Cyber propaganda 101
Propaganda is an old and effective technique that has been used by nation-states and organizations to manipulate and sway public perception. During the Cold War, radio stations in Western countries used to broadcast pro-Western messages to Eastern Europe, successfully using them as tools to spread propaganda. We can also see evidence of the power of visual media as Western television is widely believed to have been a crucial factor in the reunification of Western and Eastern Germany—it exposed an idealistic picture of the West, which was very different than the lifestyle in the East. Overall, there are two main factors at the root of successful propaganda campaigns: firstly, gathering valuable and significant information; and secondly, using strong channels of communication—without a way for messages to reach the public, propaganda is not possible.
Modern propagandists have been quick to take advantage of new modes of communication, and also quick to leverage their relative insecurity. They have hacked databases and personal devices, and have also spread messages much more quickly and broadly through social media and online news sites. This more evolved approach has been identified as cyber propaganda.
Cyber propaganda methodsCyber propaganda can be broadly defined as the use of modern electronic means to manipulate an event or influence public perception toward a certain point of view. The propagandists use varied techniques including stealing private information and releasing it to the public, hacking machines directly, creating and spreading fake news, and so on. While cyber propaganda mostly targets politicians and persons of influence, it has also been used by hacktivists to target private organizations.
Cyber propaganda tactics vary depending on the specific end goal—which can range from discrediting a target, changing the outcome of an electronic vote, or even spreading civil unrest. We’ve broadly categorized cyber propaganda tactics into the following:
- Database hacking – cybercriminals can break into secure systems such as private servers or data storage facilities to steal critical data. The stolen information can be released strategically, timed to create the most negative impact. Campaigns such as these are usually state-sponsored and take considerable time to execute.
- Machine hacking – the most straightforward way to manipulate an event is to hack the source of the result; one example is hacking voting machines to manipulate the outcome. Entities can also pressure the vendors of the voting machines into changing the result.
- Fake news – releasing fake news is a powerful and high-impact tactic that can change public perception almost instantly, thanks to a fast-paced news cycle. Fake news involves the creation of bogus news reports, spreading alternative facts or even fake images, and sharing them on popular social media platforms. The material can seem realistic enough that the public believes and spreads the information, which makes counteracting the damage very difficult.
The rising trend of cyber propaganda
Although cyber propaganda has been used by nation states as early as 2007, it was in 2016 that many saw the real impact it could have. The year was littered with high-profile attacks against different countries—Germany, Ukraine, Turkey, and Montenegro to name a few—but it was the attacks on the United States that highlighted the effects of a coordinated and sustained cyber propaganda attack. The threat actor group Pawn Storm had been targeting members of the Democratic National Committee (DNC) since 2014, and employed different cyber propaganda tactics to maintain a sustained campaign against the DNC. From phishing attacks against high profile members, compromising the party’s official site, and even offering stolen data to media outlets in an attempt to influence public opinion—the campaign was wide-ranging and had real impact.
Along with data breaches and information leaks, fake news was also a problem in 2016. The proliferation of misinformation stemmed from malicious actors but was also the effect of a fast-paced relentless news cycle and enterprising individuals paid to spread sensationalist stories. Biased news sites and persons of influence grasped any possible story and quickly spread it, with social media enthusiasts and fans also hastily sharing. Without the benefit of fact-checking and careful vetting, fake news stories did real damage. Now in 2017, the term itself has been weaponized. Government leaders and pundits have taken to labeling legitimate sites that disagree with them as ‘fake news’.
Although most cyber propaganda campaigns have been political in nature, hacktivists have also adopted these tactics in the private sector. We see more and more reports of hacktivists targeting organizations like the Mormon Church as well as trying to take down wealthy and high profile individuals who have been labeled corrupt. The widespread use of social media as a legitimate news source, and the worldwide sharing culture makes it easy to spread defamatory propaganda or drum up support for a certain cause.
Defending against cyber propaganda
Defending against cyber propaganda tactics such as database hacking and machine hacking is a matter of layered security solutions. Protecting and installing the proper authentication on personal devices and communication channels should be a must for all public figures. Also, organizations should take measures to protect and secure their network and their machines, and also vet any third-party facility storing valuable information.
In terms of fake news and misinformation campaigns, many experts agree that the best way to manage an attack of this kind is counterpropaganda. A widespread and organized campaign to change the narrative, or an organized protest that hijacks the story are better tactics than trying to debunk every false report or engage every attacker.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases