At a glance.
- Identity is a poor epistemic principle.
- Inconsistency doesn't matter as much as insistence.
- How DDoS can have an influence that exceeds the actual jamming it accomplishes.
- Ukraine sees disinformation as a major part of Moscow's cyber campaign.
There are no obvious easy ways of controlling disinformation. Since most of the things any of us know we know at some level on the strength of some authority, everyday epistemology comes down in large measure to a critique of various authorities. Sometimes an authority's credibility is assessed on the basis of a credential, and some credentials carry more conviction in the appropriate fields than others. One is more likely to get good information about the law from a lawyer; you're more likely to get sound health advice from a doctor or a nurse. Sometimes an authority's credibility is established through evidence and argument, and these too can be at least partially assessed.
An essay in MIT Technology Review argues, however, that a shift in the way we consume information has eroded our consumption of authority. (The essay picks on Generation Z, but, OK, Boomer, you might not be immune yourself.) The sorts of criticism of authority one might have been accustomed to make was based in some way on what the essay calls "community" with the back-and-forth reciprocal illumination that suggests, and community has been replaced, in an information culture dominated by influencers, by identity. That is, people tend to believe what they're told by people who share their identity.
Influencers make misinformaiton and disinformation go viral, and it's worth recovering the root sense of the word "viral," as in something that grows contagious through repetition. That's not a good thing. The essay observes, "As young people participate in more political discussions online, we can expect those who have successfully cultivated this identity-based credibility to become de facto community leaders, attracting like-minded people and steering the conversation. While that has the potential to empower marginalized groups, it also exacerbates the threat of misinformation. People united by identity will find themselves vulnerable to misleading narratives that target precisely what brings them together."
Intelligence services interested in spreading disinformation have taken note.
Inconsistency doesn't matter as much as insistence.
Official Russia and the news media it controls have long worked to position Russia's war against Ukraine as both a second Great Patriotic War (as Russia commonly refers to the Second World War) and, at the same time, not a war at all, but rather a "special military operation." (They're quite serious about the "special military operation"--at least one skeptical Russian blogger has been jailed for defaming the state because he enclosed the phrase in quotation marks, which the "court" took as evidence of "sarcasm.") So it's World War Two all over again, complete with Nazis, yet on the other hand it's not a war at all.
The US State Department sees a similar inconsistency in Russia's use of both anti-Nazi and antisemitic tropes in its messaging. Since before Russia's invasion, President Putin and other Russian leaders have denounced the Ukrainian government a an illegitimate Nazi regime, and they mean "Nazi" in a literal sense, not as the kind of figurative slur one might hear in, say, the more intemperate reaches of American political discourse. When people pointed out the implausibility of a Nazi regime being led by a Jew (Ukrainian President Zelenskyy is Jewish), Russian Foreign Minister Lavrov countered with an explanation of why this shouldn't be surprising at all. The State Department glosses Mr. Lavrov's remarks and the reaction they prompted as follows:
"Russia’s Foreign Minister Sergey Lavrov attempted to counter an Italian journalist’s question about Zelenskyy’s heritage with an antisemitic conspiratorial rant and a Holocaust distortion, speculating that Adolf Hitler 'had Jewish blood, too,' and adding that the 'wise Jewish people say that the most ardent anti-Semites are usually Jews.' Government of Israel officials immediately demanded an apology for Lavrov’s 'unforgivable, outrageous' remarks and “lies…meant to blame the Jews themselves” for the Holocaust. Israel’s Foreign Minister at the time Yair Lapid wrote that the 'lowest level of racism against Jews is to accuse Jews themselves of antisemitism.' Russia’s Ministry of Foreign Affairs (MFA) subsequently doubled down, accusing Israel of making 'anti-historical statements' and alleging Israel supports a 'neo-Nazi regime in Kyiv.'”
Mr. Lavrov isn't alone in representing President Zelenskyy as a successor to Hitler. The State Department notes (with some harsh side-eye), that "Russia’s corrupt former president and the deputy chairman of the country’s Security Council Dmitri Medvedev has argued that Zelenskyy has 'lost' his Jewish identity. One of the Kremlin’s most prominent propagandists, Vladimir Solovyov, even claimed Zelenskyy was not really Jewish, while Solovyov’s associates and state-owned media falsely accused Ukraine’s president of betraying his Jewish family and ancestors." Thus President Zelenskyy isn't really a Jew at all, and so it makes perfect sense that he'd be leading a Nazi regime.
There have been, however, other Russian propaganda gambits that could have come straight out of the actual, historical, real Nazis themselves. The State Department explains, "Well before Lavrov’s remarks, Russian intelligence-linked outlets and Kremlin propagandists have long spread disinformation and propaganda targeting Zelenskyy’s Jewishness and Ukraine’s relations with Israel. Contradicting more recent disinformation, President Putin’s former economic advisor Sergey Glazyev accused Zelenskyy in 2019 of planning to replace the Russian-speaking population of eastern and southern parts of Ukraine with Israeli Jews."
How DDoS can have an influence that exceeds the actual jamming it accomplishes.
Margiris Abukevicius, Lithuania's vice minister of national defense, according to Delphi, while emphasizing that the effects of the DDoS attacks had a negligible effect on the country's IT infrastructure, cautioned that they're not to be dismissed, either. Cyberattacks of this kind are aimed at exerting influence quite apart from their effectiveness at disrupting networks. The audience, Mr. Abukevicius says, is at once both foreign (in Lithuania) and domestic (in Russia). The desired effect in Lithuania is erosion of confidence, leading Lithuanians to lose faith in their country's ability to protect itself in cyberspace. He also sees increased friction as a Russian goal: one aim of the cyberattacks is to "increase tension." The desired effect in Russia is the projection of an image of power, and of communicating an assurance that Russia's enemies will be punished.
Even talking about the incidents carries a cost to the victim, Mr. Abukevicius said. "We need to understand that publicity is a very important part of these attacks. If we don't talk about them, the other side will lose motivation. When we talk, when we talk about alleged victories, about alleged punishment of Lithuania, it's motivating the other side." He went on to urge that Russian cyber operations be kept in perspective. "We in Lithuania should not be so hooked on this and we often hear that the sky has been falling here for the last three weeks. It’s definitely not. Yes, we have attacks, some of them disruptive, but we don't see those incidents or those efforts that don't achieve any goal and don't affect the delivery of services at all. There are also many of those, and I think that's what we should say: that despite the effort, despite the coordination, the impact of these attacks is small."
A similar effect, particularly on the friendly audience, may be seen in Ukrainian DDoS attacks against Russian targets. Hacktivists in sympathy with Ukraine last week conducted distributed denial-of-service attacks against Russian movie theaters. CyberNews says the attacks, regarded as a tit-for-tat response to Russian DDoS attacks by Killnet and others against Ukrainian and other sympathetic nations’ networks, have affected “Kinomax, Mori Cinema, Luxor, Almaz, and other chains,” as well as “ticket service Kinoplan.” Obviously such campaigns aren’t war-winners. The Record reports a consensus among Ukrainian security firms that DDoS is popular because it’s easy, and that the targets selected for disruption are picked because they’re disruptable, not because they’re either high-value or high-payoff.
Ukrainian hacktivists have been more-or-less assembled into a loose umbrella group, the IT Army. The Ukrainian government says it doesn’t direct the IT Army, and indeed their opportunistic and improvisational target selection would seem to argue that their organization is pretty thin. The Record says, “This lack of planning makes sense given that IT Army is an independent group of volunteer hackers, not a trained cyber army unit. ‘We do not coordinate cyber volunteers in their attacks and have no information on any such coordination centers,’ Ukrainian security official Victor Zhora said.”
So hacktivism in this case might be best regarded as a morale-builder. “The only benefit of IT Army’s DDoS was that thousands of people came together and felt useful in their resistance against Russia,” Yegor Aushev of Cyber Unit Technologies told the Record. It’s also striking to see how commodified DDoS apps have become, freely provided and readily accessible, complete with short how-tos (and the shortest of how-tos is all that’s needed to operate them).
Ukraine sees disinformation as a major part of Moscow's cyber campaign.
The State Service for Special Communications and Information Protection of Ukraine (SSSCIP) has issued a report on the current state of the cyber phases of Russia's war as they unfolded during the second quarter of the year. It sees Russia as concentrating on, first, espionage, second, network disruption, third, data wiping, and fourth, disinformation. Of these four, the network disruption and disinformation have come to represent a relatively greater fraction of Russian cyber operations. "Comparing to the first quarter of 2022, the number of critical IS events originating from Russian IP addresses decreased by 8.5 times. This is primarily due to the fact that providers of electronic communication networks and/or services that provide access to the Internet blocked IP addresses used by the Russian federation."
The SSSCIP, like many other observers, considers the nominal hacktivists who've been recently active as simple front groups for the Russian intelligence services. "By attribution, the absolute majority of registered cyber incidents is related to hacker groups funded by the Russian federation government. In particular, these are UAC-0082/UAC-0113 (related to Sandworm), UAC-0010 (Gamaredon) and others, mentioned in the report. In the second quarter of 2022, the main targets of hackers from the Russian federation were the Ukrainian mass media, the government and local authorities sectors. Most information security events can be associated with APT groups and hacktivists’ activities."
And so the hybrid war continues to take a close and continuing interest in influence operations, and mass media represent by far the most targeted sector.