Here comes ‘antidisinformation as a service’

Image: IDGNS

27 August 2018

Disinformation has made the news again. Facebook, Twitter, Google and Microsoft said they removed accounts linked to Russian and Iranian disinformation campaigns.

And if you think it’s all about politics and rogue nations, think again. The real story is about a new enterprise business service that fights disinformation.

But before getting into that, here is the real news about the fake news.

Fake news
Facebook said that 652 Facebook pages and groups run by the Iranian and Russian governments were deleted because they were found to be “misleading,” by which it meant that the pages and social profiles presented themselves as something other than what they really were.

The majority of the disinformation was aimed at people in Latin America, the Middle East and the UK.

Facebook’s purge comes one month after that company removed 32 disinformation pages and groups aimed at disrupting the upcoming US midterm elections. One of those pages had attracted nearly 140,000 followers.

Twitter suspended 284 accounts this week associated with the Iranian government.

And Google deleted 39 YouTube accounts and 13 Google+ accounts reportedly tied to Iranian state media that were designed to spread fake news.

Microsoft claimed on Monday to have stopped cyberattacks by Russian government-backed “Fancy Bear” hackers against conservative groups in the US that support sanctions against Russia.

Hilariously, the Russian government even used the stories about the removed accounts to spread its subtle, doubt-creating brand of disinformation. Of course, thousands of news outlets covered the news. The headlines on those stories typically pointed out that the deleted disinformation was linked to both Iran and Russia. But the “news” organisation Russia Today (which is a Russian government propaganda network that expertly blends real news with subtle disinformation) had this misleading headline: “Facebook, Twitter take down ‘inauthentic Iran-linked’ accounts … but Russia takes the heat.”

Members of the public scanning the headlines might be convinced (accurately) that the accounts were linked to both Iran and Russia. But after seeing the RT headline, they might have doubt that Russia was implicated, and that once again the media is blaming Russia for everything.

As always, the goal appears to be to get the public, not to believe one thing or another, but to lose faith in information itself.

News also broke this week that Russia-linked trolls and bots amplified online debate over whether vaccines are safe. On Twitter, for example, researchers found Russian trolls using the hashtag #VaccinateUS. The number of those accounts expressing pro-vaccine views were roughly equal to those against vaccines. The point was not to change the public’s mind, but to create doubt and division.

These stories appear to be all about governments, politics and social networks. But the real story is about a new approach to antidisinformation.

Wait, what?
Here is the real news: Most of the disinformation accounts deleted by Facebook, Twitter, Google and Microsoft were discovered not by those companies or the US government, but by the security company FireEye. The company has a major base in Cork.

As mentioned previously, disinformation as a service (DaaS), and the Russian campaigns in particular, are often carried out by a private company called the Internet Research Agency. But now comes AaaS — antidisinformation as a service. That is what FireEye provided this week to the Silicon Valley social networking companies.

It considers itself a kind of NSA for hire — an intelligence organisation, but for enterprises.

How does it do it? FireEye’s methodology is multifaceted and a trade secret. But the company’s core competencies lie in discovering hidden malware and network hacks with the use of proprietary technology to detect behavioural anomalies — behaviour by code and web sites that is not normal. Once it finds the general nature of the weird behaviour, it then does a lot of shoe-leather research. It tracks down who paid for domains, finds out if social accounts are real people — that sort of thing.

In the wake of the recent news, FireEye’s stock price is soaring. AaaS is suddenly a viable business, and there’s a clear need for it.

Black-box solutions
Disinformation is here to stay. And it is coming as a way to damage the reputations of businesses, products and brands.

However, in a way, brand campaigns are just commercial propaganda.

Political propaganda has evolved from billboards telling the public how good one’s own government is to fake web sites and social accounts telling the public how bad the other government is.

The Russian public knows it has got a bad government. So Russian disinformation is aimed at convincing Russians that other governments are bad, too. Russian propaganda both convinces everyone that the West is divided and chaotic and simultaneously seeks to actually create division and chaos.

Because this approach works so well, it is only a matter of time before unscrupulous corporations start using Russian-style disinformation against their global corporate rivals.

But in order to combat disinformation, one has to know it is there.

The most dangerous kind of disinformation takes place in a “black box,” where third parties (such as governments and concerned members of the public) cannot see.

The complicated world of disinformation campaigns on Facebook is a perfect example.

DaaS at work
The advertising part of Russia’s disinformation campaign that attempted to meddle in the 2016 election was in a kind of black box. People were served custom advertising, and nobody except Facebook could see the full scope of the campaign. It found it only after publicly available disinformation accounts came to light, which caused it to look at advertising.

Black-box disinformation is already claiming lives.

At least two dozen people in India were killed this year by mobs that rose up after fake-news rumours spread on Facebook’s WhatsApp.

And fake news was spread on WhatsApp in Brazil that a yellow fever vaccine was dangerous, causing a large number of people to avoid the vaccine.

Disinformation will happen increasingly inside black boxes such as advertising networks and messaging platforms such as WhatsApp. Because posts are sent privately, rather than posted publicly, it’s very difficult for third parties to analyse the content.

And that is why AaaS is needed.

If unscrupulous competitors, either foreign or domestic, decide to spread disinformation about your company, and choose to do it in black-box locations such as personalised advertising or on messaging apps, it makes sense to hire an AaaS company such as FireEye. It can work with companies such as Facebook to seek out disinformation targeted at your company inside the black-box networks where only the social networking company has authorised access.

FireEye itself offers a wide variety of security services. It is highly likely that companies will specialise in antidisinformation and offer their services to enterprises.

With all the threats enterprises face, it is an unhappy fact that disinformation is a new threat to add to the list.


IDG News Service

Read More:

Comments are closed.

Back to Top ↑