Social media companies have started to become more efficient at recognizing and taking down fake accounts designed to spread fake news and propaganda. But operators of traditional media websites and other digital platforms that regularly publish vital news information to the public may also want to train themselves be on the lookout for disinformation secretly implanted on their sites via web server compromises.

Indeed, a new report from FireEye details an apparent foreign influence operation targeting Central and Eastern European news sites, whereby malicious actors have been adding fake content to the sites in some cases completely replacing a genuine story with a fake one.

Dubbed Ghostwriter, the operation has been active since at least March 2017 and has produced fake content that spreads anti-NATO sentiments and aligns with the goals and interests of Russia, according to a new blog post and research report from FireEye's Mandiant Threat Intelligence team, which in part cites intelligence and documentation gleaned from foreign governments and news sources. Mandiant says it believes "with moderate confidence" that Ghostwriter is an element of a "broader influence campaign."

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.