CDSA

CPS EU: How to Survive in Today’s Social Media World of Hackers

There are many steps we can all take to survive today’s social media world of hackers, according to Clint Watts, senior fellow at the Centre for Cyber and Homeland Security at George Washington University,

“How do you survive in this sort of environment where there’s so much information… in any given minute around the world?” he asked rhetorically on June 29 at the Content Protection Summit Europe (CPS EU) event, during the opening keynote, “How Do You Survive in a Social Media World of Hackers?”

Watts, who is also a Foreign Policy Research Institute fellow, national security contributor for NBC News/MSNBC and a former special agent for the FBI, shared his extensive knowledge around terrorism, counter-terrorism, social media influence and Russian dis-information.

“Today, on average, and this has gotten worse with the pandemic, people spend somewhere between three to five hours using their phone or connected to the Internet in some sort of way,” he said. “In the pandemic, it’s grown substantially, probably by a fourth.” As a result, peoples’ perceptions have “dramatically changed,” he told viewers.

20 to 30 years ago, during the analogue era, people watched only about 30 minutes of news each night and might get a local TV news channel for about 22 minutes minus commercials, he noted.

Today, however, “people consume a tremendous amount of information [and] it really changes your perspective,” he said. What has happened is “lots of bad actors have realised that they can use this machinery, they can use this information environment to their own ends,” he pointed out.

About seven years ago, while working in counterterrorism, he started getting “trolled relentlessly, and I couldn’t figure out exactly what was going on,” he recalled. Much of it was late at night and was done by people who appeared to be Americans, he noted.

There were also groups of what were called “honeypot accounts,” made up of “either very attractive women or they were political partisans that wanted to talk to people about their political views,” he said. Those who responded to these honeypot accounts ended up causing their companies to get hacked and malware was often installed, he noted.

“What we saw was a troll army” that was made up of hackers tied to the honeypot accounts and what were called “hecklers” back then and now known as trolls, he said. All of them were “tracked back to Russia” and they started interfering in the 2016 U.S. election, he noted.

“Once you see this emerge out into the open space, everyone starts to replicate this model,” he pointed out, adding: “Today, you’ll see companies targeted with all sorts of false media stories.

While studying this over the past seven years, “what we’ve come to learn” is that it is a system “originally called active measures” and is actually a “playbook” that “everyone uses” today, he explained. The troll army of hackers, hecklers and honeypots, “when working together in the social media space, then share very overt propaganda,” he said.

This tactic was designed during the Soviet era and what it involves is picking different audiences and pulling them apart because “if they fight each other, they cannot fight you,” he explained.

Those doing it also used “fear-based messages to strike into people’s minds because when you’re scared, you tend to take on information that you might not otherwise believe,” he said.

They also tended to focus on social issues that “provide divisive wedges that, when you want to go towards an election – or a corporate board meeting for that matter – you can use political messages, you can start to shape what the audience is hearing and what their perspective should be,” he explained. Those doing it also pretended to be people just like those they were communicating, he noted.

Much of this happening on social media networks plays to three biases: Confirmation, implicit and availability, he pointed out. Those biases are “really what drives social media today and people’s perceptions of things,” he said.

Those biases also play to what are now “three dynamic changes,” he noted. “The first one is clickbait populism” where people change their behaviour on social media platforms and information platforms because they want to draw more support from their crowd, he said. The second change involves “social media nationalism, where people, because they spend more time on [a] device, actually start to coalesce in digital tribes in ways that are as powerful as their physical nation or their physical tribe,” he said.

This starts to “change what happens in the physical world, leading to things like mobilisations or protests or advocacy,” he explained, noting it “can go both ways [and] it’s not always negative.” However, it has “re-shaped the way people think about themselves and what they’re a part of,” he said.

The third change has been the “death of expertise” in which everyone who has an online account thinks they are equally smart on every topic, he told viewers. This had “led to accessing more information and understanding less that leads to a distortion, where we can become confused about our environment we’re in and how we should think about it,” he explained, noting it’s “changing our perception over time.”

Information battles today are a combination of cyberattacks and social media influence operations, which he predicted “will only continue to grow as more people enter the space.”

Today, everybody basically has a printing press, a broadcast studio and their own film production company of sorts, he noted, adding the amount of content that’s created each day “can overwhelm” audiences.

Information manipulators can pretty much fool most of us today, even younger people, he went on to say.

Many of those young people who claim to be smart about technology will often go and “buy something from a social media influencer without realising that social media influencer was paid by a company to do the marketing,” he pointed out.

Online manipulation is now routinely being done by not only hackers and trolls, but bots and bot communities also, and techniques being commonly used include shallow fakes and deep fakes that are challenging everybody’s perception of reality, Watts noted.

What people believe often comes down to four things, he said:

  1. People tend to believe that what they see first.
  2. People tend to believe what they see most (something advertisers know well).
  3. People tend to believe whatever they hear from a trusted source.
  4. People tend to believe what they hear when there is no rebuttal offering an alternative explanation.

Watts went on to discuss the rise of ransomware, noting that attacks have been seen against all industries, in all countries. Digital currencies are often being used and governments are trying to match the massive escalation in the problem, he said.

So how do people survive in a social media world? Watts pointed to seven methods:

  1. Determine the costs and benefits of social media use.
  2. Value human connections more than virtual connections.
  3. Spend more time in the physical world than the virtual world.
  4. Know the source of the information you consume.
  5. Listen more than you speak, read more than you write and watch more than you film.
  6. Understand what you will tend to believe.
  7. Know when you are an expert and when you are not an expert.

How do we survive in a world of hackers? Watts pointed to four steps:

  1. Anti-virus everywhere
  2. Trust but verify. Before you click, make a text or call to check who it is you are communicating with.
  3. Do the basics: Two-factor authentication and password changes.
  4. Software updates, which are easy to do if you let the machine run.

And how do countries survive in a social media world? Watts pointed to four things:

  1. Restore trust and confidence in institutions.
  2. Strong public and private sector partnerships
  3. Refuse falsehoods levied against the government and companies.
  4. Partner with social media companies to stop false information impacting public safety. (Despite what many may believe, the major social media companies are getting better at stopping false info, Watts said.)

Companies can also better prepare for hackers by taking steps that include: Having a social media policy for employees; user training for cybersecurity and social media; and maintaining an insider threat program beyond just data loss, Watts said.

Content Protection Summit Europe is presented by Convergent Risks, with sponsorship by Richey May Technology Solutions, Synamedia, BuyDRM, Friend MTS, NAGRA, and X Cyber Group.

The event is produced by MESA, the Content Delivery & Security Association (CDSA), the Hollywood IT Society (HITS) and Women in Technology Hollywood (WiTH), under the direction of the CDSA board of directors and content advisors representing Amazon Studios, Adobe, Paramount, BBC Studios, NBCUniversal, Lionsgate, WarnerMedia, Amblin Entertainment, Legendary Pictures, and Lego Group.