Fake News: Could A Cyberattack Cause A Cyberwar?

In the way it undercuts trust, fake news is a form of cyberattack. Governments must work to stop it. Fake news, we've all heard about it, but sometimes we struggle to grasp the extent of its impact.

With more people moving online and social media becoming the go-to news source, and with a good chunk of what is put on social media being fake, the reader must determine whether information is true or not. When people believe everything they read, the world becomes an unpredictable place.

In the past, we could easily choose which news source to follow and have a high level of confidence about its accuracy. Today, however, with news arriving to us in a social media feed, both trusted and fake news sources are merged together, and the consumer must decide whether or not to believe the news. 

With no clear indication of the truth or the source of news on social media, many countries, democracies, and nation-states will struggle with transparency and could become politically instable. It only takes one fake news story within a trustworthy source to devalue an entire news feed, forcing us to question what is real and what is not.

To put it bluntly, fake news is a form of cyber-attack and will only grow significantly in 2018 and beyond.

Attribution, Transparency and Response
Fake information has become a major disruption to our way of life, filling our news feeds to influence our actions in an attempt to change the outcome of important decisions, including elections. 

Rather than focusing on the important needs of citizens, such as taxes, health, and education, many governments are now embroiled in trust and transparency challenges caused by the continuous disruption from cyber-attacks. We have seen the governments in both the US and UK increasing focus and attention on recent cyber incidents with little to no transparency.   
Many recent cyber incidents have involved the theft of huge amounts of personal and sensitive information that is then used to pursue and influence our nation's decision-making. 

Some notable cyber incidents, for example, breaches at Yahoo, Ashley Madison, and Equifax, exposed sensitive data that could be used via news feeds to trigger emotions and reactions. When a cyberattack from another nation-state tries to influence our way of life, our society, or our government, should this be considered an act of war?

Large troll factories and botnet farms are using our stolen personal information to guarantee that our news feeds are filled with fake information that attracts readers to respond and participate, creating a growing trend that encircles friends and family. 
This could start from a machine-controlled bot that wants you to share malicious information, influence your friends' decisions, and distrust your own government, creating divisions rather than giving you true information.   

National Ownership & International Cooperation
It's clear that cyber-attacks are crossing country borders and disrupting our way of life, without nation-states taking responsibility. We hear about cybercriminal groups that are behind many of the major cyber incidents in recent years, including data breaches, ransomware, or the targeting of government agencies' classified information. 

Companies and governments have linked these cyber-criminal groups to nation-states; for example, both FireEye and Symantec have accused North Korea of being behind the WannaCry ransomware, though they haven't revealed concrete evidence and North Korea has denied involvement. 

Without clear cooperation and transparency, this problem will grow with into increasing numbers of cyber-attacks on critical infrastructure, political affiliations, financial institutions, and communications.

To prevent a major catastrophe from occurring, governments and nation-states need to work together on cyber attribution with full cooperation and transparency that holds each other responsible for the actions of criminal organisations operating from within their borders. 

At the recent World Economic Forum, it was announced that a new Global Centre for Cybersecurity will be launched. This should focus on establishing cooperation between governments so that attribution is possible in the future; if a cybercrime has been committed, the governments involved should work together, similar to the way Interpol works today. 

It is equally important that governments do not provide a safe haven for cyber-criminals to carry out such attacks, especially when they are doing it for financial and political gains with and extreme aggression. It is time for governments to act and protect democracy and our way of life.

Dark Reading

You Might Also Read: 

Facebook Enables 'Fake News':

The ‘Complete’ History of 'Fake News':

Prime Minister Wants A 'fake news' Rapid Response Team:
 

« Your Questions Answered By The GDPR Advisory Board
What’s Happening With China’s Fintech? »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Logpoint

Logpoint

Logpoint is a creator of innovative security platforms to empower security teams in accelerating threat detection, investigation and response with a consolidated tech stack.

Technology Association of Georgia (TAG)

Technology Association of Georgia (TAG)

TAG's mission is to educate, promote, influence and unite Georgia's technology community to stimulate and enhance Georgia's tech-based economy.

Insta Group

Insta Group

Insta are a trusted cyber security partner for security-critical companies and organizations.

Vitrociset

Vitrociset

Vitrociset design complex systems for defence, homeland security, space and transport. Activities include secure communications and cybersecurity.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

ReliaQuest

ReliaQuest

ReliaQuest’s GreyMatter solution connects existing technology, people, and process – then equips security teams with unified, actionable insights across their entire environment.

ArcusTeam

ArcusTeam

ArcusTeam is at the forefront of the firmware and applications security industry, with a mission to increase the level of security on all IoT devices and applications.

Sponge

Sponge

Sponge is a world-renowned digital learning provider on a mission to make learning unforgettable.

American Cybersecurity Institute

American Cybersecurity Institute

American cybersecurity Institute is a newly formed not-for-profit organization dedicated to education, advocacy, study and analysis in the space of cybersecurity law and policy.

TalaTek

TalaTek

TalaTek is a full-service risk management firm providing expert services in risk management, cybersecurity, and compliance.

Trellix

Trellix

Trellix is an extended detection and response (XDR) solutions provider created from a merger of McAfee Enterprise and FireEye Products.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.

VicOne

VicOne

With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry.

MajorKey Technologies

MajorKey Technologies

MajorKey improves security performance by reducing user friction and business risk, empowering your people, and protecting your IP.

OrbiSky Systems

OrbiSky Systems

OrbiSky Systems is a British tech startup specializing in data management and cybersecurity solutions.

Neptune Shield

Neptune Shield

Neptune Shield's mission is to deliver cutting edge Maritime focused Cyber Security & Threat Protection through our Hampton Roads based Tech & Cyber Security Hub.