The development of the internet has produced new ways to spread information, but also entirely new dangers. Security and disinformation are the two forces that are now fighting for supremacy in the cyber world. A conflict which can cause great problems for citizens all around the world. Information, or disinformation, is already creating confusion and undermining trust in society. Especially when it first appears to be authentic news but actually comes from unreliable sources.
There is a lot of similarity in the strategies, tactics and actions between Cyber-attack and disinformation
Cognitive hacking involves attacks against the brain that use psychological, emotional, social and sensory principles to manipulate people into performing actions or divulging confidential information. Cognitive hackers are built on a knowledge of the human element and uses tactics that take advantage of cognitive vulnerabilities of people to achieve a goal.
Defense in Depth (DiD) is an approach to cyber-security. In it, a set of defensive mechanisms are layered to secure valuable data and information. If one system fails, another steps up immediately to thwart an attack. For example, Firewall is the first layer, antivirus is the 2nd, Regular patching is the 3rd layer.
A Distributed Denial of Service (DDoS attack) is a very popular cyber-attack that’s used to disrupt services on the Internet. If an attack is successful, it can cause problems for everyone from hospitals to banks, airlines and even government agencies. Similarly, a well-coordinated disinformation campaign floods disinformation to an extent that people start to deny the truth. Disinformation is used as psychological manipulation of people into performing an action on a mass scale.
A strategic cyber-security capability is the primary countermeasure for disinformation attacks. But a strategic cyber-security capability is based on knowledgable decision-makers and officers in the nation and other free societies who understand the high probability of disinformation attacks (as part of an unconventional warfare campaign) and are willing to take the risk before a cyber-attack or disinformation attack occurs.
Disinformation attacks can be counter by analyzing the tactics of disinformation. It helps to understand the identities of malicious actors, their activities, and behaviors from the cyber-security domain.
Layered Security Mechanisms such as Defence-in-Depth can be used to mitigate disinformation threats. A series of proactive filters are required to filter out the fake information.
An Information sharing framework like ISACs is required to collect and exchange information about the identity, content, actions, and behaviors of disinformation actors.