From: WSJ/MarketWatch

Commentary: Online attackers shred reputations in one post

NEW YORK (MarketWatch) — Companies are so worried about cyber attacks that they’re rushing to buy insurance against it.

According to a report on the news website Mashable, the purchase of cyber insurance is up 33% over last year. And can you blame these companies? They want protection against hacking, security breaches, data leaks, or just plain old vandalism.

But these online attacks don’t begin to articulate the real dangers companies face. A denial of service attack is relatively straightforward. Same with stealing credit card numbers.

What about a blog attack? Is your business or persona or reputation prepared for the damage it can wreak?

Sen. Robert Menendez sure wasn’t ready. The New Jersey Democrat was defenseless against The Daily Caller publishing a story accusing him of patronizing underage prostitutes in the Dominican Republic. He wasn’t prepared for the rest of the media, which relies on and repeats gossip that begins on blogs, to make that story a national scandal.

It didn’t matter that the women had been paid to make up their story (and that they weren’t underage). There was nothing Menendez could do — not when blogs will publish anything that fits their agenda or drives page views.

As Menendez later told the Washington Post : “I don’t know more than what I have read but I do know from the very beginning I have said that nameless, faceless, anonymous sources . . . from the right-wing blogs took this story . . . before an election cycle, attempted to do it then and ultimately drove it into the mainstream press.”

Such attacks can happen to anyone, not just politicians.

In fact, in business the costs might be even higher and more immediate. When the blog Engadget posted a fake email announcing a supposed delay in the release of a new iPhone and Apple /quotes/zigman/68270/quotes/nls/aapl AAPL -2.08% operating system, it knocked more than $4 billion off Apple’s stock price. The Daily Show was blindsided by dubious accusations of sexism by a blogger who was paid by how many page views her post did (it did more than half a million, in fact). When Overstock.com /quotes/zigman/87370/quotes/nls/ostk OSTK -0.96% began losing business due to inaccurate online information or bogus and negative social media chatter, the company actually included the potential risk as a going concern in its 10-K filing with the SEC.

Soft targets

The threat is growing bolder, as we saw when the French yogurt giant Danone /quotes/zigman/163487 FR:BN +0.87% was approached by Fernando Motolese, a video producer in Brazil, with two hypothetical videos. One, he said, was a fun spoof of their yogurt, which was billed as improving digestive health and other bodily functions. The other, he said, was a disgusting version of the first video, with all the scatological images implied. Motolese said he might be more inclined to release the first version if Danone was willing to pay him a fee each time it was seen.

How is that any different than a hacker threatening to release customer data or taking a company’s website down unless they’re paid off?

It’s a media attack — but it’s cyber driven all the same.

The threat is everywhere. The risk of being blindsided by a false controversy, or crucified unfairly for some misconstrued remark, hovers over everyone in the public sphere. Employees, good, bad, or disgruntled and desperate for money, know that they have the means to massively embarrass their employers with well-placed accusations of mistreatment or harassment. People know that going to a blog like Consumerist is the fastest way to get revenge for any perceived customer-service slight. Millions of eyes are watching — incentivized to demagogue their way to a traffic payday.

We know how to defend against attacks on technology. Those are hard assets. Companies have highly trained teams designed to respond to and repair any damage. But softer assets remain vulnerable. Reputation, brand perception, and your company’s narrative are susceptible to blogs and social media that deal in lies and outrage and rumors — all with incredible speed.

In fact, these purveyors thrive on such headline-generating information. One study found that “untrue” tweets spread faster than corrections ever can. That means an unstable customer or an unethical competitor could kick off a massively viral but entirely false claim about your business tomorrow.

And there’s little you can do about it.

At any time, a deep hole could be drilled by blogs, Twitter or You Tube that a company must pay to fill in. Irreparable damage can be wrought on the business you worked so hard to build. And depending on the intentions of the person who did it, they may also ask to be paid to not dig anymore.

When the online news cycle is driven decided not by what is important but by what readers are clicking; when the cycle is so fast that the news cannot be anything but consistently and regularly incomplete; when dubious scandals pressure politicians to resign and scuttle election bids or knock millions from the market value of publicly traded companies; when the news frequently covers itself in stories about how the story unfolded — we’re all exposed to the cost.

There is no insurance for that. But perhaps there should be.

Ryan Holiday is the author of  Trust Me I’m Lying: Confessions of a Media Manipulator and a PR strategist for brands and writers.