Information warfare, or Infowars, aims to employ information and communication technologies (ICT) in order to harm an enemy country or organization.
What is information warfare ?
Information warfare encompasses several techniques:
- Destructing or disrupting the adversary’s communications and information systems. Attackers can jam military communications or disrupt communication systems involved in an opponent’s weaponry. They can also launch physical or cyberattacks on communication systems of civilian services, such as airports, financial markets, or hospitals, to cripple these infrastructures.
- Gathering critical information about the adversary, including its strategies and maneuvers. For example, this year, the Ukrainian army connected Russian military communications networks to its own. This allowed them to spy on Russian communications and suspend them at critical moments to block the transmission of important information. Spying and analyzing personal data also play a key role in this process.
- Neutralizing specific media, Internet sites, or computer networks of the adversary. A belligerent can jam television transmissions or launch Distributed Denial of Service (DDoS) attacks. These attacks overwhelm a computer, network, or website with an excessive number of requests, rendering it ineffective.
- Spreading incorrect information or propaganda to manipulate the opponent’s public opinion or demoralize it. In some cases, hackers can take over television channels or Internet sites to broadcast misinformation. For example, the hacker collective Anonymous recently hijacked the websites of Russian media outlets, including the news agencies TASS and RIA Novosti, as well as major newspapers like Kommersant. They temporarily replaced the homepages with a message criticizing Russia’s attack on Ukraine.
Let’s focus on the latter and its psychological manipulation tactics.
Misinformation, a potent component of information warfare
The psychological operations of information warfare are essentially based on misinformation and propaganda. We call misinformation the deliberate spreading of false or partially incorrect information. This is the famous “fake news”, information created from thin air or modified to influence public opinion.
The aim is to generate political destabilization of an enemy country, by undermining the morale and trust of the population by disseminating fake news, rumors and by trying to create panic. However, information warfare now targets small and medium-sized businesses as well, leaving no business immune.
Different types of media are used: newspapers, television, radio, but above all social media and other internet sites. Indeed, we live in an increasingly connected world. The Internet allows easier access to all kinds of information. But the downside is that it also facilitates the spread of misleading information.
Who are the actors of the information war?
Information warfare was not invented with the Russian-Ukrainian conflict and in the past, propaganda sometimes been used as a weapon of war. During World War II, propaganda was used by both sides to win over the population.
However, what gives new strength to this tactic today is the exploitation of social networks and algorithms to boost the spread and impact of fake news and misleading messages.
Technology also allows the construction of more and more realistic fictional reports, thanks to “deepfakes”. There are ultra-sophisticated fakes elaborated by artificial intelligence. For example, it is possible to produce a video of a fake interview, based on a real one. Hackers can attribute polemical statements to political figures, and spread the fake video on social networks to discredit this person or shock users.
This technique has been used on several occasions, especially to influence elections in several countries. Russia used it during the 2016 and 2020 US presidential election. In 2016, Russian agents spread fake news through social networks, primarily Facebook, exposing nearly 126 million Americans. This disinformation aimed to undermine trust in the Democratic candidate, Hillary Clinton, and sway voters toward her opponent, Donald Trump.
But Russia is far from being alone in engaging in this kind of activity. The West often accuses China and Iran of joining Russia to form an “axis of evil,” allegedly instigating numerous fake news campaigns.
In fact, many governments are suspected of organizing peddling campaigns to influence the political debate in other nations or within their own countries. The United States, which often blames China and Russia, is itself a leading disinformation player. Recently, it ranked fourth in a report released by Facebook listing powers suspected of pursuing such strategies.
How do infowar players proceed?
These disinformation operations are based on the use of content issued by fictitious journalists or media that imitate official media. The less wary users can be fooled by these fake reports or stories that often rely on sensationalism to get their attention.
They are thus encouraged to share and spread this misleading or inaccurate information within their community.
To amplify the echo of their message, backers of these infowars often deploy troll farms (or troll factories). These groups of hackers compose and spread disinformation messages across social networks on a massive scale.
Troll factories can also involve bots, i.e., programs that automate these message broadcasts. Bot farms sometimes have several thousand fake social network users. These fake accounts have a profile picture and realistic personal information. Often acting within specific groups, they simulate the activity of human social network users: they can like and share posts.
Worse, they often use artificial intelligence to generate comments and messages that can be personalized to better capture the attention of targeted human users.
Finally, in some cases, troll factories give legitimacy to their fake news by inviting well-known media outlets or personalities to spread it. This technique is called “disinformation laundering”.
A host of cognitive biases at work
Information warfare campaigns succeed because various cognitive biases reinforce them. We often deviate in how we process and evaluate the credibility of incoming information. Here are some of the biases that are most conducive to the spread of misinformation:
- Confirmation bias. This cognitive bias is defined by the tendency of most of us to be more interested in information that confirms our beliefs than in information that might challenge them.
- Availability bias: We tend to base our reasoning on information that we have already memorized, rather than trying to update it with new information.
- Shared information bias: we give more time and credit to information that comes from our loved ones than to information that comes from outside sources (the official media, for example).
The echo chambers
This phenomenon ends up locking people in what is called an echo chamber. As time goes by, their opinion becomes more and more polarized, and they end up developing a deep distrust of public institutions and the press. As a result, public opinion appears increasingly divided.
Social network algorithms do the trick. Many offer a personalized content recommendation feature by default. This feature aims at encouraging the user to stay as long as possible on the platform by submitting more and more content similar to the ones that got them engaged. This is where our cognitive biases come into play: these similar contents are those that conform to our pre-existing opinions, or that come from our relatives. Content constantly bombards users, confirming and reinforcing their ideas.
Disinformation tactics in an information war intentionally fragment society. A nation’s enemies seek to reinforce the divisions that fracture its society in order to weaken it even further.
In the United States, this situation had dramatic consequences during the COVID 19 pandemic. A large part of the population, relying on false information, refused to wear the mask, multiplying in a tragic way the number of contaminations and victims of the virus.
Companies are concerned by infowar
People often assume that governments or politically motivated groups wage information wars.. It takes a powerful force to create a troll farm such as the Internet Research Agency, a Russian organization that interfered in the 2016 US election.
However, the anti-vaccine fake news that flourished during the COVID crisis, as well as the misleading messages seeking to disprove global warming, remind us that any topic can be subject to information warfare.
Disinformation campaigns often target businesses directly or harm them as collateral victims.
The bad news is that, unlike cyberattacks, this type of campaign is easy to implement, as it does not cost much.
Indeed, on the dark web, for example, many individuals are willing to sell fake followers and spread any information for money. Jigsaw, a company close to Google that focuses on cyberthreats and these misinformation phenomena, claims that anyone can afford a devastating fake news campaign for a potential rival for just $1,000.
Big brands, which are the most recognizable, make them easy targets. However, information warfare now targets small and medium-sized businesses as well, leaving no business immune.
What are the risks incurred?
On the Internet, information is king, and it proliferates. Malicious individuals, possibly paid by your competitors or your enemies, can try to launch an attack to damage your reputation. They may spread fake news intended to inspire disapproval against you, or information gleaned from your directories, such as contracts, photos or confidential documents. And even if you manage to remove the source of the spread, you can’t stop its dissemination.
A hacker can also break into your computer system to steal confidential documents for cash. If you are a journalist, you are particularly concerned by this type of threat.
Another possibility is spoofing: hackers can copy your email address, your domain name to spoof your electronic identity. Most of the time, they seek to access your bank and Internet accounts. But they can also connect to your social network accounts to post false messages and try to damage your reputation.
You can’t rule out espionage either which is also a component of information warfare. A loophole in your IT system may allow a clever hacker to access your secret documents, commercial contracts, prototypes or work contracts.
How to protect yourself against these threats?
It is therefore essential to protect yourself against hacking and data theft and to defend the privacy and anonymity of your data. This requires solid cyber-protection measures to avoid intrusions and spoofing:
- The first step is to secure your communications with a private and secure email such as Mailfence. If you have a custom domain, you can implement proven defense techniques against email spoofing (SPF, DKIM, and DMARC). A good secure email system has built-in spam protection and malware detection tools.
- You can also digitally sign your emails with OpenPGP signatures to further secure your messages.
- The use of a virtual machine, the systematic adoption of two-factor authentication and data encryption whenever they are offered are also crucial to secure your personal data.
Mailfence is favored by many journalists or dissidents who are happy to use the most secure protocols for their sensitive communications. But if you are a business or an organization, you will also appreciate to use a complete secure office suite that includes not only an email, but also a calendar, a meeting planner, a contact and group manager, a document storage and creation platform and a chat tool, all of which are secured by end-to-end encryption.
Interested ? For more information on Mailfence’s secure email suite, please do not hesitate to contact us at support@mailfence.com
