Over the past few years, there has been skyrocketing growth in the use of social media to get the word out during emergency situations. From fires to disease outbreaks to police shootings, more and more people turn to Twitter or Facebook or other social media sites to get the latest updates on incidents from reliable sources and ‘friends.’
I applaud these social media efforts, and this emergency management communications trend has been a very good thing up to this point. But dark clouds are on the horizon. And soon, maybe you’ll need to hold-off on that retweet.
Why? This game-changing story from the New York Times shows how highly coordinated disinformation campaigns can spell big problems for emergency communications in the future.
No, I’m not talking about some bystander who got a few facts wrong about a car accident. The article describes pros who set out to convince you to act with detailed misinformation.
This is a really big deal, and not just for emergency management teams. No doubt, there has always been false or misleading information online, but this deliberate attempt to deceive and misdirect people in crisis situations is taking matters to an entirely new level. Mistakes can and will be made in every communication effort, but actively broadcasting detailed instructions that could intentionally result in harm is another matter.
My sense is that this is just the beginning of a growing trend — and that there is likely much worse to come.
What? Me Worry?
You may be thinking: Isn’t this story overblown? Aren’t Twitter sources vetted? Won’t people go to the reliable sources for their trusted emergency management information?
Sadly, that is not always the case, as security professionals know regarding phishing scams with emails and plenty of other online methods used to trick people into believing viral content or worse.
There are many ways for false information to spread online that can be used by bad guys with Twitter and other sites. Changing a few letters in a name, using shortened URLs or hyperlinking to bad information while using the label from a respected name are just a few methods used to misdirect people. The very features that make social media so popular are the same methods that bad guys can use to trick others.
The reality is that sophisticated actors who are intent on doing harm can create lots of problems for emergency management communications systems using social media.
A Quick, Relevant, Story from the Past Applies Here
Back in 2006, when I was Michigan CISO, we were one state engaged in the CYBERSTORM I exercise with the U.S. Department of Homeland Security (DHS), law enforcement agencies, other states, and even other countries. After several days of practice with defending our computer systems against cyber attacks, all hell broke loose during this test of our online and offline defenses. (For example, bombs were going off at data centers, everything was getting hacked, and systems were being compromised.) Remember, this was just a cyber exercise test, not a real life example. Still, that cyber exercise now reminds me of movies like Die Hard 4.
Anyway, near the end of the exercise, we needed to purchase a new Bull Mainframe in order to get citizens services online again, so we stated making calls to get a Bull mainframe fast. The trouble was, we quickly learned, only one Bull mainframe was available in the entire world.
The exercise planners even simulated a salesman with a French accent who wanted $40 million for the Bull mainframe box (which we thought was only worth $10 million.) We ended up negotiating and buying it for $20 million during this exercise simulation.
A few days later, I remember complaining during the cyber exercise hotwash that the extortion threats were “completely unrealistic.” I thought: “No one will ever hold us ransom for money! I asked: Why was that extortion event even in CYBERSTORM I?”
Little did we know that ransomware would become one of the hottest malware issues around and the number one cyber threat in 2013.
Looking back, we experienced, but didn’t understand the implications of a coming trend. The threat of extortion and of ransomware was evident back in 2006. Of course, hindsight is 20/20, and now I see the error of my ways.
Back to Emergency Management and Social Media
Which leads me to ask similar questions about today’s social media communications trends. Could similar things happen with troll farms that happened with ransomware?
Will misinformation on Twitter and/or Facebook hoaxes or other social media fraud undermine the benefits offered by these excellent infrastructure tools? Only time will tell. For now, it all comes back to vetted sources, Internet reputations, and reliable, verifiable information.
But in an emergency situation with only seconds to spare, it also comes down to this very personal question: Can I trust that tweet? Really?
Dan Lohrmann is Chief Strategist and Chief Security Officer at Security Mentor. During his career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.