Group items tagged

The combatants view this as a Hobbesian information war of all against all and a tactical arms race; the other side sees it as a peacetime civil governance problem.

Information war combatants have certainly pursued regime change: there is reasonable suspicion that they succeeded in a few cases (Brexit) and clear indications of it in others (Duterte). They’ve targeted corporations and industries. And they’ve certainly gone after mores: social media became the main battleground for the culture wars years ago, and we now describe the unbridgeable gap between two polarized Americas using technological terms like filter bubble. But ultimately the information war is about territory — just not the geographic kind. In a warm information war, the human mind is the territory. If you aren’t a combatant, you are the territory. And once a combatant wins over a sufficient number of minds, they have the power to influence culture and society, policy and politics.

Cyberwar, most people thought, would be fought over infrastructure — armies of state-sponsored hackers and the occasional international crime syndicate infiltrating networks and exfiltrating secrets, or taking over critical systems. That’s what governments prepared and hired for; it’s what defense and intelligence agencies got good at. It’s what CSOs built their teams to handle. But as social platforms grew, acquiring standing audiences in the hundreds of millions and developing tools for precision targeting and viral amplification, a variety of malign actors simultaneously realized that there was another way. They could go straight for the people, easily and cheaply. And that’s because influence operations can, and do, impact public opinion. Adversaries can target corporate entities and transform the global power structure by manipulating civilians and exploiting human cognitive vulnerabilities at scale. Even actual hacks are increasingly done in service of influence operations: stolen, leaked emails, for example, were profoundly effective at shaping a national narrative in the U.S. election of 2016.

The substantial time and money spent on defense against critical-infrastructure hacks is one reason why poorly-resourced adversaries choose to pursue a cheap, easy, low-cost-of-failure psy-ops war instead

Our most technically-competent agencies are prevented from finding and countering influence operations because of the concern that they might inadvertently engage with real U.S. citizens as they target Russia’s digital illegals and ISIS’ recruiters. This capability gap is eminently exploitable; why execute a lengthy, costly, complex attack on the power grid when there is relatively no cost, in terms of dollars as well as consequences, to attack a society’s ability to operate with a shared epistemology? This leaves us in a terrible position, because there are so many more points of failure

This shift from targeting infrastructure to targeting the minds of civilians was predictable. Theorists  like Edward Bernays, Hannah Arendt, and Marshall McLuhan saw it coming decades ago. As early as 1970, McLuhan wrote, in Culture is our Business, “World War III is a guerrilla information war with no division between military and civilian participation.”

The 2014-2016 influence operation playbook went something like this: a group of digital combatants decided to push a specific narrative, something that fit a long-term narrative but also had a short-term news hook. They created content: sometimes a full blog post, sometimes a video, sometimes quick visual memes. The content was posted to platforms that offer discovery and amplification tools. The trolls then activated collections of bots and sockpuppets to blanket the biggest social networks with the content. Some of the fake accounts were disposable amplifiers, used mostly to create the illusion of popular consensus by boosting like and share counts. Others were highly backstopped personas run by real human beings, who developed standing audiences and long-term relationships with sympathetic influencers and media; those accounts were used for precision messaging with the goal of reaching the press. Israeli company Psy Group marketed precisely these services to the 2016 Trump Presidential campaign; as their sales brochure put it, “Reality is a Matter of Perception”.

There’s very little incentive not to try everything: this is a revolution that is being A/B tested.

Combatants are now focusing on infiltration rather than automation: leveraging real, ideologically-aligned people to inadvertently spread real, ideologically-aligned content instead. Hostile state intelligence services in particular are now increasingly adept at operating collections of human-operated precision personas, often called sockpuppets, or cyborgs, that will escape punishment under the the bot laws. They will simply work harder to ingratiate themselves with real American influencers, to join real American retweet rings. If combatants need to quickly spin up a digital mass movement, well-placed personas can rile up a sympathetic subreddit or Facebook Group populated by real people, hijacking a community in the way that parasites mobilize zombie armies.

Attempts to legislate away 2016 tactics primarily have the effect of triggering civil libertarians, giving them an opportunity to push the narrative that regulators just don’t understand technology, so any regulation is going to be a disaster.

The entities best suited to mitigate the threat of any given emerging tactic will always be the platforms themselves, because they can move fast when so inclined or incentivized. The problem is that many of the mitigation strategies advanced by the platforms are the information integrity version of greenwashing; they’re a kind of digital security theater, the TSA of information warfare

Algorithmic distribution systems will always be co-opted by the best resourced or most technologically capable combatants. Soon, better AI will rewrite the playbook yet again — perhaps the digital equivalent of  Blitzkrieg in its potential for capturing new territory. AI-generated audio and video deepfakes will erode trust in what we see with our own eyes, leaving us vulnerable both to faked content and to the discrediting of the actual truth by insinuation. Authenticity debates will commandeer media cycles, pushing us into an infinite loop of perpetually investigating basic facts. Chronic skepticism and the cognitive DDoS will increase polarization, leading to a consolidation of trust in distinct sets of right and left-wing authority figures – thought oligarchs speaking to entirely separate groups

platforms aren’t incentivized to engage in the profoundly complex arms race against the worst actors when they can simply point to transparency reports showing that they caught a fair number of the mediocre actors

What made democracies strong in the past — a strong commitment to free speech and the free exchange of ideas — makes them profoundly vulnerable in the era of democratized propaganda and rampant misinformation. We are (rightfully) concerned about silencing voices or communities. But our commitment to free expression makes us disproportionately vulnerable in the era of chronic, perpetual information war. Digital combatants know that once speech goes up, we are loathe to moderate it; to retain this asymmetric advantage, they push an all-or-nothing absolutist narrative that moderation is censorship, that spammy distribution tactics and algorithmic amplification are somehow part of the right to free speech.

We need an understanding of free speech that is hardened against the environment of a continuous warm war on a broken information ecosystem. We need to defend the fundamental value from itself becoming a prop in a malign narrative.

Unceasing information war is one of the defining threats of our day. This conflict is already ongoing, but (so far, in the United States) it’s largely bloodless and so we aren’t acknowledging it despite the huge consequences hanging in the balance. It is as real as the Cold War was in the 1960s, and the stakes are staggeringly high: the legitimacy of government, the persistence of societal cohesion, even our ability to respond to the impending climate crisis.

Influence operations exploit divisions in our society using vulnerabilities in our information ecosystem. We have to move away from treating this as a problem of giving people better facts, or stopping some Russian bots, and move towards thinking about it as an ongoing battle for the integrity of our information infrastructure – easily as critical as the integrity of our financial markets.

surveillance techniques taught by the NSA were central to the UAE’s efforts to monitor opponents

Various reports have highlighted the ongoing cyber arms race in the Middle East, as the Emirates and other nations attempt to sweep up hacking weapons and personnel faster than their rivals. The Reuters investigation is the first to reveal the existence of Project Raven, providing a rare inside account of state hacking operations usually shrouded in secrecy and denials.

While this activity raises ethical dilemmas, U.S. national security lawyers say the laws guiding what American intelligence contractors can do abroad are murky. Though it’s illegal to share classified information, there is no specific law that bars contractors from sharing more general spycraft knowhow, such as how to bait a target with a virus-laden email.

The hacking of Americans was a tightly held secret even within Raven, with those operations led by Emiratis instead. Stroud’s account of the targeting of Americans was confirmed by four other former operatives and in emails reviewed by Reuters.

Stroud had already made the switch from government employee to Booz Allen contractor, essentially performing the same NSA job at higher pay. Taking a job with CyberPoint would fulfill a lifelong dream of deploying to the Middle East and doing so at a lucrative salary. Many analysts, like Stroud, were paid more than $200,000 a year, and some managers received salaries and compensation above $400,000.

Providing sensitive defense technologies or services to a foreign government generally requires special licenses from the U.S. State and Commerce Departments. Both agencies declined to comment on whether they issued such licenses to CyberPoint for its operations in the UAE. They added that human rights considerations figure into any such approvals.

“Some days it was hard to swallow, like [when you target] a 16-year-old kid on Twitter,” she said. “But it’s an intelligence mission, you are an intelligence operative. I never made it personal.”

the program took aim not just at terrorists and foreign government agencies, but also dissidents and human rights activists. The Emiratis categorized them as national security targets

Emirati security forces viewed human rights advocates as a major threat to “national stability,”

Reached by phone in London, Donaghy, now a graduate student pursuing Arab studies, expressed surprise he was considered a top national security target for five years. Donaghy confirmed he was targeted using the techniques described in the documents. “I’m glad my partner is sitting here as I talk on the phone because she wouldn’t believe it,” he said. Told the hackers were American mercenaries working for the UAE, Donaghy, a British citizen, expressed surprise and disgust. “It feels like a betrayal of the alliance we have,” he said.

Mansoor was convicted in a secret trial in 2017 of damaging the country’s unity and sentenced to 10 years in jail. He is now held in solitary confinement, his health declining, a person familiar with the matter said. Mansoor’s wife, Nadia, has lived in social isolation in Abu Dhabi. Neighbors are avoiding her out of fear security forces are watching. They are correct. By June 2017 Raven had tapped into her mobile device and given her the code name Purple Egret, program documents reviewed by Reuters show. To do so, Raven utilized a powerful new hacking tool called Karma, which allowed operatives to break into the iPhones of users around the world.

Karma was particularly potent because it did not require a target to click on any link to download malicious software. The operatives understood the hacking tool to rely on an undisclosed vulnerability in Apple’s iMessage text messaging software. In 2016 and 2017, it would be used against hundreds of targets across the Middle East and Europe, including governments of Qatar, Yemen, Iran and Turkey, documents show. Raven used Karma to hack an iPhone used by the Emir of Qatar, Sheikh Tamim bin Hamad al-Thani, as well as the phones of close associates and his brother.

the UAE has been accused of suppressing free speech, detaining dissidents and other abuses by groups such as Human Rights Watch. The UAE says it is working closely with Washington to fight extremism “beyond the battlefield” and is promoting efforts to counter the “root causes” of radical violence. Raven’s targets eventually would include militants in Yemen, foreign adversaries such as Iran, Qatar and Turkey, and individuals who criticized the monarchy, said Stroud and eight other former Raven operatives. Their accounts were confirmed by hundreds of Raven program documents reviewed by Reuters.

But a 2014 State Department agreement with CyberPoint showed Washington understood the contractors were helping launch cyber surveillance operations for the UAE. The approval document explains CyberPoint’s contract is to work alongside NESA in the “protection of UAE sovereignty” through “collection of information from communications systems inside and outside the UAE” and “surveillance analysis.”

“It was incredible because there weren’t these limitations like there was at the NSA. There wasn’t that bullshit red tape,”

Under DarkMatter, Project Raven continued to operate in Abu Dhabi from the Villa, but pressure escalated for the program to become more aggressive. Before long, senior NESA officers were given more control over daily functions, former Raven operatives said, often leaving American managers out of the loop. By mid-2016, the Emirates had begun making an increasing number of sections of Raven hidden from the Americans still managing day-to-day operations. Soon, an “Emirate-eyes only” designation appeared for some hacking targets.

Stroud began searching a targeting request list usually limited to Raven’s Emirati staff, which she was still able to access because of her role as lead analyst. She saw that security forces had sought surveillance against two other Americans. When she questioned the apparent targeting of Americans, she received a rebuke from an Emirati colleague for accessing the targeting list, the emails show. The target requests she viewed were to be processed by “certain people. You are not one of them,” the Emirati officer wrote.

Days later, Stroud said she came upon three more American names on the hidden targeting queue.

occupations were listed: journalist

When Stroud kept raising questions, she said, she was put on leave by superiors, her phones and passport were taken, and she was escorted from the building. Stroud said it all happened so quickly she was unable to recall the names of the three U.S. journalists or other Americans she came across in the files. “I felt like one of those national security targets,” she said. “I’m stuck in the country, I’m being surveilled, I can’t leave.” After two months, Stroud was allowed to return to America. Soon after, she fished out the business card of the FBI agents who had confronted her at the airport. “I don’t think Americans should be doing this to other Americans,” she told Reuters. “I’m a spy, I get that. I’m an intelligence officer, but I’m not a bad one.”

the United States needs a dramatic overhaul to adapt to the global threats of the 21st century, which should include moving away from military engagement and toward international cooperation on issues from peacekeeping to greenhouse gas reduction to global health to banking reform. Such an overhaul should also include cutting the defense budget in half by 2035, and perhaps even getting rid of the Pentagon itself.

one big, underappreciated reason for declining interstate war is that it doesn’t pay. Through most of history, global power and wealth have been determined by control of people, land and resources. Wars were fought over bodies and territory in zero-sum conflicts in which the victor took the spoils. Caesar was considered a Roman hero because he brought as many as 1 million slaves back from his Gallic wars alone. And as late as World War II, physical resources were still a key concern—Japan’s need for oil, Germany’s desire for Lebensraum (“living space”).

The World Bank estimates that nearly two thirds of global wealth is intangible—inventions such as the internal combustion engine or the solar panel that allow people to produce more power with less resources than older technologies, institutions including systems of property rights and education—leaving only around a third to be accounted for by built infrastructure, land and natural resources combined. Only in poorer countries are natural resources a large proportion of total wealth

the technological underpinnings of high productivity, such as the engines and solar panels and property rights, are “non-rival”—we don’t have to fight for them. If I occupy land, you cannot. If I use the technology of the internal combustion engine or double-entry bookkeeping, you can use it at the same time. In fact, if we both use the same technologies, we both benefit even more.

land and resources simply aren’t worth the cost of the fight for successful economies. And that helps to explain why the conflict that remains is increasingly concentrated in poorer countries where natural resources are still relatively important, especially in sub-Saharan Africa

The low returns of war may also help to explain the limited military ambitions of China, which has the world’s second-largest defense budget—about 40 percent the size of America’s. While China clearly wants dominance in the South China Sea, the country has only two aircraft carriers—one of which is a secondhand boat left over from the days of the Soviet Union. It conducts bomber flights in international waters, but the two warships are limited to the same area. And it spends a smaller percentage of its gross domestic product on the military than does the United States: 1.9 percent compared with America’s 3.2 percent. China’s recent success has been built on global connections that have left it the world’s largest trading nation. A world war would tear apart those connections

the United States retains a massive global military advantage, responsible for one out of every three dollars spent on defense worldwide and outspending the countries with the next seven biggest military budgets combined. But while that ensures dominance at confrontation on the battlefield, it is not so useful for the kind of conflicts the world still fights, dominated by guerrilla warfare. That is demonstrated by America’s not-winning streak over the past seven decades in civil conflict: Korea, Vietnam, Afghanistan and Iraq. The “Global War on Terror” drags on; the two countries suffering the most terror attacks in the world are also the two countries the United States has invaded in the past 20 years.

This low efficacy of the Department of Defense is primarily because the military is limited in its ability to keep the peace in countries where much of the population doesn’t want it there at a cost in lives, finance and time that is acceptable to U.S. voters and lawmakers.

Rising productivity has increased carbon emissions and other pressures on global sustainability. Connectivity leaves people worldwide more exposed to threats from elsewhere including viruses real and virtual alongside financial contagion. These new national security challenges require a collective response: We can’t bomb our way out of climate change or financial crises—we have to cooperate through international organizations, agreements and the shared financial incentives for signing on to them.

The total number of people working in the Department of Defense itself (none of whom are in the field actually defending or deterring war) climbed from 140,000 in 2002 to just shy of 200,000 in 2012. Nearly three-quarters of a million civilian federal employees work for the Defense Department—add in the Department of Veterans Affairs and that’s about half of the total civilian federal workforce

an institution that was recently declared simply unauditable due to complexity, failed systems and missing records—this after a $400 million effort involving over 1,200 auditors

Retired Lieutenant General David Barno and colleagues from the Center for a New American Security have listed seven “deadly sins” of defense spending in a recent report, ranging from redundant overhead through inefficient procurement systems to excess infrastructure to a bloated retirement system that could generate annual savings of $49 billion if rectified. If that sounds too large to be plausible, in 2015, the Department of Defense itself reported administrative waste and excess bureaucracy cost the institution an annual $25 billion.

A budget cut to 1.5 times the military spending of our nearest competitor (China) would free up about $150 billion of the current $649 billion in U.S. spending (as reported by the World Bank). Taking $100 billion of that and adding it to the U.S. overseas development assistance budget would also bring the U.S. aid ratio up to 0.7 percent of gross national Income—the U.N. target.

over 10 years, the United States could move toward 2 percent of GDP going to defense, down from today’s 3.2 percent—that’s the target set for NATO as a whole back in 2006. And perhaps in 15 years, U.S. military spending could reach the current global median: 1.5 percent of GDP

Each American citizen—man, woman and child—currently pays an average of $1,983 a year to the Department of Defense. Over an average lifetime, that adds up to $156,000 per person. It is a simply incredible sum for a country at zero risk of invasion and with a reasonable aversion to violent territorial expansion

The video ends by displaying a future vision of Russian expansion that includes most of Europe (notably not Turkey), the Middle East and Asia

In another video on Smart Banana, which has more than 1 million views, the titular banana speculates on “12 Countries That May Not Survive the Next 20 Years”—including the United States, which the video argues may collapse because of political infighting and diverse political viewpoints

According to publicly available information from the YouTube channels themselves—information provided to YouTube by the people who set up and operate the channels at TheSoul Publishing—as of August 2019, 21 of the 35 channels connected to TheSoul Publishing claim to be based in the U.S. Ten of the channels had no country listed. Zodiac Maniac was registered in the U.K, though TheSoul Publishing emphasizes that all of its operations are run out of Cyprus.

the point here is not that the ad buy is significant in and of itself. The point, rather, is that the company has developed a massive social media following and has a history of at least experimenting with distributing both pro-Russian and paid political content to that following

According to Nox Influencer, Bright Side alone is earning between $314,010 and 971,950 monthly, and 5-Minute Crafts is earning between $576,640 and $1,780,000 monthly through YouTube partner earning estimates. As a privately held company, TheSoul Publishing doesn’t have to disclose its earnings. But all the Cypriot-managed company has to do to earn money from YouTube is meet viewing thresholds and have an AdSense account. AdSense, a Google product, just requires that a company have a bank account, an email address and a phone number. To monetize to this magnitude of revenue, YouTube may have also collected tax information, if TheSoul Publishing organization is conducting what it defines as “U.S. activities.” It’s also possible that YouTube verified a physical address by sending a pin mailer.

Facebook pages are not a direct way to increase profit unless a company is actively marketing merchandise or sales, which TheSoul Publishing does not appear to do. The pages coordinate posting, so one post will often appear on a number of different pages. To a digital advertiser, this makes perfect sense as a way to increase relevance and visibility, but it’s far from obvious what TheSoul Publishing might be advertising. Likewise, there’s no obvious financial benefit to posting original videos within Facebook. The company did not meaningfully clarify its Facebook strategy in response to questions on the subject.

Facebook forbids what it describes as “coordinated inauthentic behavior,” as its head of cybersecurity describes in this video. While TheSoul’s Publishing’s behavior is clearly coordinated, it is unclear that any of its behavior is inauthentic based on information I have reviewed.

One thing that TheSoul is definitely doing on Facebook, however, is buying ads—and, at least sometimes, it’s doing so in rubles on issues of national importance, targeting audiences in the United States. The page Bright Side has 44 million followers and currently lists no account administrators located in the United States, but as of Aug. 8, 2019, it had them in Cyprus, Russia, the United Kingdom, El Salvador, India, Ukraine and in locations “Not Available.” It used Facebook to post six political advertisements paid for in the Russian currency.

 Now I’ve Seen Everything was the only channel registered in the Russian Federation. That channel has more than 400 million views, which, according to the analytics tool Nox Influencer, come from a range of countries, including Russia and Eastern European and Central Asian countries—despite being an English-language channel

TheSoul’s political ads included the one below. The advertisement pushes viewers to an article about how “wonderful [it is] that Donald Trump earns less in a year than you do in a month.” The advertisement reached men, women, and people of unknown genders over the ages of 18, and began running on May 15, 2018. TheSoul Publishing spent less than a dollar on this advertisement, raising the question: why bother advertising at all?

countries include Russia, China, Iran and North Korea — which are mentioned directly in the document — but the finding potentially applies to others as well

offensive cyber operations with the aim of producing disruption — like cutting off electricity or compromising an intelligence operation by dumping documents online — as well as destruction, similar to the U.S.-Israeli 2009 Stuxnet attack, which destroyed centrifuges that Iran used to enrich uranium gas for its nuclear program

freed the agency to conduct disruptive operations against organizations that were largely off limits previously, such as banks and other financial institutions

it lessened the evidentiary requirements that limited the CIA’s ability to conduct covert cyber operations against entities like media organizations, charities, religious institutions or businesses believed to be working on behalf of adversaries’ foreign intelligence services, as well as individuals affiliated with these organizations

“as long as you can show that it vaguely looks like the charity is working on behalf of that government, then you’re good.”

Since the finding was signed two years ago, the agency has carried out at least a dozen operations that were on its wish list, according to this former official. “This has been a combination of destructive things — stuff is on fire and exploding — and also public dissemination of data: leaking or things that look like leaking.” 

critics, including some former U.S. officials, see a potentially dangerous attenuation of intelligence oversight, which could have unintended consequences and even put people’s lives at risk

“Our government is basically turning into f****ing WikiLeaks, [using] secure communications on the dark web with dissidents, hacking and dumping,”

senior Trump officials weren’t interested in retaliating against Russia for the election interference

“Trump came in and way overcorrected,” said a former official. Covert cyber operations that in the past would have been rigorously vetted through the NSC, with sometimes years-long gaps between formulation and execution, now go “from idea to approval in weeks,” said the former official. 

an unknown group in March 2019 posted on the internet chat platform Telegram the names, addresses, phone numbers and photos of Iranian intelligence officers allegedly involved in hacking operations, as well as hacking tools used by Iranian intelligence operatives. That November, the details of 15 million debit cards for customers of three Iranian banks linked to Iran’s Islamic Revolutionary Guard Corps were also dumped on Telegram.Although sources wouldn’t say if the CIA was behind those Iran breaches, the finding’s expansion of CIA authorities to target financial institutions, such as an operation to leak bank card data, represents a significant escalation in U.S. cyber operations

These were operations the “CIA always knew were an option, but were always a bridge too far," said a former official. “They had been bandied about at senior levels for a long time, but cooler heads had always prevailed." 

“It was obvious that destabilization was the plan on Iran,”

Neither these two Iran-related findings, nor the new cyber finding, mention regime change as a stated goal, according to former officials. Over time, however, the CIA and other national security officials have interpreted the first two Iran findings increasingly broadly, with covert activities evolving from their narrow focus on stopping Tehran’s nuclear program, they said. The Iran findings have been subject to “classic mission creep,” said one former official.

“We’re playing semantics — destabilization is functionally the same thing as regime change. It’s a deniability issue,”

The CIA’s “deconfliction is poor, they’re not keeping people in the loop on what their cyber operations are,”

This more permissive environment may also intensify concerns about the CIA’s ability to secure its hacking arsenal. In 2017, WikiLeaks published a large cache of CIA hacking tools known as “Vault 7.” The leak, which a partially declassified CIA assessment called “the largest data loss in CIA history,” was made possible by “woefully lax” security practices at the CIA’s top hacker unit, the assessment said.

Removing NSC oversight of covert operations is a significant departure from recent history, according to Eatinger. “I would look at the intel community as the same as the military in that there should be civilian control of big decisions — who to go to war against, who to launch an attack against, who to fight a particular battle,” he said. “It makes sense that you would have that kind of civilian or non-intelligence civilian leadership for activities as sensitive as covert action.”

“People thought, ‘Hey, George W. Bush will sign this,’ but he didn’t,” said a former official. CIA officials then believed, “‘Obama will sign it.’ Then he didn’t.”“Then Trump came in, and CIA thought he wouldn’t sign,” recalled this official. “But he did.”