Breaking Zero-Trust: The Perception Threat

The more connected people are the easier it is to redefine their reality and perceptions. the next evolution of threat is upon us.

Recently I posted an article that discussed Threat Scope Maturity. In that article I stated the newest widely disseminated threat scope maturity is the zero trust model. While that is true, it is not the most advanced model around. A new era threat scope has emerged but has not been fully defined or realized. This new threat is focused on the perceptions of humans and not the technology and as such I have dubbed it the “perception threat”.

In our experiences as a fully connected and exploited culture we are inundated with stimuli from a broad range of unknown sources that work (sometimes in concert) to mold our perceptions in a way that will create a desired outcome. The most obvious example of this would be advertising. As a standard user moves from digital device to digital device (from cell phone to computer to smart T.V. For instance) and from platform to platform (from social media site to movie streaming app to music streaming app) the advertising remains consistent. In many cases the same add is displayed in all places. People are being programmed to consume space in their brains for products that stalk them online.

Where it gets scary. Advertisers do this en mass using “AI” and algorithms that leverage specific generalities. Additionally they stay (mostly) on the advertising platform side of the business. Not all of those things are true for adversaries whom want to target you or your organization specifically.

If your organization is specially targeted and you have a social media profile it is fairly easy to build a network of phony personas that can be leveraged to completely alter your “online” experience. Let’s consider the following example.

Insider Threat Example (not based on any real situation or occurrence, completely fictional)

Margaret was a long time employee of Notional United, a company that specializes in making ATMs. Margaret attended a fairly large school and had a number of really close friends she hadn’t spoken with in years. About two months ago Margaret accepted a friend request from Charity, her best friend from school. They spend hours talking and Charity even sent photos of her husband, kids, dog, and house. Then Charity offered to connect Margaret with other old friends. Margaret reconnected with a handful of friends and added a few more than that. Margaret even started liking some of her friend’s posts and they reciprocated. About two months ago Margaret noticed her feed was seeing one or two negative stories about banks a week. Then it was four or five and soon became a couple a day. Even her advertising seemed to be primarily financial related. The articles she read almost always seemed to show how greedy banks were foreclosing on homes of hard working honest people while making billions on interest and receiving free money from many governments. Every time Margaret was “online” there was another meme or article or caricature showing the evils of banks and the desperation of humans. Soon Margaret found herself being invited to and automatically added to groups that seemed to have the sole purpose of exposing and stopping the evil to help society. That’s when Margaret decided to download a software program from a fellow group member and upload it to her work computer.

What Margaret didn’t know was she never connected with old friends. She connected with a single adversary that targeted Margaret because her school information and former classmate’s data was easy to find. The adversary built a small network of accounts and “reconnected” with Margaret. Once those accounts receiving “likes” from Margaret the adversary started mixing anti-bank messaging i to the other posts slowing creeping towards total anti-banking only posts. This ensured Margaret’s feed would start to display these. The adversary then created anti-banking groups and added Margaret to them. Other users may have joined as well. The adversary then convinced Margaret that she should help the adversary by running a malicious program on a work computer.

By taking the time to dominate Margaret’s reality (online experience) the adversary was able to move Margaret away from being a long-term dedicated employee to a hostile insider that may have created untold amounts of damage.

The more connected people are the easier it is to redefine their reality and perceptions. the next evolution of threat is upon us. It is true that previous generations have attempted to modify or overtake our reality and perceptions but with the number of hours that users are spending “connected” there has never been a comparable parallel. Every moment online is a direct feed into the user’s brain and can be leveraged to redefine the user’s fundamental understanding of the world and environment. If you have doubts just consider the uproar from political communities about election tampering and campaign advertiser micro-targeting.

Do you perceive the world as it is or do you perceive the world as it is advertised? How is your reality defined and by whom?