Disinformation, The Election & Cybersecurity

During this election season, disinformation campaigns have been so prevalent that the NY Times has a live-updating feed of the latest falsehoods and misleading statements circulating online. Fake news, it seems, abounds. 

Kate Starbird, Associate Professor of Human Centered Design & Engineering, University of Washington, explains 2020's onslaught of disinformation campaigns in a piece for The Conversation. She states, "Unlike rumors and misinformation, which may or may not be intentional, disinformation is false or misleading information spread for a particular objective, often a political or financial aim."

Because information spreads faster now than ever before, thanks to technology advancements and social media, disinformation campaigns are also more compelling than ever before (although not new). 

This article describes the disinformation tactics that have increased during the 2020 election and coronavirus pandemic. Additionally, the article will cover how to keep a safe, skeptical mind when approaching information found on the Internet. 

What is a Disinformation Campaign? 

Despite what we may tell ourselves, we are all susceptible to influence by the media, social platforms, and those around us— at least to some degree. Influence is not a bad thing, but when the source of the influence is biased and manipulative, it can be challenging to determine what is real and what is fake. 

The purpose of disinformation is to actively spread false information to influence others to benefit a specific individual or group. Disinformation campaigns often occur during elections as a way to persuade voters to vote a certain way. 

The rise of disinformation campaigns has prompted the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to issue a Public Service Announcement regarding the potential for interference from cybercriminals and foreign actors.  

How Have Disinformation Campaigns Been Used in 2020?

There’s no doubt that 2020 has been a unique year. Between the coronavirus pandemic and an election with record-high voter turnout, there has been plenty of room for false information to spread. 

In a joint statement from the World Health Organization (WHO), United Nations (UN), UNICEF, and others, they urged stakeholders to manage disinformation and misinformation, stating that in this scenario, "Misinformation costs lives."

In regards to the election, there have been countless disinformation claims. For example, one claim is that many deceased individuals voted in the 2020 election in Pennsylvania. While a lawsuit was filed in this matter, a spokeswoman for the PA attorney general's office replied, "The court found no deficiency in how Pennsylvania maintains its voter rolls. There is currently no proof provided that any deceased person has voted in the 2020 election."

Along with the rise of "fake news" articles, we've also seen an uptick in deepfake videos in the year 2020. Deepfake technology uses artificial intelligence to create realistic-seeming video recordings that are astonishingly difficult to differentiate from a legitimate recorded video. These videos aim to make the audience believe that the video's subject is saying or doing something they wouldn't actually say or do. 

How "Fake News" Campaigns & Rumors Can Affect Cybersecurity 

While fake news has obvious consequences and impacts what we believe, it also influences cybersecurity. If a malicious actor can shape what someone believes, they are likely able to impact their behavior. 

Recall the deepfake technology we discussed in the previous section. Imagine that an attacker has created a fake charity organization to collect money from victims. If the attack can make a deepfake video in which a trusted philanthropist vouches for this organization, more people will likely donate to it. The video is a fake, the organization is a front, and the philanthropist was never involved with the organization. 

Scenarios like the one described above can cost victims thousands of dollars. Deepfake technology and AI have effectively made it more challenging to trust our own eyes and ears. 

Along with breaking-edge technology such as deepfakes, attackers still use standard techniques such as phishing, impersonation, and ransomware to prey on their victims. Picture a scenario in which you've seen an article (which you believe to be real) circulating online that a representative will be calling to collect information from you to ensure that you'll receive aid for the pandemic. As a result, if an attacker calls and requests your private data for this purpose, you may be more likely to provide it and less likely to further investigate. 

How Can Users be More Aware/Protected When Encountering these Campaigns Online?

A healthy amount of skepticism has never hurt anybody. It's best to question what you read on the Internet and ensure that information you receive comes from those who have the authority to speak on such matters. 

Here are a few tips to assist you when approaching information found online: 

  • Lean on trusted news sources and stories validated through multiple sources.
  • Watch out for spoofed domains. For example, you might think you're seeing a social post leading to the domain "Nytimes.com" that’s really leading you to "nytime.com” (note the lack of an “S”).
  • Never authenticate with social media or email providers unless you've verified the information source.  
  • Look for biased sources. Does the writer have an agenda for making you believe something?

Keeping up with It All

With today’s news ever-changing and ever-questioned, it’s crucial to stay up-to-date with the most accurate information. 

Instead of validating claims and learning about the latest evolutions in cybersecurity yourself— a taxing and time-consuming process, indeed— find an authority figure you trust to break it down.

Download our guide for Choosing the Right Cybersecurity Speaker to educate your team on the latest threat landscape. 

Kevin Mitnick & The Global Ghost Team live for the challenge of mastering new technology and inventing stronger and safer ways to protect digital systems. Interested in booking us, specifically? Visit Kevin’s Booking Guide.

Topics: US election, election security

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

PCI Testing: Everything You Need To Know

Penetration testing is crucial for businesses to help ensure that their security posture will stand against threat actors. For businesses that handle ..

Read more ›

The 4 Phases of Penetration Testing

So, you’ve done your research on penetration testing and are ready for the pentest engagement. But before you choose just any pentesting vendor, it’s ..

Read more ›

What is Web Application Penetration Testing?

Is your company in the process of developing a new application? There are a lot of moving parts involved in developing and deploying cutting-edge appl..

Read more ›