Truth Could Be the Web's First Casualty

Hackers have moved markets with false reports. In a time of war, we can't allow a tech-savvy foe to sow chaos by tampering with news sites

By Alex Salkever

The U.S. government threatening to put to death a programmer accused of breaking copyright laws? Sure sounds draconian, but that's what some visitors to Yahoo! News could read on Sept. 18 if they searched through the archives for stories about Dmitry Sklyarov. The Russian programmer wrote software that disables the copyright-protection scheme on Adobe's eBook digital publishing package -- hardly an offense that merits capital punishment.

In fact, no such threat had ever been made by Washington. A 20-year-old hacker named Adrian Lamo had broken into Yahoo's publishing system and subtly altered an Aug. 23 news story on Sklyarov. Lamo took this action to prove how easy it is to manipulate information at trusted news sources. Online security news site broke the story of this news hack.


  But Lamo wasn't the first to make such a bold gambit. In September, 2000, malicious hackers altered the content in three separate stories on the Web site of the Orange County Register, a major Southern California daily with a circulation of 357,000. In one of those stories, they changed the text to state that Microsoft Chairman Bill Gates was a hacker wanted by the federal government, even though he is no such thing.

These two incidents loom large as the meaning of information warfare changes in the Digital Age. Notice that they're not hacks that scream out: This site has been altered or defaced! Instead, experts dub these more subtle attacks as "semantic hacks." Through perverting trusted sources, electronic assaults aim to alter public perceptions by manipulating information in ways not immediately obvious to readers.

That's something media organizations and other public sources of information need to guard against more than ever these days. As anyone who watched the Osama bin Laden video broadcast on Oct. 7 can attest, the current crop of terrorists understand the importance of using the media to transmit their propaganda and views.


  The genesis of semantic hacks traces back to crude Web-page defacements that emerged as a type of digital one-upsmanship in the computer underground of the mid '90s. In the late '90s, semantic attacks emerged as political statements. So-called "hacktivists" defaced the Web sites of Nike and other international corporations with anti-globalization messages.

Soon proxy battles broke out, in which nationalistic hackers defaced Web sites in opposing countries. Witness the online altercation between Chinese and U.S. hacktivists that erupted after a Chinese fighter and a U.S. reconnaissance plane collided in midair on Apr. 15. But so far, the majority of attacks have remained obvious enough for the general public to spot. For example, the Nike hack directed visitors to a Web page that screamed "Global justice is coming -- prepare now!" The effect of more subtle semantic hacks could be explosive.

The U.S. got a taste of this potential devastation when 23-year-old Mark Jakob maneuvered his former employer, Los Angeles-based Internet Wire, into putting out an official-sounding but phony news release in August, 2000, stating that a small, high-tech networking equipment company named Emulex would record a loss and not a profit in the coming quarter.


  The pseudo press release, which was picked up by major news organizations, caused Emulex' stock to plunge $90 and lose $2.5 billion in market cap in 15 minutes before Nasdaq halted trading of the stock. Investors traded millions of shares on the news, and many got stuck with losses they were unable to recoup later. For this, after pleading guilty to two counts of securities fraud and one count of wire fraud, Jakob received a sentence of 44 months in prison in August.

Big companies are hardly immune to this type of manipulation. A similar case in March, 2001, concerning Lucent Technologies resulted in a 4% share decline. The jump from moving company stocks to moving markets is not that great. News about big companies, such as General Motors, Microsoft, and IBM, can cause swings in minutes, as traders and investors scramble to react. A series of false news items could conceivably destabilize markets by reducing the credibility of information sources.

Likewise, in politics, subtle manipulations could cause huge shifts. Imagine if a series of hacks at were used to inflame residents of Muslim countries by falsely attributing inflammatory statements to Colin Powell or Pakistani President General Pervez Musharraf. The Web is already crawling with doctored images, rumors, and false reports. Spreading such disinformation under the banner of respected brand names is a toxic brew.


  While media organizations can hardly be expected to control those types of rumors, they should realize that they are targets in the new field of information warfare. In the past, media organizations have not worried much about this threat. In part, that's because they haven't suffered many major attacks. In the case of Emulex, Jakob used a comparatively simple technology -- the fax machine -- to perpetrate the hoax.

Now, with the war on Afghanistan picking up steam, a clear and present danger still threatening the West, and a world recession looming, news sites must play for keeps. That means undertaking rigorous audits of publication systems and installing software that can better police or monitor changes to content published on the Internet.

Such steps could prove fiscally painful in light of the current advertising slump. But the good name of a news organization far outweighs any short-term outlays. And media companies' responsibility to the general public and the world community should be the paramount consideration.


  Even for companies that have taken these precautions, vulnerabilities will emerge -- and hacker terrorists, or even foreign governments, will attempt to exploit them. For that reason, content sites should be doubly alert to spot any changes. That means increased vigilance in organizations accustomed to running at full-tilt in order to post the news.

It won't be easy. But in an age when information, more than ever before, drives economic and political realities and news outlets are global, locking down the news no longer is an option. It's a necessity.

Salkever covers computer security issues twice a month in his Security Net column, only on BW Online

Edited by Douglas Harbrecht

Before it's here, it's on the Bloomberg Terminal.