Bad actors are using inaccuracies, lies, and sophisticated deepfakes to target organizations. Part 1 of this two-part series looks at why enterprises – big and small – need to take this seriously. Part 2 will cover how to fight back. (Some tried-and-true cybersecurity tactics can help.)

Tanium: Dan Tynan

Insulin is not free. But a single tweet claiming that it was may have cost shareholders billions of dollars.

When a parody of Eli Lilly’s Twitter account promoted free insulin last November, the intriguing fiction went viral and sent the drugmaker’s stock price tumbling nearly 5 percent, even denting the stocks of other insulin makers Novo Nordisk and Sanofi.

The person behind the tweet did it to make a point about corporate greed and the potential consequences of Twitter’s then-new scheme giving a blue “verified” check to anyone willing to spend $8 a month. But he also unintentionally made an additional point: the increasing ability of misinformation (inaccurate statements made by mistake or through carelessness) and disinformation (lies deliberately told) to take down companies and impact entire industries.

When false information goes viral, it can deal severe financial and reputational blows, and many organizations are only just beginning to figure out how to deal with this new reality.

“Businesses need to recognize that their reputations can pivot on a dime,” says Alan Jagolinzer, professor of financial accounting at Cambridge Judge Business School, and director of the Centre for Financial Reporting and Accountability. “That’s especially true when dealing with a belligerent actor with a strong following.”

Spreaders of misinformation and disinformation can take the form of short sellers hoping to manipulate a company’s stock price, or businesses attempting to sow doubt about a competitor’s products. It might be individuals pursuing personal vendettas, opportunists taking advantage of crises to build their audiences, or nation-states attempting to foment chaos and confusion.

Brands can be damaged and business leaders can find themselves at personal risk, thanks to false rumors or AI-generated deepfakes—with Tesla, online retailer Wayfair, and Mexican cement supplier Cemex among the recent high-profile victims.

And no business is immune. While attacks on multinational corporations grab most of the headlines, false information has impacted small and medium-size businesses from plumbers to plastic surgeons, often in the form of negative “revenge” reviews on sites like Yelp and Google Reviews. A 2022 study by the National Bureau of Economic Research found that fake negative reviews can cause small businesses to raise their prices by 12 percent to make up for lost sales.

Misinformation (and disinformation) made easy

Launching an information attack on a company is much easier than phishing or trying to hack into a computer network to plant ransomware, stresses Lisa Kaplan, CEO and founder of misinformation mitigation platform Alethea.

You don't need to be technically savvy to launch a disinformation campaign, [and] people who are financially or ideologically motivated are increasingly targeting corporations. - Lisa Kaplan, CEO and founder, Alethea

“You don’t need to be technically savvy to launch a disinformation campaign the same way you do in order to successfully access big banking systems,” she says. “And while state actors tend to save their best new tricks for geopolitical moments, people who are financially or ideologically motivated are increasingly targeting corporations.”

Alethea’s AI-based Artemis platform is part of an emerging field of technological solutions designed to detect and defeat information attacks. It acts as a virtual analyst – collecting information across the internet and social media, identifying known actors and common narratives, and looking for coordinated attacks. By providing an early warning signal that an attack may be underway, such platforms give companies time to respond before they spread.

Read the full story here.