by Rick Grinnell

When emotions run high: Protecting your network infrastructure from reputational attacks

Mar 02, 2021
CSO and CISORisk ManagementSecurity

In todayu2019s environment, where one angry tweet can go viral, CISOs play a critical role in protecting the brand.

The open jaws of a spring trap lie in wait. [danger / risk]
Credit: Mevans / Getty Images

Many people were cheering for the Kansas City Chiefs during Super Bowl LV. Not because they were Chiefs fans, and not because they didn’t like the Tampa Bay Buccaneers. They wanted KC to win because they wanted, more than anything else, for Tom Brady to lose.

Probably more than any other modern-day athlete, people despise Tom Brady (a quick Google search will show you just how much). In the days leading up to the Super Bowl, social media got vicious with its anti-Brady commentary, and that has a way of trickling down to the way football fans look at the team and its brand. The question is, would someone launch a cyberattack against a football team just because they dislike Tom Brady that much? You better believe it is possible, particularly in the current environment we are living in.

People are angry right now. Maybe it is politics. Maybe it’s sports. Maybe it’s winter. Maybe they are frustrated with the pandemic. Whatever the reason, there’s enough evidence out there for companies, brands, and other institutions to be on red alert.  Attacks against companies and government agencies have accelerated, and have increasingly taken on an uglier complexion.  Just look at the recent events at the US Capitol, and the cyber-attack trying to poison the water supply of a Florida city, to pick two high-profile cases.

Reddit, GameStop, and Robinhood

Recently, emotions were churned up when Reddit users began to buy stock in GameStop and AMC. They were frustrated by hedge funds they believe gamed the system and made tons of money during the pandemic while many individuals have struggled. Hedge fund CEOs and investors were in turn livid that the Reddit users were manipulating the stock prices higher, against their short positions, creating huge losses.

In the middle of all of this was the Robinhood trading app that made it easy for those inexperienced at trading to get involved in the stock market, and easily join the “fight” against the hedge funds, while hopefully generating a large return at the same time. Robinhood certainly made mistakes in all this, and it was toward this company that the most vitriol was focused at the end. The day after the stock market frenzy, for example, amessage board affiliated with Ohio State University had at least one user who suggested that Robinhood should be hacked to eliminate trading limits, while other posts warned that their information on the app had been compromised.

Why this matters to CISOs

Angry people want a way to vent their rage and many of them do it via social media and message boards. This in turn can rile up others to pile on, in some cases taking actions that go beyond simple verbal criticism. If that rage is directed at your brand, the impact can be devastating. No one wants to see their organization denigrated publicly, but one angry tweet can lead to more angry tweets and retweeting, and so on until it is a full-blown misinformation campaign. That’s how conspiracy theories start. After a while, no one knows what is real anymore, and that takes your company down a whole new rabbit hole.

The misinformation and disinformation campaigns begun by people with a grudge can also impact your company’s network infrastructure and security. We all remember a few years ago when Anonymous hit companies with DDoS attacks because the members wanted to make a statement. Now, these emotions against a company are pushed in ways that spread false information and encourage those who share those feelings to click on websites, videos, and links that download malware.

Or you may have a disgruntled customer or former employee who creates a fake website using a domain name close to yours—using .co instead of .com or using a common misspelling of your company’s name, for example—to entice people to go to a site that is filled with lies about your company or redirects customers to nefarious sites.  While fake sites previously were built primarily to phish unsuspecting customers for financial gain, increasingly we are seeing clones being created to simply tarnish or destroy brands.

As a CISO, you have to assume that negative or incorrect information about your company exists on the internet, especially on social media, and it is critical to stay on top of this to find and fix it. The primary steps you can take to protect your brand from rogue actors include the following:

  • Set up alerts that will bring misinformation campaigns to your attention
  • Protect and back up your web copy regularly with the anticipation that you may be hacked
  • Be aware of the rise of deep fakes sending out false messages
  • Work with your marketing and social media teams to check for anything that looks fake
  • Create a team to handle damage control if there is a misinformation campaign against your corporate brand
  • Look for vendors that can help identify and take down fake sites quickly before any meaningful damage can occur

Every company, large and small, is at risk of having its reputation destroyed by angry people.  And while the brand may have been built by the CMO and the marketing department, its protection and preservation falls squarely on the CISO and the security team.  Never before have we seen the CISO play such a role in protecting the public image and value of the organization.  This is especially true if the company has been involved in something controversial, had a cyber incident that results in bad publicity, or has hired a somewhat disliked quarterback in the NFL.