. ET. Webinar by Deep Instinct. Free with registration.
  • Nov. 10. Enhance Privacy and Security with Integrated IAM. 2 p.m. ET. Webinar by Forte Advisory. Free with registration.
  • Nov. 12. B-Sides Jackson. Old Capitol Museum, 100 South State St., Jackson, Mississippi. Free.
  • Nov. 12. B-Sides Atlanta. Atlanta Tech Village, 3423 Piedmont Rd. NE, Atlanta, Georgia. Free.
  • Nov. 12. B-Sides Boise. Trailhead, 500 S. 8th St., Boise, Idaho. Cost: $10.
  • Nov. 12. B-Sides Charleston. Beatty Center, College of Charleston, Charleston, South Carolina. Free.
  • Nov. 15. Wrangling Unicorns — A Skills Shortage Survival Guide. 10 a.m. ET. Webinar by Acumin Consulting. Free with registration.
  • Nov. 23. Security: Enabling the Digital Revolution Without Disruption. 10 a.m. ET. Webinar by Alert Logic and Rackspace.
  • Nov. 28-30. FireEye Cyber Defense Summit 2016. Washington Hilton, 1919 Connecticut Ave. NW, Washington, D.C. Registration: through Sept. 30, general admission, $495; government and academic, $295; Oct. 1- Nov. 21, $995/$595; Nov. 22-30, $1,500/$1,500.
  • Dec. 2-3. B-Sides Phliadelphia. Drexel University, 3141 Chestnut St., Philadelphia, Pennsylvania. Free.

John P. Mello Jr.

John P. Mello Jr. has been an ECT News Network reporter since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix, Megapixel.Net and Government Security News. Email John.

1 Comment

  • I’m kinda surprised at myself, but my first reaction is I need to become proficient at using bots myself because they are just the current vehicle to being heard, to have power in the internet swarm of conversation. There definitely seems to be little chance that I could find a way to defeat or render meaningless the use of bots by others.

    Sidenote: so, I noticed that the security events reference list after the article allowed attendance by those who registered (provide their email and trust). Yeah, really.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by John P. Mello Jr.
More in Malware

Technewsworld Channels