Group items tagged

The combatants view this as a Hobbesian information war of all against all and a tactical arms race; the other side sees it as a peacetime civil governance problem.

Our most technically-competent agencies are prevented from finding and countering influence operations because of the concern that they might inadvertently engage with real U.S. citizens as they target Russia’s digital illegals and ISIS’ recruiters. This capability gap is eminently exploitable; why execute a lengthy, costly, complex attack on the power grid when there is relatively no cost, in terms of dollars as well as consequences, to attack a society’s ability to operate with a shared epistemology? This leaves us in a terrible position, because there are so many more points of failure

Cyberwar, most people thought, would be fought over infrastructure — armies of state-sponsored hackers and the occasional international crime syndicate infiltrating networks and exfiltrating secrets, or taking over critical systems. That’s what governments prepared and hired for; it’s what defense and intelligence agencies got good at. It’s what CSOs built their teams to handle. But as social platforms grew, acquiring standing audiences in the hundreds of millions and developing tools for precision targeting and viral amplification, a variety of malign actors simultaneously realized that there was another way. They could go straight for the people, easily and cheaply. And that’s because influence operations can, and do, impact public opinion. Adversaries can target corporate entities and transform the global power structure by manipulating civilians and exploiting human cognitive vulnerabilities at scale. Even actual hacks are increasingly done in service of influence operations: stolen, leaked emails, for example, were profoundly effective at shaping a national narrative in the U.S. election of 2016.

The substantial time and money spent on defense against critical-infrastructure hacks is one reason why poorly-resourced adversaries choose to pursue a cheap, easy, low-cost-of-failure psy-ops war instead

Information war combatants have certainly pursued regime change: there is reasonable suspicion that they succeeded in a few cases (Brexit) and clear indications of it in others (Duterte). They’ve targeted corporations and industries. And they’ve certainly gone after mores: social media became the main battleground for the culture wars years ago, and we now describe the unbridgeable gap between two polarized Americas using technological terms like filter bubble. But ultimately the information war is about territory — just not the geographic kind. In a warm information war, the human mind is the territory. If you aren’t a combatant, you are the territory. And once a combatant wins over a sufficient number of minds, they have the power to influence culture and society, policy and politics.

This shift from targeting infrastructure to targeting the minds of civilians was predictable. Theorists  like Edward Bernays, Hannah Arendt, and Marshall McLuhan saw it coming decades ago. As early as 1970, McLuhan wrote, in Culture is our Business, “World War III is a guerrilla information war with no division between military and civilian participation.”

The 2014-2016 influence operation playbook went something like this: a group of digital combatants decided to push a specific narrative, something that fit a long-term narrative but also had a short-term news hook. They created content: sometimes a full blog post, sometimes a video, sometimes quick visual memes. The content was posted to platforms that offer discovery and amplification tools. The trolls then activated collections of bots and sockpuppets to blanket the biggest social networks with the content. Some of the fake accounts were disposable amplifiers, used mostly to create the illusion of popular consensus by boosting like and share counts. Others were highly backstopped personas run by real human beings, who developed standing audiences and long-term relationships with sympathetic influencers and media; those accounts were used for precision messaging with the goal of reaching the press. Israeli company Psy Group marketed precisely these services to the 2016 Trump Presidential campaign; as their sales brochure put it, “Reality is a Matter of Perception”.

If an operation is effective, the message will be pushed into the feeds of sympathetic real people who will amplify it themselves. If it goes viral or triggers a trending algorithm, it will be pushed into the feeds of a huge audience. Members of the media will cover it, reaching millions more. If the content is false or a hoax, perhaps there will be a subsequent correction article – it doesn’t matter, no one will pay attention to it.

Combatants are now focusing on infiltration rather than automation: leveraging real, ideologically-aligned people to inadvertently spread real, ideologically-aligned content instead. Hostile state intelligence services in particular are now increasingly adept at operating collections of human-operated precision personas, often called sockpuppets, or cyborgs, that will escape punishment under the the bot laws. They will simply work harder to ingratiate themselves with real American influencers, to join real American retweet rings. If combatants need to quickly spin up a digital mass movement, well-placed personas can rile up a sympathetic subreddit or Facebook Group populated by real people, hijacking a community in the way that parasites mobilize zombie armies.

Attempts to legislate away 2016 tactics primarily have the effect of triggering civil libertarians, giving them an opportunity to push the narrative that regulators just don’t understand technology, so any regulation is going to be a disaster.

The entities best suited to mitigate the threat of any given emerging tactic will always be the platforms themselves, because they can move fast when so inclined or incentivized. The problem is that many of the mitigation strategies advanced by the platforms are the information integrity version of greenwashing; they’re a kind of digital security theater, the TSA of information warfare

Algorithmic distribution systems will always be co-opted by the best resourced or most technologically capable combatants. Soon, better AI will rewrite the playbook yet again — perhaps the digital equivalent of  Blitzkrieg in its potential for capturing new territory. AI-generated audio and video deepfakes will erode trust in what we see with our own eyes, leaving us vulnerable both to faked content and to the discrediting of the actual truth by insinuation. Authenticity debates will commandeer media cycles, pushing us into an infinite loop of perpetually investigating basic facts. Chronic skepticism and the cognitive DDoS will increase polarization, leading to a consolidation of trust in distinct sets of right and left-wing authority figures – thought oligarchs speaking to entirely separate groups

platforms aren’t incentivized to engage in the profoundly complex arms race against the worst actors when they can simply point to transparency reports showing that they caught a fair number of the mediocre actors

What made democracies strong in the past — a strong commitment to free speech and the free exchange of ideas — makes them profoundly vulnerable in the era of democratized propaganda and rampant misinformation. We are (rightfully) concerned about silencing voices or communities. But our commitment to free expression makes us disproportionately vulnerable in the era of chronic, perpetual information war. Digital combatants know that once speech goes up, we are loathe to moderate it; to retain this asymmetric advantage, they push an all-or-nothing absolutist narrative that moderation is censorship, that spammy distribution tactics and algorithmic amplification are somehow part of the right to free speech.

We need an understanding of free speech that is hardened against the environment of a continuous warm war on a broken information ecosystem. We need to defend the fundamental value from itself becoming a prop in a malign narrative.

Unceasing information war is one of the defining threats of our day. This conflict is already ongoing, but (so far, in the United States) it’s largely bloodless and so we aren’t acknowledging it despite the huge consequences hanging in the balance. It is as real as the Cold War was in the 1960s, and the stakes are staggeringly high: the legitimacy of government, the persistence of societal cohesion, even our ability to respond to the impending climate crisis.

Influence operations exploit divisions in our society using vulnerabilities in our information ecosystem. We have to move away from treating this as a problem of giving people better facts, or stopping some Russian bots, and move towards thinking about it as an ongoing battle for the integrity of our information infrastructure – easily as critical as the integrity of our financial markets.

The video ends by displaying a future vision of Russian expansion that includes most of Europe (notably not Turkey), the Middle East and Asia

According to Nox Influencer, Bright Side alone is earning between $314,010 and 971,950 monthly, and 5-Minute Crafts is earning between $576,640 and $1,780,000 monthly through YouTube partner earning estimates. As a privately held company, TheSoul Publishing doesn’t have to disclose its earnings. But all the Cypriot-managed company has to do to earn money from YouTube is meet viewing thresholds and have an AdSense account. AdSense, a Google product, just requires that a company have a bank account, an email address and a phone number. To monetize to this magnitude of revenue, YouTube may have also collected tax information, if TheSoul Publishing organization is conducting what it defines as “U.S. activities.” It’s also possible that YouTube verified a physical address by sending a pin mailer.

According to publicly available information from the YouTube channels themselves—information provided to YouTube by the people who set up and operate the channels at TheSoul Publishing—as of August 2019, 21 of the 35 channels connected to TheSoul Publishing claim to be based in the U.S. Ten of the channels had no country listed. Zodiac Maniac was registered in the U.K, though TheSoul Publishing emphasizes that all of its operations are run out of Cyprus.

 Now I’ve Seen Everything was the only channel registered in the Russian Federation. That channel has more than 400 million views, which, according to the analytics tool Nox Influencer, come from a range of countries, including Russia and Eastern European and Central Asian countries—despite being an English-language channel

In another video on Smart Banana, which has more than 1 million views, the titular banana speculates on “12 Countries That May Not Survive the Next 20 Years”—including the United States, which the video argues may collapse because of political infighting and diverse political viewpoints

Facebook pages are not a direct way to increase profit unless a company is actively marketing merchandise or sales, which TheSoul Publishing does not appear to do. The pages coordinate posting, so one post will often appear on a number of different pages. To a digital advertiser, this makes perfect sense as a way to increase relevance and visibility, but it’s far from obvious what TheSoul Publishing might be advertising. Likewise, there’s no obvious financial benefit to posting original videos within Facebook. The company did not meaningfully clarify its Facebook strategy in response to questions on the subject.

Facebook forbids what it describes as “coordinated inauthentic behavior,” as its head of cybersecurity describes in this video. While TheSoul’s Publishing’s behavior is clearly coordinated, it is unclear that any of its behavior is inauthentic based on information I have reviewed.

One thing that TheSoul is definitely doing on Facebook, however, is buying ads—and, at least sometimes, it’s doing so in rubles on issues of national importance, targeting audiences in the United States. The page Bright Side has 44 million followers and currently lists no account administrators located in the United States, but as of Aug. 8, 2019, it had them in Cyprus, Russia, the United Kingdom, El Salvador, India, Ukraine and in locations “Not Available.” It used Facebook to post six political advertisements paid for in the Russian currency.

the point here is not that the ad buy is significant in and of itself. The point, rather, is that the company has developed a massive social media following and has a history of at least experimenting with distributing both pro-Russian and paid political content to that following

TheSoul’s political ads included the one below. The advertisement pushes viewers to an article about how “wonderful [it is] that Donald Trump earns less in a year than you do in a month.” The advertisement reached men, women, and people of unknown genders over the ages of 18, and began running on May 15, 2018. TheSoul Publishing spent less than a dollar on this advertisement, raising the question: why bother advertising at all?