COUNTERING SUSTAINED ROGUE INFORMATION WARFARE

In 2000, the Yahoo message boards were full of postings that insinuated that Titan Corp.'s stock was headed south. According to one message board, 'A very very bad earnings surprise is coming today.' Titan was getting nailed with huge sell orders! 'Jump the sinking ship,' said another, posted by someone with the screen name 'CCRibber.'

If the goal was to scare investors and drive the stock price even lower, it worked. Messages like that (plus a fake analyst report criticizing Titan) sent Titan's shares plummeting from $45 on June 20, 2000 to $20 on Aug. 22, 2000. It was a staggering 56% loss in market value, totaling $1.4 billion.

Sustained Retaliation

The San Diego-based high-tech company filed suit on Aug. 30, 2000 angrily charging that the posters were 'unscrupulous short sellers' who conspired to depress the stock for their own profits. The company got a subpoena to 'smoke out' the people behind the three dozen screen names that had torpedoed Titan's stock.

The case hasn't wrapped up, but it's yet another episode in which corporate reputations have taken a real sustained beating from rogue Internet messages, fake press releases, and 'gripe sites.' Of course, critical opinions are legally protected as free speech, but when the messages are false, defamatory, or trying to manipulate the stock, corporate America is fighting back.

To do that, companies are hiring Internet IW monitoring firms that use software that scans the Internet to find out what's being said about business clients. They're also hiring private investigators to track the perpetrators. But it's not something you want to do if you're just aggravated [about the messages], because the investigation can be very expensive-say, $40,000 to $50,000.

The investigations usually turn up former employees, disgruntled insiders, or stock manipulators. The big challenge is identifying the people behind the anonymous screen names. A flurry of messages may actually be the work of only one or two people who use different handles to make it look like they're a crowd.

One approach is to file a 'John Doe' lawsuit and use subpoena power to obtain the identity of the mischief maker from his or her Internet service provider. That's what Titan is doing, but it's a strategy that has to be used with caution. It should be a serious lawsuit, based on a cost/benefit analysis.

Another technique employs 'forensic psycholinguists' (the same folks who analyze hate mail sent to the White House), who look for signs that the messages came from the same poison keyboard. In one recent case, a psycholinguist studied 40 messages from three screen names and concluded that they came from the same writer because they had the same format: a question in the headline and the answer in the body. The messages also used the same vulgarities.

Based on the analysis, the psycholinguist surmised that the writer was probably 40, white, professional, and, perhaps, a day trader. Furthermore, the analysis indicated that he or she suffered from low self-esteem and felt his or her regular job was threatened by the acquisitions of the company he or she was berating.

Private detectives can also engage suspects in on-line conversations to seek clues about their identities, but there's a danger that the undercover gumshoe could tip his or her hand or cross the line into entrapment. There are even better investigation tricks. For example, perpetrators may have left some electronic footprints behind by filling out a Web site guest book with the same cybersignature they use later for derogatory messages.

Sometimes the text of a message itself provides clues. If they say it's snowing outside, you can check [weather records] to find out where on the planet it's snowing right now, to narrow the suspect pool. If they say they have a blue Jaguar and live in Ohio, you can get a database that lists every blue Jaguar owner in the state.

Apparently, private companies are willing to go to great lengths to identify Internet content that besmirches their corporate reputation or infringes on their intellectual property. For example, Nintendo of America Inc. in Redmond, Washington, retained Cyveillance to identify pornographic Web sites that use its video-game brands such as Pokemon or Mario Bros. to draw visitors to their sites.

Cyveillance uses both human and artificial intelligence to monitor on-line brand abuse for clients. First, the company's Web crawler looks for information that meets customer-defined criteria. Then a team of e-commerce analysts studies the automated reports and recommends a plan of action. The cost ranges from $90,000 to $500,000 per year.

But such services can be used for much more than just defending against countering sustained rogue information warfare in the form of defamation and piracy. Clients start off having a defensive mindset, but then they transition to more of an offensive approach.

In other words, they begin to use Internet surveillance for benchmarking and competitive intelligence, such as finding out when a competitor adds a new feature, such as on-line customer chat, to its Web site. Internet surveillance can even help companies gather soft information such as 'marketing buzz' from the world's largest focus group.

NetCurrents, Inc. in Burlingame, California, uses artificial-intelligence technology that scans Internet message traffic to provide a real-time graphical display of public sentiment about a company. Positive messages show up as a green bar, and negative ones as a red bar. But NetCurrents may not stop there. Theoretically, the technology could be used to gauge customer reaction to a new product or voter reaction to a presidential debate.

Law enforcement's new weapons for protection against random rogue information warfare, with regards to electronic detection, spurs privacy proponents to strike back. But will these shifting tactics by law enforcement agencies really protect private companies? Let's take a look.