The Hackers Behind The Election Meddling Are Now Coming For Your Brand
Federal prosecutors announced in October that they had charged a Russian national with meddling in the 2018 U.S. elections, using the same basic playbook as in the 2016 election and others around the world: leveraging social media platforms with paid ad campaigns and phony user accounts to flood the market with disinformation to skew opinions and incite conflict.
The techniques used by state actors to disrupt elections are increasingly directed towards corporations for a variety of nefarious aims. To get a handle on how CMOs should be thinking about protecting their brands against this new threat vector, I spoke with Otavio Freire, CTO and president of SafeGuardCyber. His firm provides end-to-end protection for social media and digital channels against a wide range of threats.
Peter Horst: So tell me about this new development in the kinds of threats now being directed at the private sector.
Otavio Freire: The techniques we’ve seen from the state actors have now migrated for use against corporations. Hacker groups have discovered that there’s great leverage and financial opportunity in threatening a brand’s reputation using those tactics. They say, “We have an army of bots and unless you pay this ransom, we’re going to do major damage to the reputation of your firm.” For example, online travel site CheapAir recently received a ransom demand from an organization that threatened to unleash a flood of negative reviews across social media.
Horst: So how exactly does this work?
Freire: We’ve discovered a number of brands with millions of followers, and unbeknownst to them a lot of those were bots, controlled by hacker groups. They’ve have gotten very sophisticated in creating fake profiles and identities that are hard to trace. These bots can also generate thousands of their own followers within hours. What they then do is take a point about the brand and amplify it in a negative way. The next step it to approach the brand and say, “Hey, we can turn the public against your brand in a big way or we can stop it for a fee.”
Horst: You also talk about the issue of social media brand fraud. What’s that about?
Freire: This is where a hacker takes over a social media account and pretends to be the corporation. McDonald’s had its social media handle taken over and used for political purposes by employees. One of our high-tech customers approached us after its LinkedIn presence was taken over. A well-known insurance company had a hacker group create a fake social media page and say, “Here’s a great promotion: give us your credentials and we’ll put 50 bucks in your account.” Another approach is to pretend to be an employee on Instagram, and then try to sell people insurance online.
Horst: This sounds like classic phishing but turbocharged by the fact that people now trust what they see in social media platforms more than in other venues.
Freire: Exactly. The trust in the platform changes everything. And it’s not just about ransomware. The state actors in particular are using social media for serious corporate espionage. China is deploying bots to conduct corporate spycraft through social media. Iran-backed hackers infiltrated Deloitte’s network by using a phony social profile to connect to an employee and then access sensitive documents. Turkey’s cyber army took over the Twitter accounts of two Fox News reporters—two of only a few dozen people that President Trump follows. Through that relationship, they were able to send a direct message to the President that contained malicious code that, if clicked, would have taken over Trump’s account. (We alerted the FBI and NSA to that.) It’s no longer a big wide blast and hope someone clicks—they’re looking specifically at individuals and researching the kinds of things they’re interested in and what they’d specifically engage with.
Horst: You recently conducted some really interesting research into the way these bots operate. Tell me about that.
Freire: We said, “Let’s change this around: let’s just observe the bots rather than the platform.” We took a crowdsourced database of 320,000 bots, put them in a petri dish and watched to see what happened over several months. They’re deployed very efficiently. They become active, do attacks and then go dormant. Their intent is tied to the news cycle. When the immigrant child separation issue was really hot, they woke up and expressed extreme views on both sides of the issue—almost 50/50. We watched them wake up, share content and then go to sleep. If the Google search volume went up, the bots followed. We categorized the areas the bots focused on and saw things like sowing division across societies and undermining the value of democracy.
Peter Horst: So what’s a CMO supposed to do in the midst of all this?
Otavio Freire: People need to realize that they can’t expect the platforms to take care of their corporate brand and reputation interests. Facebook is not the world cop. They can’t be worried about theft in your neighborhood, violent crimes and state-sponsored actions. They have no real obligation to care about the reputation of your brand, which you have carefully curated over many years with millions of dollars. It’s not their job, not Twitter’s not Instagram’s. It’s the CMO’s job to take care of the reputation and the brand and you need to take proactive measures to safeguard your social media accounts, and those of your employees, the same way you protect your network. That means partnering up with your head of IT, head of security to take a comprehensive approach to addressing the cyber risks in your broader social media ecosystem. You’ve got to control your own destiny here.
Marketing strategies to help your team get inspired to make bold moves. Join me.