A list of leaked passwords and email addresses belonging to the Gates Foundation, the World Health Organization, and the National Institutes of Health has been leaked to right-wing activists, according to the SITE Intelligence Group. Other groups working to fight the spread of COVID-19 were also included in the list of nearly 25,000 credentials.
SITE, which monitors extremist and terrorist groups online, said it has not yet been able to verify whether or not the credentials are real. The group says the information was distributed Sunday night and Monday and used immediately for attempts at hacking and harassment by far-right extremists.
Of the groups involved in the breach, only the Gates Foundation has spoken up yet. On Tuesday night the organization said in a statement: “We are monitoring the situation in line with our data security practices. We don’t currently have an indication of a data breach at the foundation.”
As much of the world works to heal in the wake of the COVID-19 pandemic, technology’s biggest players are stepping in to help. But the internet is often its own worst enemy, and there are always those who would prefer chaos to healing. Now it will be up to the internet’s keepers to dispel any false information that might be spread by the hack.
At least some of the info is old — The largest portion of the leaked credentials came from the NIH, with almost 10,000 emails and passwords total. Nearly 7,000 were from the CDC; about 5,000 from the World Bank; nearly 3,000 from the WHO.
While most of the credentials have not been confirmed to work, the World Health Organization’s were tested by Robert Potter, a cybersecurity expert out of Australia. Potter says the WHO’s leaked credentials appear to have come from a 2016 hack and that he believes the credentials may have been purchased on the dark web. He says he was able to access the WHO’s systems with the credentials.
Up that security, please — Every secure system has its downfalls, but there are concrete steps that can be taken to improve those systems. One of the simplest is making passwords more complex; this makes it much more difficult for brute-force hacking methods to later decrypt the passwords.
Potter says some of the passwords are appalling in their simplicity. Almost 50 WHO employees used “password” as their password, while others used their own names or other basic phrases like “changeme.”
Now we watch for misinformation — The far-right activists that now hold these credentials hope to use them to spread false information about the novel coronavirus, according to SITE. The credentials are being shared across extremist forums, like 4chan and 8chan, and through secure chat groups.
One of the ploys involves widely sharing tweets with false information linking COVID-19 to HIV. A prominent neo-Nazi group shared a meme implying that information found using the leaked credentials “confirmed that SARS-Co-V-2 was in fact artificially spliced with HIV.”
These groups hope to make their misinformation go viral on platforms like Twitter, where it’s easy for anonymous users and bots to spread the information effortlessly. We’ve already seen that Twitter is struggling to keep up with fake coronavirus content — it will take a small miracle for the site to squash a concerted effort of this size.
The spread of misinformation about the coronavirus can be just as dangerous as the virus itself. It will be up to Twitter and other social media platforms to step up to the plate and figure out how to stop that spread, so the organizations involved can focus on stopping the virus.