The use of misinformation and disinformation has increased over the past few years. According to the World Economic Forum’s Global Risks 2025 Report, these issues were ranked as the most severe short-term global risks, surpassing traditional economic, environmental, geopolitical, and societal threats. What’s even more concerning is that disinformation campaigns will increase as they become weaponized through AI-generated content and bots.

This blog shares insights from an RSAC Member, Heather Lowrie, Founder of Resilionix, and explores the tactics cybercriminals use to deploy disinformation and misinformation, the biggest challenges for organizations regarding digital trust, tips on what organizations can do to mitigate threats, and how to respond to disinformation campaigns and attacks.

AI Weaponization of Synthetic Media for Disinformation Campaigns

Cybercriminals have leveraged AI to deploy sophisticated new disinformation campaigns and spread misinformation using weaponized synthetic media. According to Lowrie, “AI generated videos/audios that impersonate publics figures have become quite common.” For example, in 2022, there was a deepfake video of President Zelenskyy 'urging' Ukrainian troops to surrender.

Beyond deepfakes, AI is used for automated social amplification, enabling bots to create tailored misinformation at scale. Lowrie emphasized that organizations need to keep this capability in mind when creating incident response plans. Lowrie also pointed out that cybercriminals use other AI tools to spread disinformation and weaponized synthetic media through highly personalized phishing and social engineering attacks. These attacks involve scraping personal or organizational data to create customized attempts, such as using AI tools to make calls to help desks much easier to perpetrate attacks. Furthermore, cybercriminals deploy entire networks of fake accounts that simulate public consensus and opinions, allowing them to manipulate behavior on a grand scale.

On the other hand, misinformation can be unintentional. For example, an organization chatbot may present false information as fact. If users cannot consistently rely on information provided by a chatbot, they will still lose trust in that organization, even when the inaccuracy was not maliciously intended.

Lowrie said that organizations need to respond to hybrid warfare as it is happening now. She went on to state: 

"Hybrid warfare operations in the 'grey zone,' below the level of conventional conflict but far more strategic than random disruption. It combines conventional military with irregular, non-military, and covert methods to achieve political and psychological objectives."

Cybercriminals are not just targeting military or government systems, but their efforts also include civilian infrastructure, media narratives, democratic processes, and public trust.

Lowrie highlighted the following tactics used to spread misinformation, disinformation, and reduce public trust:

• Cyberattacks on critical infrastructure
• Disinformation to shape opinion and undermine trusted leaders
• Sabotage and espionage
• Political manipulation and covert influence operations
• Economic coercion.

A real-world example of attempts to undermine governments and reduce public trust is the election security challenges in 2020, where US local elections were particularly vulnerable to global threats trying to undermine the election security process and spread misinformation and disinformation campaigns.

With AI-driven mechanisms like deepfakes and misinformation continuing to evolve, they fuel distrust in the public arena.

The Challenge to Digital Trust Posed by Disinformation and Synthetic Media

Misinformation and synthetic media fundamentally challenge an organization's digital trust. Attackers are not only compromising systems; as Lowrie stated, “They're also compromising perception,” by deploying psychologically plausible deniability and manipulation.

Cybercriminals strategically use fake personas that can build entirely false reputations. This sophisticated deception causes significant confusion for consumers and stakeholders regarding what can be trusted, what is safe, and what is real. We have seen real-world examples of this from election security to community colleges. For example, recently we have seen fake bots creating students accounts in community colleges and registering for classes, which prevented real students from enrolling. Additionally, we have seen deepfakes weaponized within the music industry.

Real businesses can also be impacted by highly convincing phishing email campaigns, which often pretend to be a legitimate company. Users are becoming so wary that they may mistakenly flag a real business's communications as spam, taking away the business's ability to communicate.

Ultimately, the increasing weaponization of synthetic media leaves many organizations vulnerable to being perceived as something they are not.

When trust in public discourse, scientific consensus, or democratic processes erodes, civic integrity itself is under attack. Cybersecurity can no longer be confined solely to infrastructure and compliance; it must expand its scope to defend societal trust, as Lowrie stated.

Building Resilience through Authenticity

Echoing Lowrie's statement that "Protecting authenticity is no longer merely a technical imperative—it’s a civic necessity," organizations must have strong authenticity protocols to secure their digital trust.

Organizations need to implement frameworks and tools to protect their digital trust in the era of AI-driven attacks. The Confidentiality, Integrity, and Availability (CIA) Triad is a foundational starting point for organizations.

Lowrie detailed the three core elements of the CIA Triad:

• Confidentiality: Ensuring sensitive data is accessible only to authorized individuals.
• Integrity: Ensuring information is accurate, complete, and untampered with.
• Availability: Ensuring systems and services are accessible when needed.

However, as Lowrie mentioned, a crucial "A" for Authenticity is often missing. Authenticity is a security principle that bridges the gap between technical assurance and societal trust. It complements the traditional CIA Triad and can include measures such as:

• Digital signatures to verify the source and integrity of content.
• Strong identity verification to prevent impersonation and fraud.
• Content provenance and traceability, supported by content credentials, to establish origin and context.
• Watermarking and attribution to distinguish the real from the synthetic.

Additional Steps

Lowrie provided more tips on what organizations can do today to protect their digital trust:

• Cross-sector collaboration among technology platforms, government, media, and civil society to combat misinformation, disinformation, and verify sources.
• Development of standards and tools for content provenance, digital watermarking, and authenticity assurance.
• Public education and engagement to raise awareness of digital threats and empower individuals with safeguards.
• Policy and governance frameworks embedding authenticity at the core of digital transformation.

It's important for organizations and users to understand the rising threat landscape of disinformation, misinformation, and the weaponization of synthetic media. Cybersecurity is not just about infrastructure and compliance; it's fundamentally about defending societal trust.