Applying Information Security Paradigms to Misinformation Campaigns: A Multidisciplinary Approach

Presented at BSidesLV 2019, Aug. 6, 2019, 11:30 a.m. (55 minutes)

A misinformation attack is the deliberate promotion of false, misleading, or mis-attributed information, often designed to change the beliefs of large numbers of people. Misinformation is an information security problem in part because information technology and the internet are how misinformation messages are generated, transmitted and received. Historically, large-scale misinformation (propaganda) has been the domain of nation-states, but the Internet has also enabled non-state actors to have effects formerly only available to nation-states. Additionally, the Internet has enabled nation-states to conduct influence campaigns in a new manner that is less attributable and can therefore be conducted without substantial risk of starting a war.

Power-motivated misinformation has been studied as an information security problem, information operations problem, a form of conflict, a social problem and a news source pollution. Each of these studies uses a different framing and ontology; we cover the adaptation of existing information security frameworks and principles into a framework and common ontology for these communities to share information about misinformation campaigns incidents and conduct component-wise response to them. We also describe the links between information operations, artefact-based data science and narrative analysis of misinformation campaigns.

Presenters:

• SJ Terp
  Sara-Jayne "SJ" Terp is a data scientist, strategist, old-school AI researcher and community builder who focuses on complex business and social problems. She's currently working on the Global Disinformation Index (an independent disinformation rating system), and running a Credibility Coalition working group on the application of information security principles to misinformation; her previous work covers belief systems and situation awareness across many disciplines (including autonomous systems, intelligence analysis, crisis data, journalism, online advertising and political data science).
• Pablo Breuer
  Pablo Breuer is currently the director of US Special Operations Command Donovan Group and senior military advisor and innovation officer to SOFWERX. He's served at the National Security Agency and U.S. Cyber Command as well as being the Director of C4 at U.S. Naval Forces Central Command. He is a DoD Cyber Cup and Defcon Black Badge winner, and has been adjunct faculty at National University, California State University Monterey Bay, and a Visiting Scientist at Carnegie Mellon CERT/SEI. He has taught classes for various U.S. government agencies and industry on topics ranging from malware reverse engineering and exploit development to cyber policy and authorities. Pablo is also a founder and board member of The Diana Initiative, an InfoSec event focused on advancing the careers of women in cyber security, and is on the staff for BSides Las Vegas and CircleCityCon. Pablo holds degrees in computer science.

Similar Presentations:

• VB2019 / Politically targeted DNS in 2016 and 2020
• Black Hat USA 2020 Virtual / Hacking Public Opinion
• May Contain Hackers (MCH2022) / Tech didn’t cause misinformation, and it won’t solve it (by itself)