Does Trump's COVID-19 Test Result Portend Cyber Chaos?Expect Scammers, Phishers and Disinformation Teams to Exploit the News
Will U.S. President Donald Trump's positive COVID-19 test result expose the country to increased nation-state mischief?
See Also: The Business Email Compromise Handbook
Late on Thursday, Trump's official Twitter account announced that his press secretary, Hope Hicks, had tested positive for COVID-19. Shortly thereafter, his account tweeted that Trump and his wife, Melania, had also both tested positive.
"Eternal vigilance is the price of security."
The White House issued a memorandum written by Trump's physician, U.S. Navy Cmdr. Sean Conley, noting that "the president and first lady are both well at this time, and they plan to remain at home within the White House during their convalescence."
The announcement that he's tested positive for COVID-19 came just two days after the highly contentious televised debate on Tuesday between Trump and former Vice President Joe Biden, the Democratic presidential nominee.
Tonight, @FLOTUS and I tested positive for COVID-19. We will begin our quarantine and recovery process immediately. We will get through this TOGETHER!— Donald J. Trump (@realDonaldTrump) October 2, 2020
So what happens next?
Buzzfeed's political editor has nailed the political commentary zeitgeist in the headline of his analysis: "I Am The Politics Editor And I Have Absolutely No Idea What Happens Next."
Expect nation-states to probe how to best turn this to their advantage. "Our adversaries will take advantage of the situation in numerous domains," Tom Kellermann, head of cybersecurity strategy at VMware, tells me. "The news underscores the vulnerability of the U.S. to ephemeral threats like disease and cyberattacks."
Expect to see an increased U.S. defensive posture across the board to warn away any aggressors looking to exploit the situation, says Alan Woodward, a cybersecurity expert who's a visiting professor at England's University of Surrey.
"What you won't see - but it will be there - is a raised state of awareness of any cyberattacks," he tells me. "The U.S. chain of command is well practiced for physical conflicts, but that doesn't necessarily stop a hostile nation trying it in cyberspace. But, frankly, they take any opportunity to see if defenses are down. Eternal vigilance is the price of security."
Also expect Trump's diagnosis to be seized on by online attack artists - scammers, fraudsters and disinformation teams - who revel in the news of the day, be it vaccine conspiracies, a hotly contested election, a global pandemic or all three.
"From a cybersecurity perspective, the COVID-19 diagnosis will have nothing to do with any direct threats or impacts to the U.S.," Chris Pierson, CEO and founder of security firm BlackCloak, tells me. "Indirectly, however, the amount of social media disruption and interference tactics could be high as external actors look to interfere and/or influence things during the election season."
Indeed, you don't have to be the manager of a Russian troll farm to see how fake messaging might be used to create uncertainty and confusion about whether Trump really has COVID-19 or if Biden might have it as well.
"From a cybersecurity perspective, it is obviously a gift for scammers, phishers and those spreading disinformation," says Woodward, who's also an adviser to Europol, the EU's law enforcement intelligence agency. "As keen as everyone is to know what is happening, I would encourage people to be very careful to avoid following any clickbait: You just don't know what you're getting."
Incident response teams should also take note, Pierson says. "A fake phishing email alerting of a death or some grave emergency would surely get a higher number of clicks than the usual tactics of the day," he says. "It is also likely this news and other potential negative stories could be used for phishing emails or influence campaigns ... in hopes that people will click on emerging stories" leading to malware infections and network intrusions.