At a glance.
- Competing Franco-Russian influence campaigns in Africa.
- Intelligence services outsource disinformation.
- The Sunburst backdoor considered from an influence operations perspective.
Competing influence campaigns in Africa.
Facebook this week announced that it had taken down two sets of coordinated inauthentic actors operating influence campaigns against a range of targets in Africa. The takedowns involved both Russian and French accounts. As the Washington Post observes, it's unusual for Facebook to take action against coordinated inauthenticity that's (probably) associated with a Western government, so France's mention in dispatches is noteworthy. It's also noteworthy in that the rival operations were aware of and actively engaged with one another. As Facebook wrote, "this was the first time our team found two campaigns — from France and Russia — actively engage with one another, including by befriending, commenting and criticizing the opposing side for being fake." The social network credits research by Graphika with an assist in the takedown.
The takedown of Russian operators is more familiar. In this case, the network was composed mostly of accounts originating in Africa itself, with the operators either co-opted as agents of influence or hired as mercenaries, a mix of fake and compromised accounts. Facebook sees it as an attempt to rebuild the Russian influence network taken down in October 2019, In total, sixty-three Facebook accounts, twenty-nine Pages, seven Groups, and one Instagram account were suspended. The network was focused for the most part on the Central African Republic, with secondary targets in Madagascar, Cameroon, Equatorial Guinea, Mozambique, South Africa, and the Central African diaspora in France.
The inauthentic accounts were identified by links to individuals "associated with past activity by the Internet Research Agency" (which achieved notoriety as the troll farm engaged in US-targeting influence campaigns) or with the Professor Moriarty of Russian disinformation, oligarch and chef-to-the-Kremlin Yevgeniy Prigozhin (who's also wanted in the United States). The operators are believed to have spent some $38,000 on advertising in support of their objectives.
France remains actively engaged in its former African colonies, and thus influence operations in Francophone Africa really come as no surprise. Facebook found and took down eighty-four Facebook accounts, six Pages, nine Groups and fourteen Instagram accounts for "coordinated inauthentic behavior." Unlike the Russian activity, the French operation originated in France, not locally, and used fake accounts. The audience was for the most part in the Central African Republic and Mali, with other targets in Niger, Burkina Faso, Algeria, Cote d’Ivoire, and Chad.
Graphika says it sees evidence of a connection between the operation and the French Army. French officials did not acknowledge responsibility for the campaign, but did indicate that they were aware that such things were going on. The Washington Post quotes an official statement to the effect that, "We are not surprised by the conclusions of the report published by Graphika, which we are studying, without being at this stage in a position to attribute possible responsibilities. Indeed, the multiplicity of actors in this informational struggle, state or not, makes such a designation difficult.”
Fronts, cutouts, and hirelings.
Lawfare has an interesting essay on how state intelligence services, prominently but not exclusively in the Middle East, are "outsourcing disinformation." Twitter has suspended accounts operated by Smaat, a "digital marketing firm" with connections to the Saudi royal family, and Facebook has suspended accounts connected to Egyptian firm New Waves. Such companies (and there are others, some of them in the US) combine functions found in political consulting firms, lobbying shops, and marketing outfits at the metaphorical intersection of K Street and Madison Avenue. Governments benefit from deniability. Firms benefit from the governments' custom.
Lawfare suggests pressure on the spin doctors' other, more legitimate clients as a way of prying them out of the disinformation space, but this seems unlikely to achieve more than market segmentation. An essay in Foreign Policy thinks the whole process of persuasion needs an overhaul. Sure, it's essential to democracy, but, the essay argues, there have to be some limits, whether legal or moral. One might agree (at least on the moral side) but coming up with legal regulation is bound to be tougher. Foreign Policy cites widespread concern about subliminal advertising which it dates to the 1970s (in truth it goes back farther—consider Vance Packard's The Hidden Persuaders, first published in 1957) and suggests it offers a direction worth considering:
"In the 1970s, there was widespread fear about so-called subliminal messaging, which claimed that images of sex and death were hidden in the details of print advertisements, as in the curls of smoke in cigarette ads and the ice cubes of liquor ads. It was pretty much all a hoax, but that didn’t stop the Federal Trade Commission and the Federal Communications Commission from declaring it an illegal persuasive technology. That’s how worried people were about being manipulated without their knowledge and consent.
"It is time to have a serious conversation about limiting the technologies of persuasion. This must begin by articulating what is permitted and what is not. If we don’t, the powerful persuaders will become even more powerful."
It seems telling that the example offered is a failed example founded on a false premise. Isn't that what the disinformation operators would want?
So the Russians have actually, for real, gained access to an awful lot of American information.
No, it's not an act of war, as some members of the US Congress have tweeted, not even if qualified as an act of "cyber war." It was an apparently spectacularly successful espionage campaign whose American targets will be untangling, assessing, and remediating its effects for a long time to come.
An op-ed in the New York Times by Tom Bossert, former US Homeland Security Advisor, calls the incident's effects "hard to overestimate." It's worth quoting at some length, as it gives a good summary picture of what Russia's SVR accomplished:
“The Russians have had access to a considerable number of important and sensitive networks for six to nine months. The Russian SVR will surely have used its access to further exploit and gain administrative control over the networks it considered priority targets. For those targets, the hackers will have long ago moved past their entry point, covered their tracks and gained what experts call ‘persistent access,’ meaning the ability to infiltrate and control networks in a way that is hard to detect or remove.
“While the Russians did not have the time to gain complete control over every network they hacked, they most certainly did gain it over hundreds of them. It will take years to know for certain which networks the Russians control and which ones they just occupy.
“The logical conclusion is that we must act as if the Russian government has control of all the networks it has penetrated. But it is unclear what the Russians intend to do next. The access the Russians now enjoy could be used for far more than simply spying.”
Here's one effect likely to go beyond simple spying. Russian influence operations have tended to be more negative than positive. That is, they've generally been more interested in increasing the opposition's "friction," in Clausewitz's sense, by darkening counsel and sowing confusion and doubt than they have been with seeking to persuade their target of any particular position. So consider: a contentious US election just ended, which President Trump maintained was stolen by his opponent, President-elect Biden. Leave aside that there's no particular reason to conclude that the SVR hack decided the vote. What effect is the revelation, days after the Electoral College cast its votes, of a massive and successful penetration of US networks by Cozy Bear likely to have on public trust and confidence in its public institutions?
The SolarWinds compromise is an espionage win for Moscow, and it won't be surprising if it doesn't turn into an influence operations win as well. And the beauty of the thing is that the Americans themselves are likely to do the work. It's not quite competing to sell the rope that will hang them, if only because no one's being hung, but you get the point.