At Fortalice Solutions, we are dedicated to improving security awareness. We have helped hundreds of organizations in combatting cybercrime. In 2013, we unearthed an emerging trend where a company, industry, or an executive was the target of a disinformation campaign. I dedicated personal time to research how the peddlers of misinformation, disinformation, and manipulation campaigns launch their tradecraft which inspired me to write my latest book, Manipulated.
No industry or trending topic is safe from the manipulators’ playbook. It is only a matter time when you may find that your organization, company, industry, or perhaps an executive or VIP becomes the victim of a manipulation campaign.
Big Tech, Social Media, and News Media firms have made inroads, but admit they have more to do.
International law struggles to keep up as well. NATO regularly publishes the Tallinn Manual, a guide on how to handle international cyberattacks. Yet, it is not clear that something as significant as people peddling in misinformation during recent global elections, or even the dox and dump hack that happened to the DNC and the Clinton campaign around the 2016 election, would result in jail time for everyone involved in the United States justice system or be considered illegal in the international courts.
The manipulators play in the gray spaces of the law and international-extradition treaties. Manipulators are operating in the open right now, knowing that often they will not be stopped by social media nor named, singled out, or face any repercussions.
As someone who has personally vowed to protect and defend our nation and our allies, businesses, and global citizens from digital break-ins, I find this lack of legal recourse highly objectionable.
Manipulators are already targeting many areas of our lives: the stock market, cryptocurrency valuations, the outcome of our elections, and now the Covid-19 vaccine rollout. Their actions are shaking the foundations of the world’s most resilient societies.
Although political and social espionage, propaganda and manipulation campaigns are centuries old and well documented, technology provides a new twist. And the manipulators have been honing their tradecraft for over a decade. In 2013, the World Economic Forum posted its top ten trends on its watch list; and on that list was online “misinformation.” According to reports, nearly 80 percent of the time, Russian cyber operatives were behind manipulation and disinformation campaigns meddling in almost every social issue globally, as well as elections in the Netherlands, Catalonia, United States, France, Germany and the United Kingdom’s Brexit referendum. For the record, Russia denies it. The remaining cyber operatives often tie back to China, Iran, N. Korea, all of whom deny it. Also playing in this realm are non Nation States, such as social issue based or political-activist groups.
You may ask “Why Do Cyber Operatives Manipulate?”
The endgame is to make you doubt everything you believe—which leaves you open to believing anything.
Research shows that a false story reaches people six times faster than does legitimate news or the truth.
I learned another disturbing fact when I studied the various ecosystems of manipulators for my book Manipulated, and it’s this – it’s incredibly lucrative. When we click, react, repost, or forward, the best in the manipulation business make money, and lots of it.
As hard as this is for me as a career technologist to admit, we cannot “tech” our way out of this problem.
I recently looked into the COVID19 Vaccine misinformation, disinformation, and manipulation schemes and the impact on global citizens.
One rough estimate shows that misinformation on “public health” alone generated billions (that’s billions with a “B”) of social media views in only one year.
A poll in the UK found that 8 percent of people believe that 5G technology spreads the coronavirus.
27 percent of Americans are hesitant to get the Covid-19 vaccine due in part to manipulation campaigns.
These theories are just a small part of the global infodemic that has spread largely unchecked on social media platforms.
As we have seen in our client work on various threat hunts abd incident response cases, it can be Unscrupulous Business Competitors, Unscrupulous Political Operatives, Cyber Criminals, and Unscrupulous Nation States
The manipulators use a variety of techniques, but social media is currently their distribution platform of choice.
As I interviewed experts and hackers conducting manipulation campaigns for my book, Manipulated, I grew increasingly concerned about the availability to make “deepfakes of everything,” both now and in the future.
New cottage industry services such as MrDeepFakes.com (please note, this site is Not Suitable For Work) only require a decent graphics card, 10 steps and patience. A few years ago, making a convincing deepfake required technical skills or cost thousands of dollars to pull off. Now, it’s free. They even provide a how-to-guide and GUI. Seriously, you don’t even have to know Python.
While doing my research for Manipulated, I came across the case of female investigative journalist Rana Ayyub. After an eight-year-old Kashmiri girl was brutally raped, Ayyub spoke openly that she felt there was a coverup involving an influential man connected to senior government officials. Internet trolls attacked her, forging tweets from Ayyub’s account with inflammatory statements such as “I hate India,” and, “I love child rapists and if they are doing it in the name of Islam I support them.”
This was horrible enough on its own, but then, her likeness was edited into a deepfake pornographic video that was released online.
The threats against her life escalated and the United Nations had to step in to ask India to protect her.
One victim of this type of attack, is one too many.
Techniques and Tactics
HOW is it done?
After unmasking various peddlers of misinformation schemes, I've seen recurring themes/patterns in how they commit their fraud.
One common tactic of a manipulation campaign is posting something masquerading as news on a state-sponsored or “independent” news site.
The “news” gets information-laundered and quoted.
The manipulators initiate chat bots and/or use fake personas to post across multiple platforms, using popular but innocuous hashtags.
Repeat over and over.
Look out for:
A topic not being reported on by traditional news media, who typically source and vet stories before publication.
Please note: Memes are the hardest to spot and a favorite tool of nation states wanting to target the 25-and-under demographic.
Ideally, your opinion on whether or not to get the COVID19 vaccine is shaped by well-established medical advice from your family doctor and deciding what’s best for your specific situation. If you decide to get one or not to get one, I’m not here to judge, but to make sure your decision process does not allow you to be manipulated via disinformation.
Prior to the pandemic, there was a collaborative study published by researchers at George Washington University, the University of Maryland, and Johns Hopkins University. They examined the debate over kids’ vaccines on social media and reported that Americans both for and against child vaccines were joined by covert Russian operatives posing as Americans—both for and against vaccines. In fact, hashtag #VaccinateUS was a favorite hashtag of these trolls.
Why would Russian hackers care if our kids are vaccinated? They don’t. In fact, Russia has almost a 100 percent vaccination rate for its own children.
The ultimate goal of most manipulators, including these Russian trolls, is to rile up a country’s citizens, foster unease about the issue, and make us distrust medical experts and government authorities.
The Russian internet trolls previous work stoking the flames of the anti-vaccine movement, opened the door to the manipulation campaigns playing out today regarding COVID19 vaccines.
In looking specifically for COVID19 vaccine manipulation campaigns, I worked alongside one of our Senior Experts at Fortalice in our Open Source Intelligence Division, Landon Stewart, to unmask a few campaigns for you.
We know how busy you are so this post highlights only a few of our most illustrative findings to explain incidents of manipulation hiding in plain sight to show you and then to offer your organization tactics to improve your cyber defense.
Our methodology was to use free and opensource tools so you could implement these into your business and personal routines right away.
First, we installed Node XL on the gaming machine.
Next, we fed the tool two search terms:
“Covid Vaccine” and “Hoax”
Finally, we allowed the tool to run on the standalone gaming machine for 48 hours.
And Voilá!! In less than 2 days, we had a basic misinformation and disinformation investigation underway! And we found loads of it!
Our lawyer won’t allow me to say the overall activity is fraudulent, because that calls for a legal determination, but I will allow you to come to your own conclusion.
In less than 2 days, using free tools, and a gaming computer, we uncovered a small group of only 30 Americans that reached at least 94,000 unsuspecting members of affinity groups such as LA Arts, cooking, music, pop culture, and more.
Although I redacted their names from this blog post, I want you to know a little more about the top three most interesting influencers:
By using CrowdTangle, a tool created by Facebook, Landon found that the influencers greatly expanded their reach through posting and sharing articles of disinformation not on their main pages or accounts. That would be too obvious! They posted their disinformation and manipulation campaigns within various affinity groups.
Why target smaller groups? If you target everyone and get just one believer from each unique micro-segmented affinity group, you can work to gain a foothold among its members.
We found these COVID19 vaccine misinformation posts were written to attract people across the USA, Canada, and the EU.
Rest assured, we have provided our research to the appropriate authorities.
What I want you to know is this, no matter how you feel about any hot button issues, such as COVID-19 and vaccines, who wins or loses elections, how decisions get made by your government, or any of today’s modern issues the point is this – the manipulators – and these REDACTED PEOPLE - don’t care how you feel – they just want to manipulate you!
Chances are, your professional training may not have initially included how to spot Nation States and Bots – but with the tools like Botometer, now you can. You can even see who picks up a story and reposts it with CrowdTangle.
As the saying goes: If you see something, say something. We all have a role to play. Our social media platforms are trying to do the right thing, but they are outnumbered. Report. Report. Report.
This is the crisis of our time. To date, the global growth of manipulation campaigns is still in its infancy. But manipulation tactics and technology will get only more advanced, accelerated, and imperceptible, with no clear way to stop them.
Many organizations including Big Tech, nonprofits, think tanks and government agencies are working around the clock to end the meddling and manipulation. But they need our help.
If we act now, our future will take a positive course, one that can detect, protect, and defend against manipulation campaigns.
Several organizations are using the book, Manipulated, to drive their fortified security strategy on how to spot and stop manipulation campaigns before they attack an organization or the executive suite.
The audio version is being offered for FREE for various subscribers of Audible and Amazon accounts.
Personalized and signed copies can be ordered at Park Road Books and sent any place on the globe:
Available in hardcover, ebook, and audio on Amazon:
Available in audio format in a podcast like style on Amazon and Audible.
During the course of our investigative work, Fortalice has observed an increasing and alarming trend: personal email compromise is leading to business email compromise. Threat actors will leverage weaknesses regarding executives’ or board members’ personal cybersecurity hygiene to gain access to their business accounts. Extortion also remains a top cybersecurity threat, with organized criminals overseas routinely targeting corporations and the people who support them.
Silicon Valley Bank (SVB) was shuttered early this month and had its deposits seized in the largest U.S. bank failure since the 2008 financial crisis. Although it may seem like SVB’s collapse will only impact its direct customers and depositors, it is far more complicated. Like vultures to roadkill, cyber scammers often wait to exploit and target victims after tragedy strikes, or bad news arises. A perfect storm of stress, uncertainty, and urgency for customers and vendors alike during this time can impair someone’s judgement when they click links and open emails they otherwise would ignore or delete. Fortalice has outlined a few different ways cybercriminals social engineer their victims during times of extreme distress and insecurity.