Fake news, hacking, hoax, intox, prank… In the digital age, is corporate information in danger? Now banditry and activism are also seizing digital. So how do you protect your brand, your reputation, your leaders, your stock market price? It is on this subject that Jerome Lascombe, co-founder of Wiztopic, collaborative platform for communicators. To limit the risk of theft of a company's identity, its team has developed Wiztrust, an information authentication solution. On the occasion of the publication of a white paper on disinformation, let's dive into the cozy atmosphere of financial indices and stock market turmoil to understand the new risks that communicators have to face.
Hello Jérôme, thank you for this white paper worthy of a thriller where we discover the "communication scams" of which the victims are the companies.
How would you define “corporate news hacking”?
Thank you, but I would use the term "disinformation" more! “Hacking” has a technological connotation, while ultimately the processes here are relatively simple and do not require sophisticated technical skills. Disinformation could be defined as "any attempt or action to manipulate information about a company, including identity theft and relaying false content. "
But how do you usurp the identity of a brand?
If we come back to the basics of communication theory (thank you Marshall McLuhan), any communication action is born from a transmitter, which broadcasts a message, via a media or broadcast channel to a receiver which generates feedback, all in a given environment.
The manipulation of corporate information generally concerns the issuer, whose identity is spoofed. His message will be false, as will the delivery channel, looking like the usual channels of the company. The context of accelerated information dissemination time also makes verification more difficult. Thus, a usurper will communicate erroneous information via a false press release, distributed by email and / or published on a hijacked press room, with false contact details, making the verification illusory.
Do these "disinformers" have typical profiles?
These new manipulators fall into two categories. On the one hand, there are crooks, whose goal is personal enrichment and who manipulate information to create stock market movement. On the other hand, we find activists whose goal this time is to draw attention to their cause, most often anti-liberal or environmental. We also meet followers of malicious hoaxes or even artists specializing in stunts or other media happenings.
Which case struck you the most during your research?
In 2019, the activist group Yes Men managed to manipulate the communication of the first global investment fund: BlackRock. This investment giant, which manages more than $ 6.000 trillion in assets, was the victim of imaginative and efficient manipulation.
The Yes Men hijacked CEO Larry Fink's highly anticipated annual press release. A few days before the sending of the authentic document, they broadcast a fake announcing, among other things, a gradual withdrawal from fossil fuels. The false content was also relayed by a fake site which duped the Financial Times.
In short, it's the world's largest investor and most respected financial media outlet that got caught up in fake news delivery. The seal of trust being affixed by the reference media on false information, it will then be taken up by other media, multiplied on social networks, etc.
Would you say that the editors neglect the checks before any distribution?
Newsrooms are doing their best, but today everything is going too fast, especially when it comes to financial information. A dispatch is generally rebroadcast in a few seconds. How to correctly verify information when you are running after time like this ? Not to mention the robots that automatically produce content, without possible verification.
A few months ago AFP relayed information issued by Extinction Rébellion activists. The latter had carried out an action against the largest Swedish pension fund AP7, by disseminating a false press release, by creating a fake site, and by referring journalists to a fake communications director, who confirmed the "real false facts". Even the verification was manipulated!
What ingredients allow false information to go so viral?
The information must be both spectacular and plausible. Take as an example the attack on Vinci in 2016, whose false press release announced the dismissal of the CFO following embezzlement. The announcement was quite an extraordinary fact to be relayed, without being totally incongruous.
If I use distribution tools approved by the AMF, I limit the risk, right?
In reality, these approved tools (or wires) are not there to ensure information security, but rather to comply with the processes recommended by the AMF. These tools do not have the capacity to certify that information is authentic, but only that its distribution respects a process. In fact, most of them have already been manipulated. The real solution would be to combine them with a device such as Wiztrust. This would ensure full traceability of the information.
Wiztrust is not intended to be a wire, but rather an essential complement to guarantee the authenticity of the source of an information. Each has its uses.
What profiles do the companies that are victims of theft have?
All large companies are affected by these phenomena of disinformation, whether they are listed or not. Small listed companies can also find themselves victims of what is called the " Pump and Dump ". This consists in manipulating the information of these very volatile “penny stocks”, and causing significant price variations that can quickly generate a large profit for the manipulators.
Our role as communicator is above all to protect the reputation of our company! Do you have any advice for us?
To protect a company's reputation, you must first combine tools of effective surveillance to quality relationship and responsiveness at all times ! In particular with the media likely to relay information in a crisis situation.
Because technology generates new risks, it is with technological tools that we remedy them. Our certification platform in the Wiztrust blockchain is a good example of this, ensuring the traceability of information and making it possible to verify its authenticity in real time.
Information certification, how does it work?
Before issuing a press release, its issuer integrates it into Wiztrust, which will extract the data, encrypt it and store it in the blockchain. It actually generates a unique fingerprint, a "Hash", for each file (press release, press kit, photo, computer graphics, financial report, etc.).
Thus journalists or investors wishing to verify information simply have to drag and drop the document onto Wiztrust.com, who will tell them in real time, after comparing the fingerprint of the certified document to that of the verified document, whether this document is authentic or not, in which case it will have to be verified otherwise with the issuer, the listed company .
3 (in) useful knowledge:
- > The channels most used by fraudsters to spread false information are: press releases (73,3%), e-mails or newsletters (34%), websites (32%) and forums (10,6 , XNUMX%) according to the study Market manipulation and suspicious stock recommendations on social media.
- > Our vocabulary is enriched: a "hash" is a series of numbers and letters generated by a cryptographic hash, a "hoax" is false information spread on the internet and a "prank" is a malicious hoax.
- > Our pronunciation is becoming clearer: let's no longer say “activism” but “hacktivism”.
Getting to know Wiztrust better
Wiztrust was created by Wiztopic, the publisher of the software platform for communication teams in the finance sector and listed companies. Today, a quarter of the information of large listed companies (SBF 120) is disseminated with Wiztopic and certified with Wiztrust. This is also the case for most banks, insurers and asset managers in the market.