Threat Management, Threat Intelligence

Hackers, nation-states target US black community to commit fraud, sow division

African Americans are more highly impacted by fraud campaigns compared to other racial and ethnic groups, as disparities in financial literacy and wealth act as barriers to recovery from any resulting financial loss.

These were only some of the insights of a research report released Tuesday by the Black Empowerment and Support Team at Recorded Future (BEST@RF) in tandem with the Inskit Group, the vendor’s research arm. The research aims to raise awareness and visibility of how cyber attackers are targeting the black community, as well as offer practical recommendations to help African Americans combat the threats they face as a result of systemic racism.

“These findings around cyber threats and race are further evidence of that division and disproportionality,” said Julian Waits, general manager of cybersecurity at Devo Technology. “Our last election showed all the imperfections we have as Americans, and the dark side of the cyber world is here to exploit our divisions. Blacks, as with other underserved communities, are particularly vulnerable. Adversarial nation states will exploit and manipulate our differences, and those of us most vulnerable will suffer the most."

Regardless of a person's political stance, Waits said the storming of the Capitol on Jan. 6 combined with the events that occurred last summer in the wake of George Floyd's murder are an indication of how divided the country has become, especially when it comes to racial matters.

Tennisha Martin, founder of BlackGirlsHack, said the tragic events that happened in America recently have created a sense of helplessness as far as what the black community can realistically do to show it stands united against brutality against black people.

“We've seen far too often the difference between what happens when different populations within the United States protest,” Martin said. “So when we think about practical ways to combat injustice one of those has been to sign online campaigns for various causes. Unfortunately, many of the people who sign up are not thinking about good cybersecurity practices. They're thinking that they're donating to people who are on the front line of making change and they're using their voices to spread information within the community. This sadly, leaves them victim to what are essentially crimes of opportunity."

BlackGirlsHack, while training black women for careers in cybersecurity, also teaches good cybersecurity practices they can take back to their families, Martin added.

Marcus Carey, enterprise architect at ReliaQuest, noted that the black community also suffers from frequent disinformation campaigns, which can be particularly damaging during the pandemic, which has hit the African American community disproportionately hard.

“I fear that the black community will continue to be impacted harder since disinformation about the COVID-19 vaccinations will prevent us from getting the vaccine,” Carey said. “The other problem is since the pandemic has affected schools, the black community is getting a double whammy on health and education.”

Here are some important points made in the report, more of a compendium of published research and news items from the past decade versus original data:

  • American blacks are vulnerable to fraud.

A financial literacy, wellness, and resilience survey conducted by the TIAA Institute in 2019 demonstrated a 17% lag in financial literacy among African Americans compared to whites. Many U.S. blacks may either lack the confidence or awareness to report an instance of fraud, or even avoid reporting out of distrust of law enforcement or other government agencies. Additional data from the TIAA survey showed that only 35% of African Americans believed they could cover a $2,000 emergency expense — compared to 59% of whites — making any financial loss because of fraud even more detrimental.

  • DDoS attacks are an issue.

The official BlackLivesMatter (BLM) website has been repeatedly targeted by distributed denial-of-service (DDoS) attacks following its registration in late 2014. ArsTechnica reported that the BLM website was targeted shortly after establishing a relationship with eQualitie, a Canadian non-profit organization that gives digital support to civil society and human rights groups. A December 2016 report from eQualitie, said that there were more than 100 separate denial-of-service incidents against the official BLM website in the seven-month period between April and October 2016.

  • Cyberattacks increase after major racial incidents.

In June 2020, the DDoS mitigation and information security company Cloudflare reported that, in the days that followed the murder of George Floyd, the company saw a large uptick in cyberattacks, particularly cyberattacks on advocacy organizations fighting racism. Cloudflare indicated that the work to block incoming HTTP traffic requests amounted to tens of billions of requests per day and constituted an average increase from the month prior of about 20 percent.

  • Nation states target the black community to sow discord.

Foreign information operations and disinformation campaigns targeting the black community in the U.S. have been conducted from abroad with identified, online campaigns conducted by Iranian and Russian state-linked entities. These campaigns can be traced back to at least 2015 and continue today.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.