Group items tagged

The combatants view this as a Hobbesian information war of all against all and a tactical arms race; the other side sees it as a peacetime civil governance problem.

Information war combatants have certainly pursued regime change: there is reasonable suspicion that they succeeded in a few cases (Brexit) and clear indications of it in others (Duterte). They’ve targeted corporations and industries. And they’ve certainly gone after mores: social media became the main battleground for the culture wars years ago, and we now describe the unbridgeable gap between two polarized Americas using technological terms like filter bubble. But ultimately the information war is about territory — just not the geographic kind. In a warm information war, the human mind is the territory. If you aren’t a combatant, you are the territory. And once a combatant wins over a sufficient number of minds, they have the power to influence culture and society, policy and politics.

Cyberwar, most people thought, would be fought over infrastructure — armies of state-sponsored hackers and the occasional international crime syndicate infiltrating networks and exfiltrating secrets, or taking over critical systems. That’s what governments prepared and hired for; it’s what defense and intelligence agencies got good at. It’s what CSOs built their teams to handle. But as social platforms grew, acquiring standing audiences in the hundreds of millions and developing tools for precision targeting and viral amplification, a variety of malign actors simultaneously realized that there was another way. They could go straight for the people, easily and cheaply. And that’s because influence operations can, and do, impact public opinion. Adversaries can target corporate entities and transform the global power structure by manipulating civilians and exploiting human cognitive vulnerabilities at scale. Even actual hacks are increasingly done in service of influence operations: stolen, leaked emails, for example, were profoundly effective at shaping a national narrative in the U.S. election of 2016.

The substantial time and money spent on defense against critical-infrastructure hacks is one reason why poorly-resourced adversaries choose to pursue a cheap, easy, low-cost-of-failure psy-ops war instead

Our most technically-competent agencies are prevented from finding and countering influence operations because of the concern that they might inadvertently engage with real U.S. citizens as they target Russia’s digital illegals and ISIS’ recruiters. This capability gap is eminently exploitable; why execute a lengthy, costly, complex attack on the power grid when there is relatively no cost, in terms of dollars as well as consequences, to attack a society’s ability to operate with a shared epistemology? This leaves us in a terrible position, because there are so many more points of failure

This shift from targeting infrastructure to targeting the minds of civilians was predictable. Theorists  like Edward Bernays, Hannah Arendt, and Marshall McLuhan saw it coming decades ago. As early as 1970, McLuhan wrote, in Culture is our Business, “World War III is a guerrilla information war with no division between military and civilian participation.”

The 2014-2016 influence operation playbook went something like this: a group of digital combatants decided to push a specific narrative, something that fit a long-term narrative but also had a short-term news hook. They created content: sometimes a full blog post, sometimes a video, sometimes quick visual memes. The content was posted to platforms that offer discovery and amplification tools. The trolls then activated collections of bots and sockpuppets to blanket the biggest social networks with the content. Some of the fake accounts were disposable amplifiers, used mostly to create the illusion of popular consensus by boosting like and share counts. Others were highly backstopped personas run by real human beings, who developed standing audiences and long-term relationships with sympathetic influencers and media; those accounts were used for precision messaging with the goal of reaching the press. Israeli company Psy Group marketed precisely these services to the 2016 Trump Presidential campaign; as their sales brochure put it, “Reality is a Matter of Perception”.

There’s very little incentive not to try everything: this is a revolution that is being A/B tested.

Combatants are now focusing on infiltration rather than automation: leveraging real, ideologically-aligned people to inadvertently spread real, ideologically-aligned content instead. Hostile state intelligence services in particular are now increasingly adept at operating collections of human-operated precision personas, often called sockpuppets, or cyborgs, that will escape punishment under the the bot laws. They will simply work harder to ingratiate themselves with real American influencers, to join real American retweet rings. If combatants need to quickly spin up a digital mass movement, well-placed personas can rile up a sympathetic subreddit or Facebook Group populated by real people, hijacking a community in the way that parasites mobilize zombie armies.

Attempts to legislate away 2016 tactics primarily have the effect of triggering civil libertarians, giving them an opportunity to push the narrative that regulators just don’t understand technology, so any regulation is going to be a disaster.

The entities best suited to mitigate the threat of any given emerging tactic will always be the platforms themselves, because they can move fast when so inclined or incentivized. The problem is that many of the mitigation strategies advanced by the platforms are the information integrity version of greenwashing; they’re a kind of digital security theater, the TSA of information warfare

Algorithmic distribution systems will always be co-opted by the best resourced or most technologically capable combatants. Soon, better AI will rewrite the playbook yet again — perhaps the digital equivalent of  Blitzkrieg in its potential for capturing new territory. AI-generated audio and video deepfakes will erode trust in what we see with our own eyes, leaving us vulnerable both to faked content and to the discrediting of the actual truth by insinuation. Authenticity debates will commandeer media cycles, pushing us into an infinite loop of perpetually investigating basic facts. Chronic skepticism and the cognitive DDoS will increase polarization, leading to a consolidation of trust in distinct sets of right and left-wing authority figures – thought oligarchs speaking to entirely separate groups

platforms aren’t incentivized to engage in the profoundly complex arms race against the worst actors when they can simply point to transparency reports showing that they caught a fair number of the mediocre actors

What made democracies strong in the past — a strong commitment to free speech and the free exchange of ideas — makes them profoundly vulnerable in the era of democratized propaganda and rampant misinformation. We are (rightfully) concerned about silencing voices or communities. But our commitment to free expression makes us disproportionately vulnerable in the era of chronic, perpetual information war. Digital combatants know that once speech goes up, we are loathe to moderate it; to retain this asymmetric advantage, they push an all-or-nothing absolutist narrative that moderation is censorship, that spammy distribution tactics and algorithmic amplification are somehow part of the right to free speech.

We need an understanding of free speech that is hardened against the environment of a continuous warm war on a broken information ecosystem. We need to defend the fundamental value from itself becoming a prop in a malign narrative.

Unceasing information war is one of the defining threats of our day. This conflict is already ongoing, but (so far, in the United States) it’s largely bloodless and so we aren’t acknowledging it despite the huge consequences hanging in the balance. It is as real as the Cold War was in the 1960s, and the stakes are staggeringly high: the legitimacy of government, the persistence of societal cohesion, even our ability to respond to the impending climate crisis.

Influence operations exploit divisions in our society using vulnerabilities in our information ecosystem. We have to move away from treating this as a problem of giving people better facts, or stopping some Russian bots, and move towards thinking about it as an ongoing battle for the integrity of our information infrastructure – easily as critical as the integrity of our financial markets.

countries include Russia, China, Iran and North Korea — which are mentioned directly in the document — but the finding potentially applies to others as well

offensive cyber operations with the aim of producing disruption — like cutting off electricity or compromising an intelligence operation by dumping documents online — as well as destruction, similar to the U.S.-Israeli 2009 Stuxnet attack, which destroyed centrifuges that Iran used to enrich uranium gas for its nuclear program

freed the agency to conduct disruptive operations against organizations that were largely off limits previously, such as banks and other financial institutions

it lessened the evidentiary requirements that limited the CIA’s ability to conduct covert cyber operations against entities like media organizations, charities, religious institutions or businesses believed to be working on behalf of adversaries’ foreign intelligence services, as well as individuals affiliated with these organizations

“as long as you can show that it vaguely looks like the charity is working on behalf of that government, then you’re good.”

Since the finding was signed two years ago, the agency has carried out at least a dozen operations that were on its wish list, according to this former official. “This has been a combination of destructive things — stuff is on fire and exploding — and also public dissemination of data: leaking or things that look like leaking.” 

critics, including some former U.S. officials, see a potentially dangerous attenuation of intelligence oversight, which could have unintended consequences and even put people’s lives at risk

“Our government is basically turning into f****ing WikiLeaks, [using] secure communications on the dark web with dissidents, hacking and dumping,”

senior Trump officials weren’t interested in retaliating against Russia for the election interference

“Trump came in and way overcorrected,” said a former official. Covert cyber operations that in the past would have been rigorously vetted through the NSC, with sometimes years-long gaps between formulation and execution, now go “from idea to approval in weeks,” said the former official. 

an unknown group in March 2019 posted on the internet chat platform Telegram the names, addresses, phone numbers and photos of Iranian intelligence officers allegedly involved in hacking operations, as well as hacking tools used by Iranian intelligence operatives. That November, the details of 15 million debit cards for customers of three Iranian banks linked to Iran’s Islamic Revolutionary Guard Corps were also dumped on Telegram.Although sources wouldn’t say if the CIA was behind those Iran breaches, the finding’s expansion of CIA authorities to target financial institutions, such as an operation to leak bank card data, represents a significant escalation in U.S. cyber operations

These were operations the “CIA always knew were an option, but were always a bridge too far," said a former official. “They had been bandied about at senior levels for a long time, but cooler heads had always prevailed." 

“It was obvious that destabilization was the plan on Iran,”

Neither these two Iran-related findings, nor the new cyber finding, mention regime change as a stated goal, according to former officials. Over time, however, the CIA and other national security officials have interpreted the first two Iran findings increasingly broadly, with covert activities evolving from their narrow focus on stopping Tehran’s nuclear program, they said. The Iran findings have been subject to “classic mission creep,” said one former official.

“We’re playing semantics — destabilization is functionally the same thing as regime change. It’s a deniability issue,”

The CIA’s “deconfliction is poor, they’re not keeping people in the loop on what their cyber operations are,”

This more permissive environment may also intensify concerns about the CIA’s ability to secure its hacking arsenal. In 2017, WikiLeaks published a large cache of CIA hacking tools known as “Vault 7.” The leak, which a partially declassified CIA assessment called “the largest data loss in CIA history,” was made possible by “woefully lax” security practices at the CIA’s top hacker unit, the assessment said.

Removing NSC oversight of covert operations is a significant departure from recent history, according to Eatinger. “I would look at the intel community as the same as the military in that there should be civilian control of big decisions — who to go to war against, who to launch an attack against, who to fight a particular battle,” he said. “It makes sense that you would have that kind of civilian or non-intelligence civilian leadership for activities as sensitive as covert action.”

“People thought, ‘Hey, George W. Bush will sign this,’ but he didn’t,” said a former official. CIA officials then believed, “‘Obama will sign it.’ Then he didn’t.”“Then Trump came in, and CIA thought he wouldn’t sign,” recalled this official. “But he did.”

Tensions escalated this year, as the U.S.-brokered negotiations between Ethiopia and Egypt unraveled and new talks mediated by the African Union began

Construction of the dam was completed in July, and the filling of its reservoir started soon after amid heavy rains but before an agreement between Ethiopia, Egypt, and Sudan was signed. The U.S. government, a top source of aid for both Ethiopia and Egypt, said in August that it would halt some aid to Ethiopia over what it saw as a unilateral move to progress with the dam.

Social media users from the two countries frequently collide on the Internet, but seem to do so most often on Adel el-Adawy’s Twitter page: As a member of a prominent Egyptian political dynasty, a professor at the American University in Cairo, and the most visible disseminator of the Egyptian perspective on the dam in English, he has amassed a significant following. Adawy, whose pinned tweet is a picture of himself shaking hands with Egyptian President Abdel Fattah al-Sisi, posts frequently about the Nile and Ethiopian affairs, especially when things get sticky.

It’s possible that the engagement is coming from concerned Ethiopians at home and abroad, at the encouragement but not the behest of Ethiopian officials. “I have friends who joined Twitter just for the sake of this. It’s highly emotional and nationalistic,” said Endalkachew Chala, an Ethiopian communications professor at Hamline University in Minnesota.

The Ethiopian government does broadly engage in “computational propaganda,” according to a 2019 report from the Oxford Internet Institute. Agencies there use human-run social media accounts to spread pro-government propaganda, attack the opposition, and troll users. The same goes for the Egyptian government.

the first known time these kinds of digital tools have been used by people from one African country against people from another, said Gilbert Nyandeje, founder and CEO of the Africa Cyber Defense Forum. “It only means one thing. It means we should expect this more and more.”

the dam provided a unifying issue around which Ethiopians of all ethnic backgrounds could rally. “We do have a lot of divisions—ideological, ethnic, tribal, religious,” said Chala, the Ethiopian professor. “But even though we have these bitter divisions, Ethiopians have overwhelmingly supported this Nile dam especially on social media.”

at the core of Egyptian identity is the Nile, so bolstering nationalism means defending the Nile, too. And officials have encouraged this outlook: One sleekly produced video shared on Facebook by the Ministry of Immigration and Egyptian Expatriates Affairs warned, “More than 40 million Egyptians are facing the threat of drought and thirst.… The cause of water shortage is Ethiopia building a dam five times bigger than its needs.”

a show of vulnerability rare in Arab power politics. But the strategy has helped garner global sympathy for Egypt, even as its Nile claims are framed by Ethiopia as the result of unjust colonial-era agreements in which Egypt’s interests were represented by British colonizers.

For both countries—Egypt since the 2011 fall of Mubarak and Ethiopia since the 2012 death of strongman Prime Minister Meles Zenawi—national identity has been in flux

Ethiopian officials, meanwhile, continue to encourage Ethiopians to post about the dam online and often use the #ItsMyDam hashtag in their own social media posts. This use of social media to rally around the dam has also meant that Ethiopia’s massive global diaspora can get involved, without having to worry about frequent in-country Internet shutdowns that otherwise curtail online movements there.

The thousands of Ethiopian refugees, asylum seekers, and migrants living in Egypt are now facing greater pressure and harassment from Egyptian citizens and authorities since the dam tensions started to heat up

in Ethiopia, it has meant that any domestic criticism of the dam from an environmentalist point of view—namely, that it could disrupt ecosystems and biodiversity, even within Ethiopia—is met with derision

for both countries, surging nationalist sentiment means that it’s harder for officials to agree to, and for the public to accept, compromise

the main sticking points now are related to dispute resolution, drought contingency plans, and future upstream projects. And yet, much of the online rhetoric remains maximalist, even rejecting items that have already been unanimously decided—such as the existence of an Ethiopian Nile dam in any form—raising the possibility that the online tensions and attacks may not subside anytime soon