Google Search Results Spoofed To Create Fake News

A spoofing technique that creates fake Google search results has been uncovered, which could be used in political influence campaigns or for other nefarious purposes. The technique can be used to spread disinformation while leveraging the trust people have in Google’s search results.

In this age of fake news, people are more wary than ever of efforts to sway public opinion using disinformation, this has led to a wholesale questioning of news sources spread around on social media. It’s also prompted Facebook, Twitter and others to action in terms of cracking down on influence campaigns.

Less top of mind however are systems that we’ve come to trust and rely upon, namely, Google searches.

Despite some accusations that Google has gamed its search algorithms to return left-skewing news results (a charge it categorically has denied), most people trust the search engine to return relevant and accurate information. A spoofing technique takes advantage of Google’s perceived legitimacy to create more believable false information, by simply adding two parameters to any Google Search URL.

According to the independent Dutch researcher Wietze Beukema, the approach makes use of Knowledge Cards, which are boxes on the right-hand side of the screen that contain relevant information to whatever search query a user types into Google Search. For instance, a search for “MSNBC” offers regular search results along with a Knowledge Card with key facts about the news outlet.

Knowledge Cards are far from completely solid sources of information – according to the researcher, most information comes straight from Wikipedia and a mix of other sources like corporate boilerplate.

“Unfortunately, Knowledge Graph doesn’t tell you where it got the information from,” Beukema wrote in a blog post recently. “In addition, the algorithm sometimes mixes up information when there are multiple matches (e.g. people with the same name). This has led to a small number of incidents regarding the feature’s accuracy.”

Nonetheless, most people take the information at face value, opening the door to social engineering.

“People have effectively been trained to take information from these boxes that appear when googling,” said Beukema. “It’s convenient and quick – I have caught myself relying on the information presented by Google rather than studying the search results.”

It turns out that anyone can attach a Knowledge Graph card to their Google Search, which might be helpful if you want to share information provided in a Knowledge Graph card with someone else. Each Knowledge Graph has a unique identifier (the &kgmid parameter), which can be added to the URL for the original search query. An attacker can thus add any Knowledge Card they choose to run alongside search results for any given query:
“For instance, you can add the Knowledge Graph card of Paul McCartney (kgmid=/m/03j24kf) to a search for the Beatles, even though that card would normally not appear for that query,” explained Beukema.

It’s also possible to create a URL that only shows the Knowledge Graph card and omits any search results, by adding the &kponly parameter to the URL. The search bar will still be visible with the original query though, even if it has nothing to do with the Knowledge Card that’s being shown.

These two things combined can be leveraged to carry out propaganda efforts. For instance, a malicious actor could post a custom query URL on social media, supposedly showing real Google search results for a hot-button topic.

The researcher used the example of the query, “Who is responsible for 9/11?” After tampering with the URL, it’s possible to suggest that George W. Bush was responsible for the 9/11 terrorist attack.

While anyone who actually tries to replicate the search results with a query of their own would get a different answer (Osama bin Laden, of course), it can still be a powerful tool for spreading disinformation, particularly to those with a confirmation bias who may be simply scrolling through the News Feed, for instance.

“This allows you to trick others into believing something is true,” Beukema said. “After all, it is a legitimate Google Search link and since we have been trained to trust the answers provided by Google, there must be some truth in it, right?”

The researcher filed a bug report a year ago with Google, advocating the disabling of the &kponly parameter in particular; he said that the internet giant doesn’t consider the issue to be severe enough to be an addressable vulnerability.

“I disagree: in this day and age of fake news and alternative facts, it is irresponsible to have a ‘feature’ that allows people to fabricate false information on a platform trusted by many,” Beukema said.

However, a Google spokesperson told Threatpost that while allowing users to point to specific knowledge panels is part of the company’s mandate to make it easy to share information, it was indeed working to address it. “We share the concern about the potential for bad actors to create misleading distortions of our search results pages, and are working to fix this issue,” she said.

Threatpost:

You MIght Also Read:

Journalists Aim To Detect Deepfakes:

 

« US Vs. China - A Different Kind of Cyberwar
Global Cyber Attacks Up 63% Driven By AI »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Sophos

Sophos

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats.

Efecte

Efecte

Efecte is a Nordic SaaS company specialized in IT Service Management, Self-Service, Identity Management and Access Governance solutions.

SKKU Security Lab (seclab)

SKKU Security Lab (seclab)

SKKU Security Lab supports research and education in information security engineering. The lab is a part of the College of Software, Sungkyunkwan University.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

Polymer

Polymer

Polymer is a Data Governance & Privacy Platform for third party SaaS apps. A modern Data Loss Protection (DLP) approach to remove sensitive data exposure on collaboration tools in real-time.

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

Infosec Cloud

Infosec Cloud

Infosec Cloud is a specialist Cyber Security company offering fully managed Training & Testing Services in addition to market leading Cyber Security technology and accredited professional services.

McDonald Hopkins

McDonald Hopkins

McDonald Hopkins is a business advisory and advocacy law firm. We focus on insightful legal solutions that help our clients strategically plan for an increasingly competitive future.

Strac

Strac

Eliminate Personal Data Risks from your business. Our Dataless SaaS removes the need to manage sensitive data across web, mobile apps, servers and communication channels.

ORS Consulting

ORS Consulting

ORS Consulting is a specialist provider of risk management advisory services supporting asset-intensive industries such as chemicals, energy, power and utilities, defence and maritime.

Dutch Research Council (NWO)

Dutch Research Council (NWO)

The Dutch Research Council (NWO) is one of the most important science-funding bodies in the Netherlands and ensures quality and innovation in science.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

OSP Cyber Academy

OSP Cyber Academy

OSP Cyber Academy are a managed service provider of cyber, information security and data protection training.

DATS Project

DATS Project

DATS Project enables the utilization of high computing power across a number of cybersecurity services, all on a pay-as-you-go basis, eliminating the need for upfront investment costs.

DataPatrol

DataPatrol

DataPatrol is a software company, specialized in providing Security and Privacy of company’s data and information in an evolved way.