S2E7 - Coronavirus - Tracking You & Cyber Espionage

Welcome to another episode of the Creepy Tech Podcast. This episode is also sponsored by Ivacy VPN. I’ve been using a VPN for the past 2 years, and I’ve been recommending it to anyone and everyone that uses public Wi-Fi, travels a lot or just ends up using hotspots to save on their mobile data plans! Ivacy VPN is a super affordable, and secure way to protect yourself from companies collecting your data and profiting off you, as well as protecting yourself from hackers looking to steal your information. Since I’ve been recommending it for a while, I found you a way to start protecting your information! As a thank you to you guys, Ivacy VPN is offering a 20% off discount to Creepy Tech listeners! You can use the discount code TECH20 at check out on their website Ivacy.com.

If you have any questions about using a VPN, Send me a DM and I can walk you through it!

Last of all, This week’s podcast episode is also brought to you by ZipRecruiter do you need to hire somebody? I know it’s tough finding the perfect candidate for a new position! Going through applications, resumes, job boards, Zip Recruiter will simplify this whole process for you. They send your open jobs to over 100 of the webs’ leading job sites and use their powerful matching technology to scan thousands of resumes to find you the perfect candidates! Not only that, they also invite the candidates that match your posting to apply for your job AND you can even add screening questions so that you can spend less time searching & more time focusing on the best applicants! Its so simple and effective that 4 out of 5 employers who post on Zip Recruiter, get a quality candidate within the first day! As a thank you for listening to The Creepy Tech Podcast, you can try ZipRecruiter for free by going to ZipRecruiter.com/lshompole or by heading over to Lshompole.com and using the ZipRecruiter link at the top of the page!

Alright that’s all the deals I have for you this week! Let me know if you end up using them, and how the experience is! IF you hate it, let me know!

This week we’ll be doing a deep dive into the tech side of Coronavirus specifically how companies and governments are using apps to track, monitor & assist with slowing down the spread of the virus also known as COVID-19. As well as the recent claims that China is using cyber espionage to collect the research that governments are doing about this virus.

Lets take a look into apps that specifically track the spread of COVID-19. When it comes to our behavior and the places we go, it’s safe to say that over the past few years it has become much harder for us to keep this kind of information private. When we drive from our house to a new store, or friends house we use our cell phone to give us turn by turn directions.

When we hear a word we don’t know, we quickly unlock our phones and search on google. Every single thing that we do in our daily lives is then logged as a data point. An almost permanent diary of our thoughts, actions and behavior.

Today, data has basically become a currency. Companies collect what we provide via social media, our searches and sometimes even our conversations (when we use AI personal assistants like Alexa which I’ll cover later on this season.)

So when it comes to our current situation, we are seeing that COVID-19 has introduced the need to collect more real time data. Large companies & even the government can now justify their need to know, where we go, who we meet, what we bought & even what we are worried about.

According to an article on The Verge, “On Friday, Apple and Google announced a system for tracking the spread of the new coronavirus, allowing users to share data through Bluetooth Low Energy (BLE) transmissions and approved apps from health organizations. The new system, which is laid out in a series of documents and white papers, would use short-range Bluetooth communications to establish a voluntary contact-tracing network, keeping extensive data on phones that have been in close proximity with each other. Official apps from public health authorities will get access to this data, and users who download them can report if they’ve been diagnosed with COVID-19. The system will also alert people who download them to whether they were in close contact with an infected person.”

Since the app itself would use Bluetooth instead of GPS. Your physical location would not necessarily be logged, instead any nearby phones that are using the app would be logged. If at any point in the near future (I’m guessing a few days) any of the users you were close to notify the app that they do have the virus, then you would also be notified that you were in close proximity to a person that tested positive. Advising that you get tested as well, just in case.

They’ve also stated that the app itself has set up protections that prevent specific users from being easily identified.

Here is a quick info graphic that explains how the coronavirus tracking app itself works.

Anyway, while this is going to assist with tracking the spread of the virus, there are some downsides to installing the app. For instance:

1. The app itself does not take into account how long users were in close proximity, whether you were talking to each other, sharing the same card reader while checking out at the grocery store or even whether you were actually in the same room since its simply logging proximity based on the Bluetooth reach. You could be in the same building separated by a wall from the other individual, but the app would not know that.

2. It also doesn’t take into account connectivity, or up to date phones. Meaning if an infected individual is right next to you, but they Bluetooth isn’t enabled until they get back home, it wouldn’t pick up on that either and notify you because it simply wouldn’t have that data.

3. Last of all, developers would need to take into account the possibility of hackers submitting false information (like testing results either positive or negative) depending on what their intentions are. This could lead to an increase in spreading unnecessary fear or it could lead to some serious mental health concerns for cases where individuals are notified of positive contact, as a result of pranksters submitting fake testing results. These developers will need to figure out a way to verify that individuals were tested via reputable and verifiable means.

Quite recently, large warehouses and even smaller businesses or schools have had to shut down because of employees or students calling in sick & stating (falsely) that they may have the virus symptoms. As a precaution & to follow the government guidelines, these businesses were required to shut down & disinfect their facilities meaning an increase in down time and a loss in income for all of their employees. This is something that does happen, so any technology introduced to assist with tracing, would need to account for false reports.

Which bring us to the final topic for this episode.

As always, our search for information in times of crisis can lead to some pretty interesting websites. Most recently, there have been reports that the interactive map created by the John Hopkins medical website was infiltrated by hackers looking to capitalize on the coronavirus media coverage to download malware on your devices as you attempt to use their interactive map.

“According to an investigation by Reason Security, some of these coronavirus maps contain serious malware known as AZORult. Using AZORult, a hacker can steal your browser history and social media login information; access your bank accounts or cryptocurrency vaults, and even gain full remote access to the infected device.”

Since individuals are trying to consistently get the most up to date information, searches for these kinds of interactive maps that track the progression of the virus, have increased significantly. Websites that are making these maps available have seen a huge uptick in their daily traffic. As expected, when hackers see trending words, sites or behaviors they invest their time into creating and designing malware that can be distributed and downloaded through these high traffic mediums. Meaning more data can be collected via these high traffic mediums.

I’ve definitely noticed a significant increase in the amount of spam calls, emails & random subscription notifications. Even though I have not used this particular interactive map set up, I do believe that my data has been collected somewhere and has been used to sign up for random things.

More so during this time than ever before, and the scariest part although I’m pretty diligent when it comes to protecting my information, there is no fool proof way to protect everything 100%.

If you used the interactive map, Lifehacker.com advises that you, “Uninstall it and perform a virus scan immediately. It’s also worth running a scan if you installed any other coronavirus-related apps or software recently; it’s likely “Corona Virus Map” is just one of many coronavirus-related scams. If you’re adamant about having constant, up-to-the-minute updates on the virus’ spread, I suggest bookmarking Johns Hopkins’s official tracker and only using that one, and stick to trusted online sources.”

Now some basics for you to protect yourself include the following:

1. Turn two-step verification on for every online account you have that supports it, especially your email provider.

2. Set up recovery email addresses that notify you whenever someone has accessed your other email

3. Make sure to use a different password for each individual account.

4. Do not use a free VPN service. I know we all hate paying for apps but, free usually means that you are the product.. Use a trusted VPN service that you pay a monthly subscription for. Its more likely that they use your monthly payments to provide the service rather than making money from selling your information, behavior and profiles.

5. Do not click suspicious links. Yes, that includes random links sent on IMessage or WhatsApp. Even if it comes from someone in your contacts list. Always ask them what the link is and why they sent it.

6. “Come up with creative answers for your security questions. People can now figure out your mother’s maiden name or where you graduated from high school with a simple Google search. Consider answering like a crazy person. If Bank of America asks, “What was the name of your first boyfriend/girlfriend?” reply, “Your mom.” Just don’t forget that’s how you answered when they ask you again.”

Just some basics but they will definitely help keep you a bit safer online especially now that we are all working remotely & spend more time on the net.

Anyway, when it comes to hacking there are different levels usually influenced by intention. For us individuals, hacking means access to our personal information. Which is used to either access our financials or, our information is used as a product to be sold to interested parties who need identities or means to make money. For governments hacking means access to information that can be used to further the goals of other countries. Whether that information is used to get an upper hand politically or used to improve resources and influence society.

Recently, a few news outlets have been discussing cyber espionage in connection to coronavirus research.

These attempts to steal research information have been specifically targeting the UK and the US.

In a BBC article they state the following, “The US has seen foreign spy agencies carry out reconnaissance of research into a coronavirus vaccine, a senior US intelligence official has told the BBC. Bill Evanina, director of the National Counterintelligence and Security Center, said the US government had warned medical research organizations of the risks. But he would not say whether there had been confirmed cases of stolen data. UK security sources says they have also seen similar activity.”

The goal of these attacks is pretty simple, due to the quickly spreading virus, countries are trying to get as much information as possible to assist them in the creation of a vaccine. Understandably, the country that successfully creates a safe vaccine stands to gain a financial advantage/benefit while also securing their status (possibly as a super-power) simply based on how their citizens (as well as governments) view their ability to respond during a crisis.

The UK and the US have information that points to Russia & China as the source of these attacks, while China has reported attacks from Vietnam.

For the US, the more recent interference from Russia & China in political matters, may be signs that the motivations behind the attacks have more layers than what is being reported.

So what does this mean for us as individuals? Well there’s a few things that this impacts.

1. Foreign espionage can cause mass disruption to the economy because the markets rely on the consumers trust in the supply and demand of goods or jobs. Once individuals begin to see market instability, they begin to stop spending on things that are just not necessary to live. So less spending overall. This then leads to less demand for goods being manufactured, which ends up meaning a decrease in business profits and ends up with companies needing to fire workers because they are no longer making enough to pay them. Which is something we have seen play out over the last few months. I believe that the US had over 30 million individuals file for unemployment in Mid March.

2. Mental health – Even though foreign espionage doesn’t necessarily lead to a decline in mental health of individuals. It does end up playing a small role. In this case – due to the combo of global lock downs – meaning individuals are separated from society and physical interactions – and the resulting increase in media coverage of not only the spread of the virus but also the targeted attacks from foreign governments, we are starting to see that there may end up being an increase in depression and suicide. In addition to this increase, the infrastructure set up to help individuals address their mental health are also not readily available. Sure there is telehealth, and hotlines but a lot can be missed during these sessions.

3. Last of all, foreign espionage affects our perception of the information we are seeing on the news & media. Over the past decade we have begun to rely on readily accessible information via the web. We have also begun to realize that while this information is readily available, it may not be accurate and in some cases it may actually be intentionally misleading. What’s worse is that the quality of the misleading information, is continuously improving. Leading us to question whether what we are reading is factually accurate or if it just looks and sounds real but is factually inaccurate or false. Which introduces additional stress on all of us.

All we can do at this point is to dig deep, be steadfast in our critique of what we see and hear & continue to challenge ourselves to develop our own understanding of the events happening to and around us.

Alright, that is all I have for you this week, if you find information that you’d love to share with me, feel free to message me what you found either by email, DM on socials or leaving a voice message on the creepy tech Anchor page... I think this is something I’ll continue to cover especially as this whole thing unfolds.

As always, if you have a quick moment, head over to the apple podcast app and leave me a review. I’d like to know what you think about what is going on.

You can follow me on IG @Tech_Creepy & on Twitter @TechCreepy & you can find the links I mentioned in this episode on my website Lshompole.com.