Fake News and Security

So, is fake news a security concern? Lets have a look at a recent news item that is quite revealing.

Facebook held a news conference to explain what it is doing to remove fake news from its pages and therefore from our feeds. Oliver Darcy from CNN was waiting to ask a pointed question about one of the most prolific sources of conspiracy based fake news, InfoWars.

When asked by Darcy about how the company could claim it was serious about tackling the problem of misinformation online while simultaneously allowing InfoWars to maintain a page with nearly one million followers on its website, John Hegeman said that the company does not “take down false news.”

I guess just for being false that doesn’t violate the community standards,” Hegeman said, explaining that InfoWars has “not violated something that would result in them being taken down.”

Hegeman added, “I think part of the fundamental thing here is that we created Facebook to be a place where different people can have a voice. And different publishers have very different points of view.”

We work hard to find the right balance between encouraging free expression and promoting a safe and authentic community, and we believe that down-ranking inauthentic content strikes that balance. In other words, we allow people to post it as a form of expression, but we’re not going to show it at the top of News Feed.”

That said: while sharing fake news doesn’t violate our Community Standards set of policies, we do have strategies in place to deal with actors who repeatedly share false news. If content from a Page or domain is repeatedly given a ‘false’ rating from our third-party fact-checkers … we remove their monetisation and advertising privileges to cut off financial incentives, and dramatically reduce the distribution of all of their Page-level or domain-level content on Facebook.”

So, based on that conversation you have to wonder if the press conference about fake news was anything other than, well, fake news!

If Facebook don’t intend to take down fake news then they are encouraging it, they claim that they remove or reduce the ability of page owners to generate income on Facebook if they consider fake news peddlers.

How does this affect Security

The issues occur when those who actually believe the fake news start to share it. Often going viral fake news around security concerns on social media, applications and or websites can cause serious damage to the reputation of those targeted.

It’s one thing to allow and encourage free speech, but when it starts to affect legitimate business those at the centre of the problem need to be brought to book. InfoWars has in the past advertised its site and even some its fake news via YouTube advertising. When those adverts are shown in the middle of an item from a highly reputable company it has the effect of subliminally detracting form the reputation of these firms.

Some of the biggest brands in the U.S. had ads running on the YouTube channels for far-right website InfoWars and its founder, notorious conspiracy theorist Alex Jones, and they say they had no idea YouTube was allowing their advertising to appear there. – CNN

And on the subject of Fake News, lets look at the person who coined the phrase:

President Trump refused a question from CNN’s Jim Acosta at a joint press conference Friday afternoon with UK Prime Minister Theresa May in Buckinghamshire.  Earlier in the press conference, Trump attacked CNN after receiving a question from the NBC News reporter Hallie Jackson. Trump said NBC is “possibly worse than CNN.”

“Mr. President, since you attacked CNN, can I ask you a question?” Acosta asked Trump.

FOX News correspondent John Roberts “Go ahead” he said.

“Can I ask you a question?” Jim Acosta persisted.

“No,” Trump told him.

“CNN is fake news,” Trump said. “I don’t take questions from CNN. CNN is fake news. I don’t take questions from CNN.”

So in this case those accused of delivering fake news are not being given a chance to ask a question! If the press publishes a story that is not true then you have the opportunity to challenge them in a court of law, but POTUS doesn’t bother doing that, he instead delivers his own brand justice.

What is the verdict on security?

Honestly, this is damaging, the press in the United Kingdom have a duty to report honestly and fairly, failing to do so results in court action almost every time. Trump has accused the BBC of purveying fake news in the past, now I know that the BBC has been accused of being biased in the past, in some cases they have been found guilty and had to pay the price, however, they are funded by the UK public via a license fee and as such they are under scrutiny.

Whenever public opinion is manipulated there are risks to security, either cyber or actual. The current climate of calling anything that people don’t like as fake rather than bringing the culprits to book needs to change in the real world and the cyber environment.

As a result the lies continue to be spread and world security and cyber security are where the suffering starts.

Facebook has recently been attempting damage limitation after the Cambridge Analytica scandle. UK advertising has been full of how Facebook is dropping its 3rd party data partnerships, in fact there is probably a second reason for this. GDPR would make 3rd party data partnerships like the Cambridge Analytica one a minefield for Facebook.

The amount of compliance that would be required, the documentation, checking and verification not to mention the fines if something went wrong would be enormous.

Sure, Facebook only received a £500,000 fine for the recent scandal, this is likely to be because the incident happened before GDPR came into force, future breaches would be dealt with through much larger fines.

What can be done?

It seems that unless an affected party takes the offending party to court, the answer may be not a lot. Or is it?

The lesson to be learnt here is that according to Facebook, they won’t take fake news down even after they have found it. The public are therefore in the position of power.

Don’t believe everything you read. You can use websites like https://www.snopes.com/ who provide a lot of resources about scams and news. You can also check the facts at https://fullfact.org/ to check the validity of a story.

If you find that the story is fake, then make sure you point it out politely to the person(s) promoting it.

Why is this so important? Well, there is a very successful ploy that the bad guys often use, simply put they look for popular news trends, create pages that promote that news or hijack existing pages and embed their own malicious code in the page. Before you know it malware has spread across the internet infecting thousands or millions of computers.

In summary, fake news causes real cyber security problems and can be much more dangerous in the real world.

Leave a Reply

Your email address will not be published. Required fields are marked *