The political rise of Donald Trump popularised the use of the term “fake news” to describe media reports that the subject of the report’s claims is false but are typically real stories telling an inconvenient narrative that the subject wished to dismiss quickly. Since Trump started using the term to regularly counter negative stories, other politicians, celebrities and business leaders around the world have responded to any negative publicity as “fake news.”
In late March 2020, whilst battling to manage the impact of the COVID-19 pandemic, the World Health Organisation (WHO) coined the term “infodemic.” The WHO describes an infodemic as an overabundance of information about a problem, which makes it difficult to identify a solution. Infodemics spread misinformation, disinformation and rumours during a health emergency. Infodemics can hamper an effective public health response and create confusion and distrust among people.
While the term infodemic is new, the challenge of misinformation, disinformation, accusations of fake news and rumours aren’t. Recent years have tested our ability to discern trusted sources and to distinguish, in the words of author and data scientist Nate Silver, the “Signal and the Noise.” This is where the signal is the meaningful information that you’re trying to detect, while the noise is the random, unwanted variation or fluctuation that interferes with the signal. In the information sense, the noise is masses of information that exist that companies are attempting to decipher.
Fake news and sophisticated disinformation campaigns are problematic not only because they make it hard to identify what is true and what isn’t, such as the masses of fake information regarding vaccines spread by non-expert anti-vaxxers, but also because, as the US Capitol Riots on 6 January 2021 in Washington D.C. showed, they can lead to violent events.
In his 2019 book, Talking to Strangers, the author Malcolm Gladwell covers the challenge that we encounter in our interactions with others. In the book, Gladwell tells stories of many “encounters between strangers” — starting with a Texas state trooper Brian Encinia and his interaction with Sandra Bland during a routine traffic stop that later leads to Bland’s suicide in a police cell.
Over the course of the book Gladwell also covers Neville Chamberlain and Adolph Hitler; Bernie Madoff and financial experts who interacted with him; a spy from Cuba hidden in plain sight in the highest echelons of the US intelligence services; and many others. Gladwell’s takeaway is that people are not good at discerning the truth about the people we interact with. Gladwell notes that people often default to truth – or to believe that people are telling the truth – when they share information, even if it should be obvious that they are lying.
Regarding disinformation, which is routinely spread online, the interaction doesn’t have to occur face-to-face anymore and the prominent use of social media by members of the public to access their news is making determining the truth a bigger challenge, leading to some dangerous outcomes.
Misinformation is false information spread with no ill intent. Disinformation is generally understood as content that is fabricated, manipulated and distributed content that is presented in a false context with intent to harm.
Disinformation—from purposefully misleading rumours and coordinated campaigns targeting individual companies or industries, to foreign interference in domestic markets—can threaten a company’s reputation and profitability and even influence financial markets. Several major companies have been the victims of disinformation campaigns in recent years including Tesla, Starbucks and in the UK, Metro Bank when in May 2019 fake stories spread through Facebook and WhatsApp created a minor run on the bank in London.
But, as noted in an article on www.ComputerWeekly.com called “It’s time to accept that disinformation is a cyber security issue” from December 2020, tackling the manipulation of truth is no easy task. The sheer volume of data being created makes it hard to tell what’s real and what’s not. From destroying 5G towers to conspiracies like QAnon and unfounded concern about election fraud, distrust is becoming the default – and this can have incredibly damaging effects on society.
In addition, Deepfake technology, which a PWC report on disinformation from 2020 refers to as “the nuclear option of disinformation techniques” given its sophistication and remarkable effectiveness, is now easier than ever to produce and distribute online.
The rise of disinformation creates challenges for security professionals as these events could easily impact assets that the professionals must protect. As such, security leaders must work hard to distinguish the signal, but also be aware of the potential threat that the noise could create for them. It’s no longer appropriate to simply dismiss wild stories spreading on social media as concerned citizens could decide to act on the information.
However, the rise of disinformation is another area where a forward-looking security department could support the wider business. Specifically, they can do this by leveraging an intelligence function to manage the collection and assessment of the array of information about companies being shared, distinguishing the disinformation and misinformation and identify the threats this could cause. Identifying this threat early creates an opportunity for business leaders to act, either to issue statements debunking the story if necessary or taking legal steps to issue cease and desist notices or to contact social media providers to have the information removed.
Security departments need to understand the difference between information and intelligence, need to have a systematic approach to the collection, analysis and dissemination of intelligence. Security departments need to follow a diversity of news sources and be sceptical of what they read and watch for the truth. As information, and mis/dis-information increases, managing the intelligence function effectively becomes an even bigger strength for the security department.
By James Morris, Head of Security Services, EMEA at Aon
You can connect with James here