Hacktivisim has given itself a media friendly makeover. It’s now called Fake News.
One of the most intriguing cyber crime threats, is that of hacktivisim. Where an individual or a collective seek to manipulate, expose, falsify or destroy the reputations of individuals, companies or organisations in return for some form of gain. This gain doesn’t have to be financial, but can be disruptive or to intrinsically damage a reputation beyond repair.
I use the term intriguing as there is a spy thriller style fiction to their actions, that conjures up visions of good against bad, right against wrong, working in the shadows and the dark corners of the internet rarely seeing their exploits entering the main stream consciousness of the general public.
Not any more. Hacktivists are now effecting the lives of millions on a daily basis with their work. You may not have noticed, because many of their activities have had a subtle rebrand, and are now being referred to as ‘Fake News’.
That expression, Fake News, where deliberate misinformation or hoaxes have been spread via predominantly electronic means, became part of the global lexicon after allegedly being used to influence vast swathes of the voting public in elections that have recently occurred.
These Fake News stories, that can be seeded from stolen emails, or just from salacious fabrication, can quickly gain traction through social media, which once ‘liked’, reposted, commented on or retweeted gives it a credibility. Their aim is purely to inflict reputational damage in order to sway opinion. And it works, it works really well!
At present Fake News appears to be targeted at the highest levels, but over time this phenomenon, if not monitored and corrected, will start to be directed at businesses of all levels.
Calls are being made to the distribution channels for Fake News, predominantly social media, to act in order to lessen its impact and apply some form of regulation. They are slowly responding to this, but in their defence they still sell themselves as a platform as opposed to a media company. If they were a traditional media company then they would be bound by the laws that govern that sector, meaning they would be legally responsible for the content that they distribute. Whereas being a platform, they are just a conduit for information dissemination.
Compounding the issue of Fake News is when figures in authority decide to label any legitimate news or media organisation as fake, purely because they don’t agree with their analysis, reporting or assessment of stories that they have reported on.
So, what can a business do, should they become the target of Fake News?
Like any cyber threat, the first issue is awareness, and accepting that Fake News can be categorised as a significant cyber threat. They need to become aware that any information about them and their activities could be stolen, manipulated and then propagated through the internet by those that wish to see them come to harm. Therefore, all the technical controls on passwords and access control need to be enforced, to prevent data being stolen in the first place.
Complementing this can be the use of media monitoring tools, many, such as Google Alerts, have been available for quite a while and can now be complemented with those dedicated to scouring the plethora of social media platforms for commentary about a company. Some of these tools are relatively well advanced and even sell themselves as being able to determine the current ‘social sentiment’ surrounding a company.
Secondly is having a response plan, a set of actions that can be put into place should an attack of Fake News break out. This can be in the form of media statements acknowledging the issue and then offering a transparent rebuttal, that can be circulated through traditional PR channels and on social media. Key to an effective strategy is determining the source of the Fake News ‘attack’. Where did it originate from? Does any of the ‘facts’ within it have any form of credence whatsoever? Answer those and then they can be challenged and corrected accordingly.
Lastly, I would advocate that like many other cyber threats, this is an ongoing threat and can break out without warning. Therefore, the cyber team within a company must bring in their marketing, social media and PR teams for continued updates and planning.
We now live, sadly, in a World where information that is correct or incorrect can go ‘viral’ without warning. Reputations can be destroyed within hours if those behind Fake News decide that they have a particular axe to grind, or wish to sway influence or opinion.
Fake News has succeeded in one thing, it’s given a media friendly makeover to one very challenging cyber threat.