Experts Blog

A How to Guide for Creating an Organizational Incident Response Playbook and Managing Reputational Risk
June 1, 2021
TrackerPayton

From the desk of the CEO

Disinformation, Misinformation and Manipulation Campaigns

A How to Guide for Creating an Organizational Incident Response Playbook and Managing Reputational Risk

Read time: 12 Minutes

We have helped hundreds of organizations in combatting cybercrime. Around 2013, we unearthed an emerging trend where a company, industry, or an executive was the target of a disinformation campaign. I dedicated personal time to research how the peddlers of misinformation, disinformation, and manipulation campaigns launch their tradecraft which inspired me to write my latest book, Manipulated.  

At Fortalice Solutions, we are dedicated to improving security awareness. No industry or trending topic is safe from the manipulators’ playbook. It is only a matter time when you may find that your organization, company, industry, or perhaps an executive or VIP becomes the victim of a manipulation campaign.

Big Tech, Social Media, and News Media firms have made inroads, but admit they have more to do.

International law struggles to keep up as well. NATO regularly publishes the Tallinn Manual, a guide on how to handle international cyberattacks. Yet, it is not clear that something as significant as people peddling in misinformation during recent global elections, or even the dox and dump hack that happened to the DNC and the Clinton campaign around the 2016 election, would result in jail time for everyone involved in the United States justice system or be considered illegal in the international courts.  

The manipulators play in the gray spaces of the law and international-extradition treaties.  Manipulators are operating in the open right now, knowing that often they will not be stopped by social media nor named, singled out, or face any repercussions.  

As someone who has personally vowed to protect and defend our nation and our allies, businesses, and global citizens from digital break-ins, I find this lack of legal recourse highly objectionable.  

Manipulators are already targeting many areas of our lives: the stock market, cryptocurrency valuations, the outcome of our elections, and now the Covid-19 vaccine rollout. Their actions are shaking the foundations of the world’s most resilient societies.  

Although political and social espionage, propaganda and manipulation campaigns are centuries old and well documented, technology provides a new twist. And the manipulators have been honing their tradecraft for over a decade. In 2013, the World Economic Forum posted its top ten trends on its watch list; and on that list was online “misinformation.” According to reports, nearly 80 percent of the time, Russian cyber operatives were behind manipulation and disinformation campaigns meddling in almost every social issue globally, as well as elections in the Netherlands, Catalonia, United States, France, Germany and the United Kingdom’s Brexit referendum. For the record, Russia denies it. The remaining cyber operatives often tie back to China, Iran, N. Korea, all of whom deny it.  Also playing in this realm are local social and political-activist groups.  

And, who needs rogue Nation States when your country’s own citizens have picked up the manipulators’ playbook?  

You may ask “Why Do Cyber Operatives Manipulate?”

The endgame is to make you doubt everything you believe—which leaves you open to believing anything.  

Research shows that a false story reaches people six times faster than does legitimate news or the truth.  

I learned another disturbing fact when I studied the various ecosystems of manipulators for my book Manipulated, and it’s this – it’s incredibly lucrative. When we click, react, repost, or forward, the best in the manipulation business make money, and lots of it.  

As hard as this is for me as a career technologist to admit, we cannot “tech” our way out of this problem.

I recently looked into the COVID19 Vaccine misinformation, disinformation, and manipulation schemes and the impact on global citizens.  

One rough estimate shows that misinformation on “public health” alone generated billions (that’s billions with a “B”) of social media views in only one year.    

A poll in the UK found that 8 percent of people believe that 5G technology spreads the coronavirus.  

27 percent of Americans are hesitant to get the Covid-19 vaccine due in part to manipulation campaigns.  

These theories are just a small part of the global infodemic that has spread largely unchecked on social media platforms.  

WHO is behind Manipulation Campaigns? It varies...…

As we have seen in our client work on various threat hunts abd incident response cases, it can be Unscrupulous Business Competitors, Unscrupulous Political Operatives, Cyber Criminals, and Unscrupulous Nation States

HOW is it done?

The manipulators use a variety of techniques, but social media is currently their distribution platform of choice.

The Dangers of AI and Deepfakes  

As I interviewed experts and hackers conducting manipulation campaigns for my book, Manipulated, I grew increasingly concerned about the availability to make “deepfakes of everything,” both now and in the future.  

New cottage industry services such as MrDeepFakes.com (please note, this site is Not Suitable For Work) only require a decent graphics card, 10 steps and patience.  A few years ago, making a convincing deepfake required technical skills or cost thousands of dollars to pull off. Now, it’s free. They even provide a how-to-guide and GUI. Seriously, you don’t even have to know Python.  

While doing my research for Manipulated, I came across the case of female investigative journalist Rana Ayyub. After an eight-year-old Kashmiri girl was brutally raped, Ayyub spoke openly that she felt there was a coverup involving an influential man connected to senior government officials. Internet trolls attacked her, forging tweets from Ayyub’s account with inflammatory statements such as “I hate India,” and, “I love child rapists and if they are doing it in the name of Islam I support them.”  

This was horrible enough on its own, but then, her likeness was edited into a deepfake pornographic video that was released online.  

The threats against her life escalated and the United Nations had to step in to ask India to protect her.

One victim of this type of attack, is one too many.  

Image: 1 From Payton RSA 2021  Keynote

Techniques and Tactics

HOW is it done?  

After unmasking various peddlers of misinformation schemes, I've seen recurring themes/patterns in how they commit their fraud.    

Step 1  

One common tactic of a manipulation campaign is posting something masquerading  as news on a state-sponsored or “independent” news site.

The “news” gets information-laundered and quoted.

Step 2  

The manipulators initiate chat bots and/or use fake personas to post across multiple platforms, using popular but innocuous hashtags.

Step 3
Repeat over and over.

How Can We Spot and Stop Manipulation Campaigns?

Look out for:  

Sensational headlines

A topic not being reported on by traditional news media, who typically source and vet stories before publication.

Please note: Memes are the hardest to spot and a favorite tool of nation states wanting to target the 25-and-under demographic.

Ideally, your opinion on whether or not to get the COVID19 vaccine is shaped by well-established medical advice from your family doctor and deciding what’s best for your specific situation.  If you decide to get one or not to get one, I’m not here to judge, but to make sure your decision process does not allow you to be manipulated via disinformation.

Prior to the pandemic, there was a collaborative study published by researchers at George Washington University, the University of Maryland, and Johns Hopkins University. They examined the debate over kids’ vaccines on social media and reported that Americans both for and against child vaccines were joined by covert Russian operatives posing as Americans—both for and against vaccines. In fact, hashtag #VaccinateUS was a favorite hashtag of these trolls.

Why would Russian hackers care if our kids are vaccinated? They don’t. In fact, Russia has almost a 100 percent vaccination rate for its own children.  

The ultimate goal of most manipulators, including these Russian trolls, is to rile up a country’s citizens, foster unease about the issue, and make us distrust medical experts and government authorities.  

Our Latest Research  

The Russian internet trolls previous work stoking the flames of the anti-vaccine movement, opened the door to the manipulation campaigns playing out today regarding COVID19 vaccines.  

In looking specifically for COVID19 vaccine manipulation campaigns, I worked alongside one of our Senior Experts at Fortalice in our Open Source Intelligence Division, Landon Stewart, to unmask a few campaigns for you.

We know how busy you are so this post highlights only a few of our most illustrative findings to explain incidents of manipulation hiding in plain sight to show you and then to offer your organization tactics to improve your cyber defense.

Our methodology was to use free and opensource tools so you could implement these into your business and personal routines right away.

Image: 2 From Payton RSA 2021 Keynote

The tools we used for the analysis were:

  1. A gaming computer
  1. Node XL
  1. Crowdtangle
  1. Botometer

First, we installed Node XL on the gaming machine.

Next, we fed the tool two search terms:

“Covid Vaccine” and “Hoax”

Finally, we allowed the tool to run on the standalone gaming machine for 48 hours.

And Voilá!! In less than 2 days, we had a basic misinformation and disinformation investigation underway! And we found loads of it!

Our lawyer won’t allow me to say the overall activity is fraudulent, because that calls for a legal determination, but I will allow you to come to your own conclusion.

So, what did we find?  

  • The manipulators on the surface seem small and focused on “vaccine safety”. And who wouldn’t be for vaccine safety? This group then hides its true influence by linking to other larger affinity groups such as arts, music, sports, culture, and more.
  • In looking at the largest influencers, we found several now-debunked stories. For example, a Tennessee nurse supposedly died during a taped vaccination and a Michigan-based doctor’s subsequent miscarriage tied to the vaccine.  

Our research supports recent reports that Nation States are promoting disinformation campaigns around COVID-19 origins and vaccines, however since it’s been well covered in the media, I am excluding those data points from this post.

Findings:

In less than 2 days, using free tools, and a gaming computer, we uncovered a small group of only 30 Americans that reached at least 94,000 unsuspecting members of affinity groups such as LA Arts, cooking, music, pop culture, and more.

Although I redacted their names from this blog post, I want you to know a little more about the top three most interesting influencers:

  • The biggest influencer is a male that lives in the Midwest of the United States.
  • A blog promoting disinformation on COVID19 vaccines and asks for donations to support their legal fund is an off-the-Strip Vegas lawyer in his 70s.
  • The third influencer is a white male from Australia who, despite his PhD. in economics, has been debunked by sites such as vaxopedia for continuing to push the link between vaccines and autism.  

By using CrowdTangle, a tool created by Facebook, Landon found that the influencers greatly expanded their reach through posting and sharing articles of disinformation not on their main pages or accounts. That would be too obvious! They posted their disinformation and manipulation campaigns within various affinity groups.

Why target smaller groups? If you target everyone and get just one believer from each unique micro-segmented affinity group, you can work to gain a foothold among its members.

We found these COVID19 vaccine misinformation posts were written to attract people across the USA, Canada, and the EU.  

Rest assured, we have provided our research to the appropriate authorities.    

What I want you to know is this, no matter how you feel about any hot button issues, such as COVID-19 and vaccines, who wins or loses elections, how decisions get made by your government, or any of today’s modern issues the point is this – the manipulators – and these REDACTED PEOPLE - don’t care how you feel – they just want to manipulate you!

WHAT CAN YOUR ORGANIZATION DO?

Chances are, your professional training may not have initially included how to spot Nation States and Bots – but with the tools like Botometer, now you can. You can even see who picks up a story and reposts it with CrowdTangle.

Image: 3 From Payton RSA 2021 Keynote
  1. Design an incident response playbook assuming your industry, brand, or executives fall victim to a cyber attack.
  1. Go on offense to create pre-debunking and preemptive measures – for example, what would someone make up about you? Counter that proactively with information.
  1. Set up a company operating routine to automatically scan for misinformation campaigns about your industry, company, and leadership team.
  1. When in doubt, engage your company’s Security Operations Center.

As the saying goes: If you see something, say something. We all have a role to play. Our social media platforms are trying to do the right thing, but they are outnumbered. Report. Report. Report.  

This is the crisis of our time.  To date, the global growth of manipulation campaigns is still in its infancy. But manipulation tactics and technology will get only more advanced, accelerated, and imperceptible, with no clear way to stop them.  

Many organizations including Big Tech, nonprofits, think tanks and government agencies are working around the clock to end the meddling and manipulation. But they need our help.  

If we act now, our future will take a positive course, one that can detect, protect, and defend against manipulation campaigns.  

Did you know that Fortalice Solutions has a unique, boutique set of intelligence services that can be used to protect your organization and your executives? If you feel you need to learn more about what we can do for you, just give us a call at 877.487.8160.  

Several organizations are using my newest book, Manipulated, to drive their fortified security strategy on how to spot and stop manipulation campaigns before they attack an organization or the executive suite.  

The audio version is FREE for some Audible and Amazon accounts.

Personalized and signed copies can be ordered at Park Road Books and sent any place on the globe:
https://www.parkroadbooks.com/book/9781538133507

Available in hardcover, ebook, and audio on Amazon:
https://www.amazon.com/Manipulated-Inside-Cyberwar-Elections-Distort/dp/1538133504

Available in audio format in a podcast like style on Amazon and Audible.
https://www.audible.com/pd/Manipulated-Audiobook/1713524678

Let's Talk
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.