At a glance.
- Cuba's Internet restrictions.
- Russia's push toward Internet autarky.
- Black Sea disinformation.
- Twitter's blue-checked bots (now removed).
- Clumsy expression gives lies a bodyguard of truth.
- Sputnik exploits the death of John McAfee.
- Wolf warriors and nationalism.
Cuba clamps down on social media during the current period of civil unrest.
About a hundred-fifty people have been arrested, detained, or (as NPR provocatively puts it) "disappeared" since protests began in several Cuban cities this past Sunday. Among those taken into custody is popular YouTube personality Dina Stars, which is an indication of the seriousness with which Havana takes the threat social media pose to its control of information. The Record reports that the government clamped down on the Internet generally, and on social media in particular, on Sunday and Monday. Sputnik framed the protests as an American attempt to foment dissent, another "color revolution" of the kind seen in Iran (where it was unsuccessful) and, closer to home, in Ukraine (where it was at least partially successful). If there's any hardship in Cuba, the Russian Foreign Ministry said, it's the result of more than half a century of Yanqui blockage, embargo, and economic sanctions.
RuNet and Internet autarky.
Dissent on social media, whether of foreign or domestic origin, is the kind of entropic process the Russian government has historically regarded with fear. There may be reason to think that Russia’s RuNet initiatives may represent an attempt to position Russia operationally for more deniable hybrid warfare. While RuNet, shorthand for a set of initiatives generally aimed at creating a Russian Internet that would be substantially distinct from the rest of the Web, has generally been seen as serving the kind of domestic control and autarky that China’s Great Firewall does, RuNet may have other objectives.
The Atlantic Council has released a study of RuNet’s implications for international security. One particularly dangerous result may be the ways in which RuNet could be used to stage and facilitate proxy attacks by criminals and privateers. Successful implementation of RuNet may also increase Moscow’s sense of immunity from cyberattack, rendering deterrence less readily attainable. And, of course, isolation of the Russian Internet will tend to make cybercriminals more dependent on state assistance to reach their victims, pushing more of them in the direction of privateering as opposed to simple freebooting.
But as the Atlantic Council also points out, RuNet is also a symptom of the Russian regime's larger, traditional fear of the free flow of information:
"Internet openness, in the view of Putin and his inner siloviki circles, is itself a security threat, one especially driven by social media platforms based in the United States. In their view, Russia is under information attack from Western powers every day by nature of the internet’s design: a relatively decentralized system that enables the free flow of information and raises barriers to state control, including because of its multi-stakeholder governance model that mixes civil society actors and private firms with governments. Any consideration for how the United States and Europe may deter future cyber and information operations given growing RuNet isolation should factor in this existing Kremlin view."
This is also consistent with the long-standing and increasing role information operations play in formal Russian strategic doctrine. DefenseOne has a summary of the ways in which recent revisions to that strategy have highlighted information warfare and cyber operations as an existential threat to the survival of the Russian state.
Black Sea disinformation.
Ukrainian officials said Friday that threat actors linked to Russia's government had compromised the website of the Ukrainian Naval Forces. According to Reuters, the aim appears to have been disinformation: the website compromise was used to publish "fake reports about the international Sea Breeze-2021 military drills."
Russia has objected to the Black Sea exercise as a provocation. At the end of June, two NATO warships, the Dutch vessel Evertsen and the Royal Navy's HMS Defender, both operating in the Black Sea and visiting the Ukrainian port of Odessa, were falsely reported to have moved to disputed waters in the vicinity of the Russian-claimed port of Sevastopol. The USNI News reported at the time that it seemed Automatic Identification System (AIS) signals were falsified to give the impression that the warships had engaged in what effectively would have been the kind of provocation Russian authorities see in the exercise as a whole. In fact, both ships remained in Odessa. Who falsified the AIS reports and how the spoofing was accomplished remain unclear.
The curious ways of the blue check.
Six blue-checked Twitter accounts appeared essentially simultaneously on June 16th. None have tweeted very much (and some not at all), each has about a thousand followers (with a lot of overlap), and they've all got the much-desired blue check. Brian Krebs speculates that there may be some "service/insider or 'method' for getting new accounts verified."
The Daily Dot rounds up Tweeted reports about six accounts that received Twitter’s coveted blue check mark, but which appear to be bogus. The accounts appeared roughly simultaneously last month, shared many of the same followers (each having about a thousand), used either stock images or pictures generated by AI as their profile photos, and had done very little actual tweeting. Twitter user Conspirador Norteño, identified as a data scientist interested in disinformation, posted that “Very few of the accounts in this network have tweeted. The majority of the tweet content is spam in Korean sent via automation service dlvr(dot)it promoting a website.”
Twitter has revoked the accounts check marks and suspended the accounts as inauthentic. “We have now permanently suspended the accounts in question, and removed their verified badge, under our platform manipulation and spam policy.”
Blue-checked accounts have long been coveted by bad actors, but they’ve typically sought to get access to them by compromising legitimate accounts. Getting such verification for purely bogus, inauthentic accounts is unusual, and the Stanford Internet Observatory’s Alex Stamos commented that a bribed insider might have served as the conduit for the check mark. “You might have a malicious or bribed insider. Something similar happened at IG (paid off by spammers, in that case),” he tweeted.
Don't rely on nuance.
The FBI tweeted, in a public-service-announcement sort of way, "Family members and peers are often best positioned to witness signs of mobilization to violence. Help prevent homegrown violent extremism. Visit https://go.usa.gov/x6mjf to learn how to spot suspicious behaviors and report them to the #FBI. #NatSec." The tweet was coolly received, and was quickly picked up by hostile state news services (like Fars, who got the story from RT). The Bureau referenced its 2019 handbook on violent extremism, Homegrown Violent Extremist Mobilization Indicators, but probably few will read the whole thing. The Bureau is looking for signs of foreign recruiting and radicalization. That may of course come with its own problems, but it's not exactly the call for the formation of a universal network of informers run by an American Stasi that Fars and RT see. Even granting that Fars and RT probably have far more first-hand experience with state-run informants, this is a case where lies get a bodyguard of truth, that bodyguard augmented by some clumsy exposition.
Wheels within wheels and the suicide of John McAfee.
John McAfee, estranged founder of the eponymous security company, on June 23rd took his life in a Spanish jail while awaiting extradition to the US on multiple criminal charges of tax evasion. Sputnik sees wheels within wheels in his sad death, retailing various complicated theories about McAfee's life and his departure therefrom. The state-owned Russian media outlet reports McAfee's widow's expressed conviction that the suicide note he left was faked, his handwriting and verbal style imitated by forgers. He may, Sputnik speculates, have been a whistleblower killed by the Deep State. He may have been a Deep State operator whose death was faked and who's now gone underground, beyond the reach of QAnon. The explanation not given serious credence by Sputnik is the obvious one: McAfee took his own life because he felt himself at the end of his long road.
Disinformation staged from a diaspora.
Beijing's "wolf warriors" have aggressively pushed the party line hard. WIRED has a useful summary of some consular tweets in particular that ridiculed the US response to the condo collapse in Florida and derided foreign researchers who wrote about Xinjiang's labor camps.
But the diplomatic corps's wolf warriors aren't the only resources Beijing has deployed in influence operations mounted through social media that themselves are blocked inside China. The BBC has an account of the growing use of YouTube vloggers who take an aggressively pro-China line, disseminating government disinformation in their own channels. How the vloggers are mobilized is unclear and probably complex, with state direction and state inspiration probably finding fertile nationalist soil.