Memetic Warfare Weekly will occasionally publish blog posts from guest authors, below is one from Roy Zinman, which focuses on information operations/disinformation and their impact on business. Roy is a disinformation researcher, former head of the open-source intelligence division in the Israeli Military Intelligence Directorate’s unit 8200, and entrepreneur.
If you’re interested in publishing an article via MWW, feel free to reach out at contact@glowstickintel.com. If interested in contacting Roy, please do so via contact@reckoner-ir.com
The views expressed below do not express the opinion of Glowstick Intelligence Enablement, Memetic Warfare Weekly or any other individual or organizations beyond the author.
Historically, information operations have primarily targeted public opinion, society, democratic institutions, and political parties. This is due to the fact that these operations were originally developed by state actors, who extended propaganda traditions into the cyber and social media era.
Even when examining the activity of non-state actors, such as private "Disinformation as a Service (DaaS)" or "Black PR" agencies, as recently highlighted by a series of investigative reports from the journalist alliance "Forbidden Stories," the most shocking and disturbing stories reveal election interference in Asian and African countries. It appears that geopolitical disinformation is also a lucrative business for private IO actors, as people are willing to pay handsomely to gain political influence where they lack their own IO capabilities.
However, these recent revelations also bring attention to the growing threat of IO targeting businesses, retailers, and brands.
Companies may sometimes be exposed to disinformation originating from state-level actors. I refer to this as a "caught in the crossfire" situation, where a company becomes collateral damage for an operation targeting society at large. For example, a Kremlin-originated IO promoting the narrative of Western Europe freezing to death due to support for Ukraine may negatively impact energy companies. In some cases, companies themselves are targeted, as with pro-Russian disinformation targeting Polish food producers (mainly in the meat and dairy industry), according to research conducted in 2021.
Politically motivated trolls can also target and damage brands, as in the well-known case of Starbucks being hit twice with the "fake coupon" technique, originating from 4Chan users.
This fake coupon technique can take on a much darker and damaging effect when used by a competitor. In February 2020, Facebook announced the removal of accounts and pages operated by Mytel, a joint venture between the Vietnamese military's Viettel Group and a consortium of companies controlled by the Myanmar military, which engaged in a disinformation campaign aimed at manipulating customers of its competitors in Myanmar.
The campaign involved the creation of fake Facebook pages that posted false information about the quality of services provided by Mytel's competitors. These pages gradually accumulated followers over months by sharing viral general interest content, and even promoted positive or neutral posts about the competitors to obfuscate their intentions.
At the height of the campaign, a fake promotion for a free data plan by the competitors involved entering a code into the mobile device that caused it to malfunction.
This type of behavior is not uncommon among telecom companies in Myanmar, where there is intense competition for customers. However, Mytel's involvement in the disinformation campaign highlights the potential ethical concerns that can arise when companies with close ties to authoritarian regimes engage in such practices. The risk is higher for companies competing in such environments.
Interestingly, Facebook attributed this campaign to a Vietnamese PR agency named Gapit Communications. It is one of the best-documented cases of a company contracted to perform IO on competitors.
By the end of 2019, there were already dozens of "Black PR" companies documented by Buzzfeed. It is reasonable to assume that the exponential growth in the number of these services has continued to this day. As these services become more accessible, the risk of being attacked increases.
Another risk worth discussing relates to publicly traded companies and stock manipulation. Terms like "short and distort" and "pump and dump" are familiar to stock market operatives, but these tactics might be truly weaponized with IO techniques.
We saw a demonstration of the potential threat when Eli Lilly's stock fell by over 4% after an activist impersonated the company's official account, using Twitter's new "blue check" paid verification scheme to tweet that "Insulin is now free." In this case, the person behind the impersonation came forward and admitted to "pranking" the company.
In other cases, however, it would be very difficult to attribute the spread of viral content that influences the market. Account impersonation or account takeover is particularly dangerous, but other techniques, such as a forged "leak" or viral customer complaint, can achieve similar effects.
There are other scenarios in which companies can be targeted by IO, including ideological activists, criminal organizations, and more. Recent revelations about disinformation-for-hire services demonstrate how imminent, premeditated, and sophisticated these threats can be.
In conclusion, while information operations have traditionally been associated with state-level activity, the rise of social media and the increasing importance of reputation management in the digital age have led to a trend of these operations targeting businesses and brands. As such, it is crucial for businesses and brands to be vigilant and take proactive steps to protect themselves from these types of operations. This may include monitoring social media channels for suspicious activity, investing in cybersecurity measures, and engaging in response and crisis management strategies to mitigate online threats, which I will discuss in more detail in the future.
If interested in hearing more, feel free to contact Roy at contact@reckoner-ir.com
This is an important topic and a serious threat. Social media-fueled rumors can also cause bank runs, as Natto Thoughts has pointed out https://nattothoughts.substack.com/p/stymied-in-ukraine-putins-government . Also, in a comment on that post I pointed to a May 22, 2023 false report that an explosion had occurred at the US Pentagon that morning https://www.insider.com/ai-generated-hoax-explosion-pentagon-viral-markets-dipped-2023-5 .The image appeared to be AI-generated or otherwise manipulated. On this false news, the S&P Stock Index briefly lost $500 billion (https://twitter.com/jsrailton/status/1660679743266607105 Russian state media amplified that story before it was taken down. The May 2023 incident also resembles the 2013 hack of the AP News Service Twitter feed in 2013, which claimed that a bombing of the White House had injured US president Barack Obama and caused US stock markets to plunge briefly. The hack was attributed to the Syrian Electronic Army (SEA) (https://www.justice.gov/opa/pr/computer-hacking-conspiracy-charges-unsealed-against-members-syrian-electronic-army). Resemblances between the SEA's targeting and tactics and that of Russian pseudo-hacktivist groups suggests cooperation between them. In addition to the political effects such false messaging could have, people involved in these hoaxes could have capitalized on the brief stock market plunge and rebound to profit from stock manipulations.