Fake news is the deliberate distribution of lies with the goal of swaying public opinion or dividing people. It has gotten the attention of information security professionals because it's difficult to identify and block — and because it helps spread malware.
“Fake news factories have engaged in operations to influence many citizens whether it is for marketing purposes, purchasing decisions, political instability, or just a misdirection to the real intention,” says Joseph Carson, chief security scientist at password management company Thycotic. “Social media and online services have been the primary victims as the users are now being fed with continuous feeds of information with no way to determine the authenticity of the source or whether is it trustworthy.”
[ Get a deeper look at the business impact of a cyberattack. | Get the latest from CSO by signing up for our newsletters. ]
How fake news delivers malware
Another problem is that fake news often has a secondary purpose. Scott Nelson, vice president at security training company SecureSet, says fake news is the latest attack vector for social engineering and hacking activity. Similar to a phishing attack, many variables are at play. Not every questionable link on Facebook is considered fake, and automated detection tools are not quite able to identify every story that’s suspicious or outright false.
“The introduction of malware embedded in images, links and downloads of the fake news story, email or social media site should be of increasing concern to organizations,” says Nelson. “These tactics are no longer the sole space of criminal organizations or spammers but are now used by nation states to attack or spread propaganda, compromise systems, inflict physical damage, or conduct espionage.”
Nelson says the enterprise is blissfully unaware of how much fake news behaves like malware (and often carries the same payload intended to harm users). That’s why hackers have taken advantage of this “look the other way” approach to classifying the fake news. “Organizations should be concerned that unsuspecting employees are falling prey to these new tailored campaigns [that spread] their political ideas or gossip,” he says.
What to do about the fake news threat
Hamid Karimi, vice president of business development at BeyondSecurity, says that fake news is often difficult to quantify or analyze, but the process of detecting the malware hasn’t changed. Sites that distribute fake news often distribute malware as well, he says, so companies need to classify them as such. Often, the intent is to hijack user accounts, spread the malware, and cause other problems in the same way a phishing attack might work.
“CIOs and CISOs must be concerned with fake news in the sense that such cases typically indicate the presence of malware, not the other way around,” says Karimi. “If users in their communications with others reference sites with malware payloads, this is clearly of significant concern to all security professionals.”