Here comes ‘antidisinformation as a service’

Here comes ‘antidisinformation as a service’

Lies and fake news are coming after your company’s brand and reputation. Time to get your AaaS in gear.

Disinformation was in the news again this week. Facebook, Twitter, Google and Microsoft said they removed accounts linked to Russian and Iranian disinformation campaigns.

And if you think it’s all about politics and rogue nations, think again. The real story is about a new enterprise business service that fights disinformation.

I’ll tell you all about that below. But first, the real news about the fake news.

Facebook said that 652 Facebook pages and groups run by the Iranian and Russian governments were deleted because they were found to be “misleading,” by which it meant that the pages and social profiles presented themselves as something other than what they really were.

Facebook’s purge comes one month after that company removed 32 disinformation pages and groups aimed at disrupting the upcoming U.S. midterm elections. One of those pages had attracted nearly 140,000 followers.

Twitter suspended 284 accounts this week associated with the Iranian government.

And Google deleted 39 YouTube accounts and 13 Google+ accounts reportedly tied to Iranian state media that were designed to spread fake news.

Microsoft claimed on Monday to have stopped cyberattacks by Russian government-backed “Fancy Bear” hackers against conservative groups in the U.S. that support sanctions against Russia.

Hilariously, the Russian government even used the stories about the removed accounts to spread its subtle, doubt-creating brand of disinformation. Of course, thousands of news outlets covered the news. The headlines on those stories typically pointed out that the deleted disinformation was linked to both Iran and Russia. But the “news” organization Russia Today (which is a Russian government propaganda network that expertly blends real news with subtle disinformation) had this misleading headline: “Facebook, Twitter take down ‘inauthentic Iran-linked’ accounts … but Russia takes the heat.”

Members of the public scanning the headlines might be convinced (accurately) that the accounts were linked to both Iran and Russia. But after seeing the RT headline, they might have doubt that Russia was implicated, and that once again the media is blaming Russia for everything.

As always, the goal appears to be to get the public, not to believe one thing or another, but to lose faith in information itself.

News also broke this week that Russia-linked trolls and bots amplified online debate over whether vaccines are safe. On Twitter, for example, researchers found Russian trolls using the hashtag #VaccinateUS. The number of those accounts expressing pro-vaccine views were roughly equal to those against vaccines. The point wasn’t to change the public’s mind, but to create doubt and division.

These stories appear to be all about governments, politics and social networks. But the real story is about a new approach to antidisinformation.

Wait, what?

Here’s the real news: Most of the disinformation accounts deleted by Facebook, Twitter, Google and Microsoft were discovered not by those companies or the U.S. government, but by a company called FireEye.

I told you in this space last year about disinformation as a service (DaaS). Most of the Russian disinformation campaigns are carried out by a private company called the Internet Research Agency.

But now comes AaaS — antidisinformation as a service. That’s what FireEye provided this week to the Silicon Valley social networking companies.

It considers itself a kind of NSA for hire — an intelligence organization, but for enterprises.

How does it do it? FireEye’s methodology is multifaceted and a trade secret. But the company’s core competencies lie in discovering hidden malware and network hacks with the use of proprietary technology to detect behavioral anomalies — behavior by code and websites that isn’t normal. Once it finds the general nature of the weird behavior, it then does a lot of shoe-leather research. It tracks down who paid for domains, finds out if social accounts are real people — that sort of thing.

In the wake of this week’s news, FireEye’s stock price is soaring. AaaS is suddenly a viable business, and there’s a clear need for it.

The trouble with black-box solutions

Disinformation is here to stay. And it’s coming as a way to damage the reputations of businesses, products and brands.

If you think about it, brand campaigns are just commercial propaganda.

Political propaganda has evolved from billboards telling the public how good one’s own government is to fake websites and social accounts telling the public how bad the other government is.

The Russian public knows it’s got a bad government. So Russian disinformation is aimed at convincing Russians that other governments are bad, too. Russian propaganda both convinces everyone that the West is divided and chaotic and simultaneously seeks to actually create division and chaos.

Because this approach works so well, it’s only a matter of time before unscrupulous corporations start using Russian-style disinformation against their global corporate rivals.

But in order to combat disinformation, you have to know it’s there.

The most dangerous kind of disinformation takes place in a “black box,” where third parties (such as governments and concerned members of the public) can’t see.

The complicated world of disinformation campaigns on Facebook is a perfect example.

The advertising part of Russia’s disinformation campaign that attempted to meddle in the 2016 election was in a kind of black box. People were served custom advertising, and nobody except Facebook could see the full scope of the campaign. It found it only after publicly available disinformation accounts came to light, which caused it to look at advertising.

Black-box disinformation is already claiming lives.

At least two dozen people in India were killed this year by mobs that rose up after fake-news rumors spread on Facebook’s WhatsApp.

And fake news was spread on WhatsApp in Brazil that a yellow fever vaccine was dangerous, causing a large number of people to avoid the vaccine.

Disinformation will happen increasingly inside black boxes such as advertising networks and messaging platforms such as WhatsApp. Because posts are sent privately, rather than posted publicly, it’s very difficult for third parties to analyze the content.

And that’s why we need AaaS

If unscrupulous competitors, either foreign or domestic, decide to spread disinformation about your company, and choose to do it in black-box locations such as personalized advertising or on messaging apps, it makes sense to hire an AaaS company such as FireEye. It can work with companies such as Facebook to seek out disinformation targeted at your company inside the black-box networks where only the social networking company has authorized access.

FireEye itself offers a wide variety of security services. But I predict that companies will specialize in antidisinformation and offer their services to enterprises.

With all the threats enterprises face, it’s an unhappy fact that disinformation is a new threat to add to the list.

Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags AIethics of big dataFake newsCambridge Analytica scandal

More about FacebookFireEyeGoogleMicrosoftNewsNSATwitterWest

Show Comments