advertisement
The Soviet Union and now Russia under Vladimir Putin have waged a political power struggle against the West for nearly a century. Spreading false and distorted information - called “dezinformatsiya” after the Russian word for “disinformation” - is an age-old strategy for coordinated and sustained influence campaigns that have interrupted the possibility of level-headed political discourse.
Emerging reports that Russian hackers targeted a Democratic senator’s 2018 reelection campaign suggest that what happened in the lead-up to the 2016 presidential election, may be set to recur.
As an ethical hacker, security researcher and data analyst, I have seen firsthand how disinformation is becoming the new focus of cyber attacks.
In a recent talk, I suggested that cyber warfare is no longer just about the technical details of computer ports and protocols.
Rather, disinformation and social media are rapidly becoming the best hacking tools. With social media, anyone - even Russian intelligence officers and professional trolls - can widely publish misleading content.
As legendary hacker Kevin Mitnick put it, “it’s easier to manipulate people rather than techonlogy.”
Cyber security experts in the US knew that the Russian intelligence agencies were conducting these acts of information warfare and cyber warfare, but I doubt they had any idea how comprehensive and integrated they were- until now.
The operation was complex. What is publicly known now is perhaps most easily understood in two pieces, the subjects of separate federal indictments.
First, a billionaire Russian businessman and Putin associate allegedly assembled a network of troll factories: private Russian companies engaging in a massive disinformation campaign.
Their employees posed as Americans, created racially and politically divisive social media groups and pages, and developed fake news articles and commentary to build political animosity within the American public.
Second, the Russian military intelligence agency, known by its Russian acronym as the GRU, allegedly used coordinated hacking to target more than 500 people and institutions in the United States.
The Russian hackers downloaded potentially damaging information and released it to the public via WikiLeaks and under various aliases including “DCLeaks” and “Guccifer 2.0.”
The people involved did not fit the stereotypical picture of internet trolls. One leading Russian troll factory was a company called the Internet Research Agency, reportedly with all the trappings of a real corporation, including a graphics department to create incendiary images, a foreign department dedicated to following political discourse in other countries and an IT department to make sure trolls had reliable computers and internet connections.
Employees, mostly 18 to 20 years old, were paid as much as $2,100 a month for creating fake social media accounts and blogs to distribute disinformation to Americans.
They were employed to take advantage of deepening political polarization in the US. The Russians saw this as an opportunity to stir up conflict - like poking a stick into a beehive.
These trolls were instructed to stir up racial tensions, stage “flash mob” and organize activist campaigns - sometimes announcing events for opposing groups at the same times and locations.
One ex-troll told a Russian independent TV network that his job included writing incendiary comments and creating fake posts on political forums:
“The way you chose to stir up the situation, whether it was commenting [on] the news section or on political forums, it didn’t really matter.”
In 2015, well before the 2016 election, troll-factory network had more than 800 people doing this kind of work, producing propaganda videos, info-graphics, memes, reports, news, interviews and various analytical materials to persuade the public.
America never stood a chance.
It’s no surprise that these Russian trolls spent most of their time on Facebook and Instagram: Two-thirds of Americans get at least some news on social media.
The trolls spread out across both platforms, seeking to encourage conflict on any topic that was getting a lot of attention: immigration, religion, the Black Lives Matter movement and other hot-button issues.
Then, the indictments reveal, the GRU entered this increasingly fraught online political discourse.
Like another significant political scandal, the GRU effort allegedly started with a break-in to Democratic National Committee records - but this time it was a digital burglary. It wasn’t particularly sophisticated, either, using two common hacking techniques, spear-phishing and malicious software.
As the July indictment details, starting in March 2016, Russian military operatives sent a series of fake emails, disguised to look real, to more than 300 people associated with Democratic National Committee, the Democratic Congressional Committee and Hillary Clinton’s presidential campaign.
Around the same time, the Russian hackers allegedly began searching for technical vulnerabilities in the Democratic organizations’ computer networks. They used techniques and specialized malicious software that Russians had used in other hacking efforts, including against the German Parliament and the French television network TV5 Monde.
By April 2016, the hackers had gained access to the Democratic Congressional Campaign Committee systems, exploring servers and secretly extracting sensitive data. They located a Democratic National Committee systems, and thereby got into the Democratic National Committee networks too, extracting more information.
When the Democratic National Committee realized there was unusual data traffic in its systems, the group hired a private cyber security firm, which in June 2016 publicly announces that its investigation had concluded that Russia was behind the hacking. At that point, the Russians allegedly tried to delete traced of their presence on the networks. But they kept all the data they had stolen.
As early as April 2016, the GRU was allegedly trying to use the Democrats’ confidential documents and email messages to stir up political trouble in the US. There is evidence that the Russian government, or people acting on its behalf, offered key people in the Trump campaign damaging information on Clinton.
In July 2016, the indictments say, the GRU began releasing many of the Democrats’ documents and email messages, mainly through WikiLeaks, an internet site dedicated to anonymous publishing of secret information.
All of this effort was, according to the indictments, set up to undermine Hillary Clinton in the eyes of the American public. Putin definitely wanted Trump to win - as the Russian president himself acknowledged while standing next to Trump in Helsinki in July.
Former Russian troll said: “Everything about Hillary Clinton had be negative and you really had to tear into her. It was all about the leaked email, the corruption scandals, and the fact that she is super rich.”
The indictments describe in detail how information warfare and cyber warfare were used as political tools to advance the interests of people in Russia. Something similar may be set to happen in 2018, too.
(This story was first published on The Conversation and has been republished with permission.)
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)
Published: 28 Jul 2018,05:01 PM IST