Over the past couple of years, online disinformation has taken evolutionary leaps forward, with the Web Research Agency draining artificial outrage on social media and hackers leaking files— both genuine and made– to match their story. More recently, Eastern Europe has dealt with a broad project that takes phony news ops to yet another level: hacking genuine news sites to plant fake stories, then fast magnifying them on social networks before they’re taken down.
On Wednesday, security company FireEye launched a report on a disinformation-focused group it’s calling Ghostwriter. The propagandists have actually produced and distributed disinformation because a minimum of March 2017, with a concentrate on undermining NATO and the United States soldiers in Poland and the Baltics; they have actually published phony material on whatever from social networks to pro-Russian news websites. In many cases, FireEye states, Ghostwriter has released a bolder strategy: hacking the material management systems of news websites to publish their own stories. They then distribute their actual fake news with spoofed e-mails, social media, and even op-eds the propagandists write on other websites that accept user-generated content.
That hacking campaign, targeting media websites from Poland to Lithuania, has spread false stories about US military hostility, NATO soldiers spreading out coronavirus, NATO planning a full-on invasion of Belarus, and more. “They’re spreading out these stories that NATO is a risk, that they frown at the residents, that they’re contaminated, that they’re automobile burglars,” states John Hultquist, director of intelligence at FireEye. “And they’re pushing these stories out with a variety of means, the most interesting of which is hacking local media websites and planting them. These imaginary stories are suddenly bona fide by the sites that they’re on, and after that they go in and spread out the link to the story.”
FireEye itself did not carry out incident reaction analyses on these events and yields that it does not know exactly how the hackers are taking credentials that give them access to the content management systems that enable posting and changing news stories. Nor does it understand who lags the string of website compromises, or for that matter the bigger disinformation campaign that the phony stories are a part of.
But the business’s experts have found that the news website compromises and the online accounts utilized to spread out links to those fabricated stories, along with the more traditional development of fake news on social media, blogs, and websites with an anti-US and anti-NATO bent, all tie back to a