The three constraints on Influence Operations - Digital Threat Digest
In the age of fake news, as individuals we are being encouraged to check the sources of information that we use. One of the primary sources that we are often told can be trusted, is our own government, especially on political topics. In this instance, a governmental emergency early warning network was compromised by hackers in Australia.
What happened?
Australian emergency warning service The Early Warning Network, was recently hacked by an unknown group of attackers, who used the service to distribute a message to registered individuals: “EWN has been hacked. Your personal data is not safe. Trying to fix the security issues,”.
If this sounds like something out of the plot of a film, that’s because it’s not far off: In Die Hard 4 terrorist hackers released news about a fake attack on the Whitehouse, causing widespread panic and concern.
Why does it matter?
Luckily, in this instance, the hackers didn’t attempt to send out a fake emergency alert. However, emergency systems are designed to facilitate mass communication—particularly in situations where other sources of information may not be available for fact checking—so, misuse is a major concern.
In short, an emergency system that no one trusts is useless.
What can we learn?
With information so easily obtainable online, it is important for trusted primary sources to stand out above the rest of the noise and maintain that trust.
This situation demonstrates one of the key risks of backup and emergency systems; they must be easy to use, resilient, and secure enough to avoid misuse by unauthorised parties. This will ensure the trust factor does not deteriorate.
Of course, such competing factors can often compromise each other without careful design.
All too often, security is solely focused only on confidentiality (keeping things secret), but it is important to remember that integrity (ensuring that information is correct) is equally a security concern. As governments and companies move more services—and methods of information dissemination online—they need to take great care to ensure the integrity of the data they release. Failure to do so, can result in reputational risks primarily but, in the long term, a breakdown of trust between official information and the intended recipients may cost lives.
For more information about this story.
Insights
Four Cardinal Virtues of good open source research - Digital Threat Digest
Last week, Bellingcat released their ‘Seven Deadly Sins of Bad Open Source Research’. The article lays out the glaring errors they’ve observed by practitioners online, especially regarding the conflicts in Gaza and Ukraine.
Brazilian Darth Vader - Digital Threat Digest
April 2024 marks the 40th anniversary of the Diretas Já civil movement in Brazil, a mass movement demanding direct presidential elections and a return to democracy after two decades of military dictatorship.
Fake news games - Digital Threat Digest
Last week, British comedian, Joe Lycett revealed he had successfully seeded four fake stories within the British press.