The Cybersecurity and Infrastructure Security Agency (CISA) recently released an alert warning critical infrastructure agencies of misinformation, disinformation, and malinformation (MDM) campaigns. CISA stated that the developing Russia-Ukraine geopolitical tensions have increased the risk of foreign influence operations affecting domestic audiences. Threat actors use MDM campaigns to shape public opinion, undermine trust, amplify division, and sow discord. CISA asks organizations to monitor and evaluate MDM narratives targeting their sector and to learn how stakeholders and customers receive information. CISA states that “Malicious actors can use hacking and other cyber activities as part of influence operations. Hackers assist in surveillance or reconnaissance and provide opportunities for destructive attacks. Hijacking accounts and defacing public facing sites can be used to influence public opinion. Organizations should be aware of cyber risks and take action to reduce the likelihood and impact of a potentially damaging compromise.”
Analyst Notes
MDM campaigns can be hard to identify and even harder to address. Organizations should educate staff on how to properly secure social media accounts and to use multi-factor authentication on personal and professional accounts. Additionally, team members should be reminded to practice smart email hygiene and be taught how to spot and avoid phishing emails. Organizations should engage in proactive communication with stakeholders and constituents and develop an incident response plan, including but not limited to responding to media inquiries, issuing public statements, communicating with staff, engaging a previously identified stakeholder network, and in implementing physical security measures.
https://www.cisa.gov/sites/default/files/publications/cisa_insight_mitigating_foreign_influence_508.pdf
