Connect with us

Cyber

Big tech must be forced to tackle online child sexual exploitation and grooming

Published

on

new UK internet regulator

After years of rapid growth, major social media firms have seen their fortunes plummet over recent months, with both Twitter and Facebook suffering large slumps in their share prices after breaking out disappointing new user numbers over the summer. Whether or not privacy issues, the dissemination of fake news or accusations of political bias are turning users away from these platforms, it appears they are heading back down to earth at a fast pace. A major reason for their fall might have something to do with their almost maniacal pursuit of growth at all cost, regardless of the impact this might have on the wellbeing of their users. Just last month, Facebook co-founder Aaron Greenspan told the Telegraph that Mark Zuckerberg had designed the platform to be as addictive as possible, ignoring warnings that lives could be lost as a result of the way in which it is structured.

While it might be a little strong to suggest that Zuckerberg cares little as to whether lives are lost as a result his company’s activities, social media firms in general appear less than willing to invest in measures designed to protect their users from potentially harmful content. While spending billions of dollars on research and development each year in pursuit of the next big tech trend, these companies spend only a fraction of their huge profits on eradicating illegal content from their networks, be it related to drugs, weapons, people smuggling or child sexual exploitation.

Earlier this week, UK Home Secretary Sajid Javid delivered a speech in which he told major tech firms such as Microsoft, Google and Twitter they must do more to tackle online child sexual exploitation and grooming, and that he would not be afraid to take action against them if they failed to do so. Noting how online paedophiles have become as determined as terrorists to cover their tracks online, Javid told an audience how predators in Western nations such as Britain are increasingly live-streaming child sex abuse shows for as little as £12 ($15.40), and that the gangs behind this growing industry are offering their customers the option to choose the hair colour and other characteristics of their victims. Javid said that while he has been impressed with the progress large technology firms have made in tackling terrorist material on their platforms, he now wants to see a similar level of commitment when it comes to child sexual exploitation. “I am not just asking for change, I am demanding it,” he said. “How far we legislate will be informed by the action and attitude that industry takes.”

While Javid’s intervention is certainly welcome, it remains to be seen as to whether big tech firms will do more than continue to pay lip service to eradicating child sexual exploitation material and grooming from their networks. Law enforcement agencies across the globe have been complaining about this issue for years, with very little being done on the part of these companies to solve the problem. The fact that surface web platforms are still being used by paedophiles should be a constant source of shame for big tech, which appears reluctant to allocate significant resources to tackling issue, perhaps due to the fact that doing so would not provide an attractive enough return on investment. This is in spite of the fact that evidence suggests the problem is getting worse rather than better.

In April, British child protection charity the NSPCC revealed that Facebook was the most popular platform for paedophiles looking to groom children online. The following month, a report from the Internet Watch Foundation (IWF), which works to remove indecent images of children from the web, revealed that minors as young as three were being coerced into live-streaming indecent images of themselves to online predatory paedophiles using social media platforms. In April of last year, a coalition of law enforcement agencies broke up a network of paedophiles involved in the distribution of child sexual exploitation material through dark web platforms and WhatsApp. Elsewhere, Twitter has been criticised for failing to close accounts belonging to self-confessed paedophiles who used their profiles to openly discuss their attraction to children. Many were found to be using profiles pictures that might appeal to youngsters.

While the problem of child sexual exploitation material and grooming on the internet is complex and will likely take some time to resolve, few outside of the industry would argue that big tech is currently doing enough to tackle the issue. While search giant Google unveiled a free artificial intelligence tool to help businesses and organisations identify indecent images of children on the internet after Javid delivered his speech, these types of efforts appear to be a low priority for companies that are in some cases worth more than nation states. The time for threats has passed. Developing technology to identify online groomers will be a major challenge, but lawmakers around the globe could make a start by fining tech firms that fail to take down child sexual exploitation material within hours of it going up, as has been suggested with terrorist content. The sad truth of the matter is that these companies will only allocate the resources required to tackle the problem if they face serious consequences for failing to do so.

Continue Reading

Articles

Cyber crime cost worldwide economy $2.9 million every minute last year

Published

on

cyber crime cost worldwide economy $2.9 million

Online criminals cost the global economy $2.9 million every minute last year, according to a report from cyber security firm RiskIQ.

This added up to $1.5 trillion over the 12-month period.

Research conducted by the firm also reveals that security breaches cost major companies $25 per minute last year, and that hacks on cryptocurrency exchanges cost $1,930 every 60 seconds over the same period.

Elsewhere, the firm’s study showed that $17,700 was lost to phishing attacks every minute last year, while ransomware events will cost a projected $22,184 each 60 seconds in 2019.

According to RiskIQ, hackers employed a range of tactics last year, including malvertising, phishing and supply chain attacks that target e-commerce, such as the Magecart hacks that have increased by 20% over the past 12 months.

Commenting on his company’s findings, Lou Manousos, CEO of RiskIQ, said: “As the scale of the internet continues to proliferate, so does the threat landscape.

“By compiling the vast numbers associated with cybercrime in the past year, we made the research more accessible by framing it in the context of an ‘internet minute’.

“We are entering our third year defining the sheer scale of attacks that take place across the internet using the latest third-party research and our own global threat intelligence so that businesses can better understand what they’re up against on the open web.”

Manousos added that a wider understanding of the cyber threat landscape is required to tackle the problem, and that there will be more attacks using an ever-expanding range of technologies and strategies if the necessary security controls are not implemented.

“With the recent explosion of web and browser-based threats, organizations should look to what can happen in a matter of minutes and evaluate their current security strategy,” he said.

“Businesses must realise that they are vulnerable beyond the firewall, all the way across the open internet.”

Separately, a gang of six online romance fraudsters based in the UK have been convicted of conning two women out of £240,000 ($296,803).

Setting up fake profiles on internet dating sites, the gang members used the false identities of Kevin Churchill and Kevin Thompson, posing as wealthy businessmen to gradually convince the two women they were in relationships.

The gang members first demanded money on the pretence that they needed funds to pay vet’s bills for a sick dog, preying on their victims’ love for animals, and then gradually asked for larger sums.

The gang will be sentenced at Guildford Crown Court on 2 August.

Continue Reading

Articles

25 million Android devices infected with malware that swaps legitimate apps for bogus ad-filled versions

Published

on

25 million Android devices infected with malware

Security researchers have discovered a new form of malware designed to infect Android devices and replace legitimate apps with malicious versions that show fraudulent ads.

Analysts at Check Point Research, who have named the malware Agent Smith after a fictional character from the Matrix film franchise, believe the malicious software has already infected as many as 25 million devices across the US and India.

The malware, which disguises itself as a Google-related application, is said to exploit known Android vulnerabilities to automatically replace installed apps with malicious versions that show device users ads selected by hackers who profit financially from their views.

Check Point notes that while the software is currently only being used by cyber criminals to profit from ad views, it could be adapted to steal personal and banking information, or turn Android handsets into remote listening devices.

The online security firm has withheld the identity of the malicious actor behind the malware after passing information to Google and law enforcement agencies.

In a statement, Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point Software Technologies, said: “The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own.

“Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like ‘Agent Smith’.

“In addition, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third party app stores often lack the security measures required to block adware loaded apps.”

Earlier this month, CSIS Security Group published information about a separate piece of malware that it claims has infected more than 10 million Android devices made by South Korea’s Samsung.

The bogus Updates for Samsung app, which had been downloaded by millions of users before being pulled from the Google Play store, purported to manage firmware updates that improve and secure the running of Samsung devices.

In reality, the app simply directed users to an ad-packed website that charged for the download of firmware updates.

In a statement, Google said: “Providing a safe and secure experience is a top priority and our Google Play developer policies strictly prohibit apps that are deceptive, malicious, or intended to abuse or misuse any network, device, or personal data. When violations are found, we take action.”

Continue Reading

Articles

Hacked medical information now among most valuable data offered on dark web, new study reveals

Published

on

hacked medical information

Hackers are increasingly attempting to attack healthcare organisations in a bid to steal valuable data they hold on their IT systems, according to a new report from online security company Carbon Black.

A survey conducted by the firm revealed that 83% of healthcare organisations have witnessed an increase in cyber attacks over the course of the past year, and that two thirds (66%) said hacking attempts had become more sophisticated over the last 12 months.

The study found that stolen records from healthcare providers have become one of the most valuable data assets sold on dark web illicit marketplaces, and that such records can change hands for three times as much as general consumer personally identifiable information (PII).

According to the poll, Carbon Black’s healthcare customers saw an average of 8.2 attempted cyber attacks per endpoint each month last year, with 45% stating they had encountered hacking attempts in which the primary motivation was the destruction of data over the same period.

Analysis of stolen medical data offered on dark web marketplaces conducted by Carbon Black revealed that information that would allow criminals to pose as doctors was among the most expensive data listed, with malpractice insurance documents, medical diplomas, board recommendations, medical doctor licenses and DEA licenses on offer for as much as $500.

Meanwhile, forged prescription labels, sales receipts and counterfeit or stolen healthcare cards that could allow criminals to illegally obtain prescription drugs were found to sell for considerably less, and are typically being offered for between $10 and $120 per record.

Hacked health insurance login information is cheaper still, Carbon Black discovered, costing less than $3.25 per record on average.

Describing how cyber criminals are able to monetise the data they steal from healthcare organisations, the report says: “A hacker compromises the corporate network of a healthcare provider to find administrative paperwork that would support a forged doctor’s identity.

“The hacker then sells to a buyer or intermediary (who then sells to the buyer) for a high enough price to ensure a return on investment, but low enough to ensure multiple people buy the item.

“The buyer poses as the stolen doctor’s identity and submits claims to Medicare or other medical insurance providers for high-end surgeries.”

The report was published as US clinical laboratory Quest Diagnostics admitted that a third-party billing company may have exposed personal and medical records belonging to 11.9 million of its patients.

Quest said earlier this week that the American Medical Collection Agency (AMCA) had informed it that an unauthorised user had accessed its systems, which contained data on patients who had used Quest’s services.

Continue Reading

Newsletter

Sign up for our mailing list to receive updates and information on events

Social Widget

Latest articles

Press review

Follow us on Twitter

Trending

Shares