fake news and cyber security

In 2017, Collins Dictionary announced ‘fake news’ its Word of the Year. During a highly contentious political period, we have all become aware of the ubiquity of misinformation in the media. However, it is not just the authenticity of politics that fake news compromises, it also poses a real threat to cyber security. Agents of misinformation may spread fake news as a guise for malware and other security threats, making fake news and cyber security a key concern for any industry, especially the legal sector.


What is fake news?

CSO defines fake news as “the deliberate distribution of lies with the goal of swaying public opinion or dividing people.”

They explain that combatting it is a top priority for security providers because “it is difficult to identify and block — and because it helps spread malware.” The simple weaponisation of (mis)information is the latest attack vector being utilised against personal data, business information and cloud systems alike.

Fake news and cyber security go hand in hand. In fact, as security professional Hamid Karimi told CSO,

“CIOs and CISOs must be concerned with fake news in the sense that such cases typically indicate the presence of malware, not the other way around.”

Whereas individuals are by now well aware of scam emails promising cash sums or compensation, fake news still misleads many, providing hackers with a new platform to lure in unsuspecting victims.

This is often because the headlines of fake news stories are written to seem believable, making it difficult to determine their validity before reading the full article. As Business Insights reported, James Scott, a senior fellow at the Institute for Critical Infrastructure Technology (ICIT), claims fake news scams

“range in complexity from precise, error-free custom tailored spear-phishing emails that leverage the target’s LinkedIn profile, to typo-filled mass-spam. A single click can deliver a devastating malicious payload that will haunt an organization for years to come.”


Fake news and cyber security – what are the effects?

One of the main targets of corporate fake news hacking is the employee. A hacking body may send emails to law firm professionals about a supposed news leak, enticing them to click the link out of a desire to be up-to-date on industry information, or through mere curiosity. That link may direct them to a site containing malware, or may attempt to prise sensitive company information.

However, fake news can also affect a law firm by distributing false claims about the business itself. Any company is vulnerable to this tactic. In May 2016, Buzzfeed News published a story claiming a US jewellery shop was replacing real diamonds with fake ones. The story was untrue, but the bad press caused the brand’s stock to fall by 3.7%, not to mention tarnishing their reputation to this day. Clearly, the impact of fake news is not to be underestimated.


Fake news and cyber security – protecting your law firm

So the question is, what can businesses and professionals in the legal sector to do protect themselves against the security risks of fake news?

The answer is simple: knowledge and preparation. CIO of The Telegraph, Chris Taylor, says:

“It is crucial that companies are ‘appropriately secure’. That means making sure they understand macro threats and local industry threats.”

To achieve this, you should treat the threat of fake news phishing the same way you would any other security hazard. Learn to identify potential risks, then report and resolve breaches quickly within a set protocol. From monitoring fake news sites, to securing your cloud systems, to installing malware detection software, you should be prepared for every eventuality.

This also means educating employees on the risks of fake news scams and what they might look like. It is always easier to prevent an attack by training employees in which kinds of emails, links and posts should flag their concern, than trying to fix a breach later.

However, as both Taylor and CSO admit, this is a lot of work for a business to do internally. To appropriately monitor and prevent the threat of fake news hacking, a particular set of analytic resources, skills and expertise are required. Both sources conclude that hiring help from specialist cyber security companies is a wise choice.

Fake news truly is one of the biggest threats to the legal sector today. However, in the right hands, your company’s systems can be kept safe and secure, protecting your data and reputation alike. To find out more about how CBS can protect your company from the implications of fake news and cyber security, call us on 020 3355 7334.