I recently spotted a pretty perfect example of how someone might go about Information Laundering through a public figure. In this case reporter Ken Klippenstein targeted an anti-vaccine proponent active on Twitter. Ken sent the following private message to their account:
In this case Ken pretended to be a fan reaching out to compliment their work. Later, we see the account sharing the same image to their followers:
The funny thing is, this isn’t a picture of Dr John Sims; it’s actually Johnny Sins, an American adult film star playing the role of a doctor. In this scene the actors are not talking about vaccines (I assume; I’ll admit in this case I am choosing to take it at face value that Johnny had other things on his – mind at the time). Regardless, Ken’s ‘reveal’ of the trickery gained a lot of traction and commentary on Twitter:
As an aside, I like to try to keep the amount of anti-vaccine content I push into the public eye very close to zero. Ken’s antics appear to have produced bad publicity for the anti-vaccine user, but some people claim that doesn’t exist; if even 1% of people who viewed Ken’s reveal tweet agreed with the ‘Dr John Sims’ quote, or went to look at other things the tricked user had posted, that would be a not insignificant amount of people that had been exposed to a potentially infectious strain of disinformation (which is why I’ve tried to do a bit of redacting in this article). Anyway, we’re here to talk about what this debacle can teach us about Information Laundering, not to kill any joy people might have gotten out of being naughty trolls on the internet.
For those of you who aren’t aware, Information Laundering is when someone produces some disinformation, and tries to get it published or amplified by a particular third party (one which has been researched, and is known to have access to a target individual or group). Typically inauthentic accounts will be put into position to send the message (as is likely the case here; I don’t think Ken’s message would have been believed if sent from his own account).
This is done to allow threat actors to hijack and exploit the trust people have in a public figure (increasing the probability that a target audience will believe the proposed narrative), and can help obfuscate the source of information (so that researchers can’t figure out what stories aggressors are trying to get people to believe).
Because Ken’s end goal wasn’t to surreptitiously expose his target’s followers to specific content, he revealed how he managed to get his doctored image shared. This is something we don’t often get exposed to; Twitter users usually have no reason to share sources for the content they post, and threat actors certainly wouldn’t publicly celebrate when they pull off this kind of attack.
It shouldn’t be surprising that it took just one private message of support alongside the image for the target to go on to publicly share it to their timeline, but I am a little surprised. I imagined one would need to include something in the messages suggesting that it should be shared, but of course that could appear suspicious – and the operational cost of sending a message to a public figure from a newly created account is so low that it wouldn’t really matter if you only had a 5% chance of success; if it doesn’t work it doesn’t work you can always try another target with a similar audience, you don’t really need to be pushy about it.
Public figures have been a big spreader of disinformation, and in this example we see how easy it is to get someone to share something to their followers. My suggestion; there should be a training program that Twitter users are enrolled in once their accounts gain over X followers, or maybe as part of their verification process. This program would focus on increasing resilience to manipulation from third parties (by the way, you should check out this lesson I made on the topic). The example Ken exposed us to demonstrated a bit of light trolling, but others show cases where Russian backed influence operations use Information Laundering to sow discord related to American protests. So we should probably do something about that.