Special Report: Is the NY Post Article a Late-Game Disinformation Effort to Disrupt the Election?

It's not clear if any foreign threat actor or bona fide "hacking" incident was involved but a whole lot of confusion and chaos reigned. Bright side: U.S. is better prepared to tackle disinformation.

My CSO column published today (which I wrote two days ago and is unfortunatley behind a registration wall) is devoted to mostly what FireEye’s John Hultquist predicts could be “late-game” cybersecurity and disinformation events that could influence the presidential election. Hultquist specifically warned about hack-and-leak operations carried out by adversaries, Russia specifically. He also said he was worried about the planting of stories on websites that are associated with fake documents and images.

Yesterday morning Hultquist’s warning seemed highly prescient given that the New York Post published a story of dubious origins featuring suspicious materials that were purportedly pulled off laptops abandoned by presidential candidate Joe Biden’s son Hunter at a computer repair shop in Delaware. The story was clearly a broadside against Biden and, intentionally or not, designed to hurt his campaign.

Not only is the surfacing of this kind of material at the bitter end of a highly turbulent campaign suspicious, but few of the details — such as the location of the computer repair shop— were confirmed by the Post. Moreover, emails were embedded in the article as images, making them harder to analyze and verify, raising doubts about their authenticity.

As cyberwarfare specialist Thomas Rid pointed out early in the day in a highly quoted Twitter thread, the Post’s reporting should be viewed cautiously. He advised journalists not to write about the story until they could obtain further verification of the details.

The reaction to the Post story on social media was swift and damning. Most journalists and pundits were highly skeptical of the piece. Some just out-and-out proclaimed the story a Russian operation, a logical if unfounded declaration given that few cybersecurity experts have yet developed the basis for that attribution.

The New York Times Maggie Haberman uncritically retweeted the Post article, which generated massive derision and criticism among her fellow journalists and Twitter commentators. They accused her of unthinkingly disseminating Russian propaganda.

At Mother Jones, David Corn wrote a piece on how Donald Trump and his lawyer, Rudy Giuliani, who was the main source of the material, are pushing Russian propaganda. Corn offers no evidence that Russia is behind the article other than the piece is “in sync with Moscow’s ongoing effort to influence the 2020 election to help Donald Trump retain power.”

It should be noted that the author of the piece is a neophyte journalist whose sole previous journalism experience is working as a producer and booker on Fox’s Sean Hannity show. Her social media postings seemingly show her to be a fan of hard-right media figures.

Against this backdrop, Twitter and Facebook took relatively quick action to limit the article's dissemination until further verification of the article’s details could be obtained. Twitter banned click-throughs to the NY Post article explaining that it violated a number of the site’s rules, including a violation of its “hacked materials” policy.

Not everyone bought that the materials allegedly taken off the supposed abandoned laptop constituted “hacked materials.”

Facebook said it is slowing down the material distribution until third parties can fact-check it.

Not surprisingly, the GOP and defenders of Donald Trump are outraged that the story wasn’t having the effect that the Rupert Murdoch-owned paper intended.

Trump himself took to Twitter to blast the decision to block access to the Post story pending verification. He claimed the incident justified one of his favorite cudgels to get social media to accede to his wishes, the repeal of Section 230 of the Communications Decency Act, which insulates a wide range of websites, including social media sites, from content-related litigation.

After all the confusion and drama, three things are worth noting. One, it’s not yet clear that any foreign threat actor was involved in creating the Post story. The piece could have been cooked up by Guiliani or Murdoch executives without any assistance from Russia or another nation-state.

Two, unlike the 2016 presidential election, the U.S. is not quite the pushover for unverified disinformation campaigns that it once was, which could be a good sign that any late-game hack-and-leak or disinformation efforts by Russia could fizzle.

Three, with little more than two weeks to go before election day, it’s likely that more efforts to sway voters will take place. As I quote Hultquist at the end of my column, “The biggest limiter is our recognition that somebody on the outside is trying to manipulate us. If we recognize that, we can really inoculate ourselves.”

Related: The Hill: CybersecurityBusiness InsiderProtocolFortune,  Fox BusinessRT USAVoxThe Sun,  New York MagazineCNBC TechnologyCNBC TechnologyWashington Free BeaconTechCrunchPOLITICODaily KosThe SunchannelnewsbellingcatMotherboardInput,  Daily DotMediaiteCyberscoopMother Jones

Image by Monika Flueckiger, World Economic Forum - originally posted to Flickr as Rupert Murdoch - World Economic Forum Annual Meeting Davos 2009, CC BY-SA 2.0.