Events in recent years have led to many comparisons to George Orwell’s literary cornerstone 1984. The dystopian future that Orwell presented was heavily influenced by events in his lifetime, including the rise of Fascism, Communism, the two World Wars, and the beginnings of the Cold War. The novel’s central character is Winston Smith, a government employee whose task is to rewrite books, documents, and other media so that it always maintains the current Party line.
Or, in other words, to create political propaganda.
Orwell wasn’t writing from a place of pure imagination — propaganda was used heavily by all sides throughout the Second World War. In the years following the book’s 1949 publication, the Cold War escalated. Both sides increasingly relied on propaganda to cement their own reputation and defame the other. The early Utopian ideals of the internet led many to believe that it’s open and transparent ecosystem would help to eliminate propaganda and corruption. As has been only too evident in recent years, access to endless content (and the ability for anyone to publish it) may have made the challenge of eliminating propaganda even harder.
What Is Propaganda?
Since the Cold War, propaganda has largely been associated with manipulative political forces. However, historically propaganda is any information that lacks objectivity. This includes manipulative political messaging, but also encompasses marketing and any selective presentation of facts. It’s something you probably engage in. You wouldn’t walk into your Annual Review and rattle off a list of everything that went wrong in the last year, for example.
When we hear the term propaganda, it often conjures images of manipulative politicians aiming to control us. However, the origin of the term comes from the Catholic church, when in 1622 they created the Congregatio de Propaganda Fide (or Congregation for Propagating the Faith). Propaganda is a means of spreading a message, but by its very nature it is trying to influence you and is biased towards a particular viewpoint.
How the Internet Changed Propaganda
In our modern world saturated with the written word, it can be hard to imagine a time before printing was widely available. However, The Printing Revolution, largely spurred on by the Gutenberg Printing Press, was only just over 500 years ago. Widely available, relatively low cost printing allowed information to spread around the world, creating large scale social change. The internet had a similar effect on information, and made it faster and easier to circulate new ideas.
Importantly, it removed the prohibitive cost barriers to entry that many would have faced when hoping to spread their ideas. In effect, the internet gave everyone a mouthpiece. Almost overnight, anyone could set up a Geocities page and put their thoughts in writing for people across the world to read instantaneously.
Although Geocities may be a distant memory since the collapse of Yahoo!, we now have WordPress, Squarespace, and social media to fill the void. Research from Smart Insights shows that there are 3.3 million Facebook posts every minute. In the same time, there are nearly half a million tweets, 1,400 WordPress posts, and 500 hours of video uploaded to YouTube. In just over 500 years, we have transitioned from a society where only an elite few are able to spread their ideas, to a position where an insurmountable avalanche of data is produced by billions of people around the world.
Don’t Believe Everything You Read
The ability to share ideas and connect with people the other side of the world has some positive outcomes. People that previously felt isolated have found communities of like-minded people. Then there are internet phenomena like the Ice Bucket Challenge that raised awareness, and a whole lot of money, for ALS. Despite its many benefits, Wikipedia is often cited as an example of why you can’t trust everything you read on the internet. Allowing anyone to edit the online encyclopedia means that it can’t be relied upon to give verifiable, factual information. It isn’t just Wikipedia that suffers from this — the entire internet is rife with information that is difficult, time-consuming, and often just impossible to verify. It’s this inherent fallibility that gave rise to the Fake News crisis of 2016.
Attribution, Attribution, Attribution
The internet hasn’t only changed how we share information, but how we store it too. We chronicle our lives on Facebook and Instagram, upload documents to Dropbox, and entrust Google and Apple with our sensitive data. Those same attributes that made the internet so revolutionary sadly also apply to the nefarious types who want access to that data. They don’t have to be geographically anywhere near their victim, or give any indications to their identity. No one can see them, and this means they can often get away with siphoning off data without anybody noticing. Unlike a crime in the physical world, there are no eyewitnesses, and the attack could have come from anywhere in the world, often leaving investigators with minimal information to start from.
However, the attackers often leave digital trails of their attack: their code, IP address, and timelines. The investigation of these attributes is known as digital forensics. When we think of forensics, it’s usually in the context of a show like CSI, where the perpetrator left behind irrefutable evidence of their involvement with the crime. For example, a fingerprint, or strand of hair. These pieces of evidence are then used to backup a hypothesis of how the crime happened. Fingerprints and strands of hair are (in most cases) uniquely identifiable to an individual. After all, we can’t change our DNA.
But digital forensics is a more complicated affair.
The Difficulty of Digital Forensics
There are a number of branches to digital forensics including computer, mobile device, data analysis, and database forensics. When it comes to data breaches and hacking incidents, it is primarily network forensics that propels an investigation. This involves monitoring and analysis of network traffic in order to detect intrusions. However, this data is often incomplete as network data is not always logged consistently, or a critical area may have been overlooked. In this way, it’s similar to a building maintaining CCTV — but pointing it in the wrong direction. This means that investigators have to make inferences from incomplete data, which highlights the difference between digital and traditional forensics.
An Underlying Motive
Aside from Government organisations, most security research and analysis is performed by private companies. Although it would be tempting to believe that these companies spend time, money, and resource for the public good, ultimately they have something to sell you. Whether this comes in the form of training, security reports, or software — profit and reputation are often motivators for publishing security research.
In August 2017, the security company DirectDefense published a report that implicated a set of security tools called Cb Response were leaking sensitive data. The rationale for this conclusion was Cb Response’s use of Google’s VirusTotal tool. It just so happens that Cb Response was developed by Carbon Black, a competitor to DirectDefense. Despite many companies using VirusTotal, Carbon Black was the only company to be singled out in the report. Although this isn’t representative of the entire industry, it’s worth questioning motive when a report implicates another security company.
The Intersection of Politics and Security
In a world where the President of the United States conducts his affairs via Twitter, it’s easy to see that the digital has a real world impact. The last few Presidential elections have been won not on front lawns but online — through social media, and advertising alongside traditional media. Grassroots campaigns and online activism have also contributed to the politicisation of the internet. In 2010, the Arab Spring demonstrated just how much impact the digital world could have on politics.
The internet has become highly embedded in almost all economic activity, with the digital economy currently worth over $3 trillion. It is hugely influential and important to most countries around the world. It’s no wonder then, that the fear of cyberwar weighs heavy on our minds. Traditionally, in order for one country to attack another, they needed money and an experienced military. Regardless of the eventual outcome, there was a monetary and human cost to pay on any acts of aggression.
However, the internet has radically reinvented how countries attack each other. With a relatively small team, it’s now possible to harm and destabilize another country without having to be anywhere near them. As we’ve seen, attribution can be a difficult and almost impossible task. Sure, investigators may have a theory, but without conclusive evidence, it remains unproven.
When a large scale attack does happen to a Western country, institution, or company, there are common suspects. Russia, China, and North Korea feature heavily in many reports, despite lack of definitive forensic evidence. In a stunning coincidence, it so happens that these three countries are political and military adversaries of the United States and many Western powers.
Making a Narrative Stick
A word that is on the verge of being overused in mainstream media is the term “narrative”. However, it does often accurately describe the situation of “a written account of connected events”. Much of what underlies investigation and reporting on security events is supposition, inference, and hypotheses. Without definitive fact, getting to the bottom of attribution is a lot like joining the dots. A security event is placed into an ongoing narrative, with the story bending to the newest information.
God, the word “narrative” is overused. Whatever happened to “story”? Or indeed, “lie”?
— Andrew Coyne (@acoyne) August 14, 2015
After the astonishing Equifax hack left personal details of nearly 150 million people exposed, rumors began to swirl about who could have mounted the attack. Bloomberg published an article “The Equifax Hack Has the Hallmarks of State-Sponsored Pros”. The headline alludes to a nation-state being responsible for the attack, yet the article is light on verifiable fact. In the lengthy post that mostly recounts the known events of the attack, only two unsourced instances are given as evidence. For example, one of the many tools the attackers used had a Chinese interface — proof only that the attackers may have been among the 1.4 billion people in China. Or able to read Chinese. Coincidentally, the headline plays into the Western narrative of a hostile Chinese government.
It also has the effect of reducing the U.S. credit agency’s culpability for the hack.
The Rise of Churnalism
One of the key factors in developing these narratives is the 24 hour news cycle. Publishers push out content quickly to capitalize on the rapidly diminishing traffic of the latest news item. In many cases, websites and media outlets echo press releases given to them without elaboration or fact checking. The carefully worded, intentionally shared information is then by definition propaganda.
This type of journalism is known as churnalism, and is often implicated in the spread of fake news. This problem is compounded by the speed at which information travels online. It takes just seconds to share an article on social media. Coupled with an eye-catching clickbait headline, it can quickly become common knowledge — even if the article is full of misinformation. Many on the internet are quick to make their voice heard, even when arguably they should have stayed quiet.
Keeping a Critical Eye
In September 2017, the Department of Homeland Security (DHS) issued a directive that all Kaspersky software was to be removed from government devices. The reason for this is that the DHS is “concerned about the ties between Kaspersky officials and Russian intelligence”. Some were quick to denounce Kaspersky as a tool of the Russian government. This was despite the DHS offering no evidence of wrongdoing. That’s not to say that it is definitively untrue, after all “absence of evidence is not evidence of absence”. Equally, China, Russia, and North Korea all make compelling arguments for your distrust.
However, without proof of wrongdoing or attribution, there is a strong case that it forms part of a larger piece of political propaganda. These political narratives are complex, and often difficult to counter as they are deeply entrenched. Social media doesn’t make the situation any easier. Misinformation and fake news are able to spread quickly, spurred on bots designed to spread propaganda.
The best way to avoid this kind of misinformation is to find security experts you can trust. There are some excellent websites and Twitter accounts which are known for their unbiased, factual security reporting. However, be wary of others offering security advice, especially if that isn’t their field.
Troy Hunt, who runs the data breach notification service HaveIBeenPwned, wrote about this challenge. He encountered an SEO expert and a psychic that were offering flawed security advice. Although not security experts, both used their position of influence to give dangerous advice. Hunt ultimately concluded “don’t take security advice from SEO experts or psychics”. Sound advice from a security expert that you can trust.
How do you think we can overcome the challenge of digital propaganda? Do you believe it’s a problem? Let us know in the comments!