At a glance.
- Trimming back on direct control of disinformation?
- Report: coordinated inauthenticity for hire.
- Censorship: tracking memes and muscling journalists.
- DarkBit’s ransomware attack against Technion University has an influence-ops dimension.
Trimming back on direct control of disinformation?
The New York Times points with concern to cutbacks in content moderation at widely used social media platforms. This could, the Times and those it interviews, augur an effective surrender to disinformation and otherwise objectionable speech. The article points to a variety of underlying causes for the cutbacks, including pressure from those who have something to gain from fewer restrictions, but even more than that the expense of inevitably labor-intensive content moderation and, beyond that, the sheer institutional fatigue that's come from trying to maintain it. The Times refers to content meriting exclusion from the platforms as "objectionable" content, not necessarily false, but objectionable.
An essay in the Chicago Sun-Times offers a counterpoint. "It’s risky," the headline says, "to curtail ‘disinformation’ when there’s no clear definition of it." The argument, made by the editor of the libertarian magazine Reason, concludes, "Even 'intentionally misleading' speech is protected by the First Amendment, and a government that respects freedom of speech has no business deciding how to apply that slippery label."
It seems worth pointing out, first, that Section 230's treatment of online platforms, giving them the best of both the publisher's and the common carrier's worlds, may not be conducive to clarity about responsibility for content. And it's also worth pointing out, in this context, the value of screening content not necessarily for truth or falsehood, but rather for authenticity. It would seem to do no particular violence to freedom of speech if platforms insisted that content providers identify themselves as who they in fact are. Facebook's approach to what it calls "coordinated inauthenticity" may be worth emulation.
Report: coordinated inauthenticity for hire.
Haaretz has published an account of the hired guns who, the paper says, were the hidden hand behind the Cambridge Analytica scandal. The organization that provided the services, known as Team Jorge, operates from a Tel Aviv suburb. Haaretz describes its offerings as follows: "The services offered by the company – which identified itself as Team Jorge – include falsification of documents, dissemination of fake stories and an 'army for hire' of some 40,000 avatars (fake identities on social media platforms). These avatars are controlled by a software system called AIMS, which, [company leader Tal] Hanan said, was developed by his staff."
Censorship: tracking memes and muscling journalists.
The Byelarusian Cyber-Partisans, dissident hacktivists opposed to both the Lukashenka regime and Russia's war against Ukraine, have released 335GB dump of emails and other files obtained from Roskomnadzor’s General Radio Frequency Center division, CyberSecurity Connect reports that the hacktivists claimed credit in a Twitter thread, and promised that more was to come. “Do you want to know who in Roskomnadzor was preparing reports on protests in Ukraine & Kazakhstan for the leadership of the Kremlin? We published these reports and contact info of the RKN employees in our TG channel.” The data obtained from Roskomnadzor were posted to Distributed Denial of Secrets.
Roskomnadzor is the Russian Internet governance authority. It's recently been involved in working to scrub derogatory references to President Putin. The Kyiv Independent reports that the agency is using AI tools to combat memes that portray Mr. Putin in a less than favorable light. Reuters describes "Oculus," one of the principal systems Roskomnador is deploying to identify dissent and shoo trolls. "The "Oculus" system will be able to read text and recognise illegal scenes in photos and videos, analysing more than 200,000 images per day at a rate of about three seconds per image, the Interfax news agency reported."
Not all the censorship is online, and not all the coercion is virtual. The International Press Institute reports "more than 900 cases of physical attacks, censorship, harassment, arrests, and other press freedom violations in Russia and Ukraine since Putin’s full-scale war of aggression began one year ago."
DarkBit’s ransomware attack against Technion University has an influence-ops dimension.
Technion University in Haifa, Israel, fell victim to a ransomware attack that forced the shutdown of all of the school’s communication networks on Sunday, the Jerusalem Post wrote. A new ransomware group, “DarkBit,” has claimed responsibility for the cyberattack, ARN reported today. The Haifa-based university tweeted Sunday, “The Technion is under cyber attack. The scope and nature of the attack are under investigation.” DarkBit has demanded ransom, but they also appear animated by anti-Israeli or pro-Palestinian sentiment. The group said, in a statement shared by Israeli cyber professional Alon Gal:
“We’re sorry to inform you that we’ve had to hack Technion network completely and transfer all data to our secure servers. So, keep calm, take a breath and think about an apartheid regime that causes troubles here and there.
“They should pay for their lies and crimes, their names and shame. They should pay for occupation, war crimes against humanity, killing the people (not only Palestinians’ bodies but also Israelis' souls) and destroying the future and all dreams we had. They should pay for firing high-skilled experts.”The incident at Technion University may be at least in part politically motivated.
(Added, 9:15 PM ET, February 16th, 2023. Dmitry Bestuzhev, Threat Researcher at BlackBerry, wrote to comment on the role ransomware has assumed in influecne operations. “Ransomware is no longer about financial gain," Bestuzhev explained. "We see a trend where Ransomware is used as a weapon in geopolitics. This trend began a few years ago in Ukraine. Today we see it in Israel. We should expect more Ransomware-flavored attacks with geopolitical motivations. That is because it disrupts systems causing reputational and financial damage, it may also result in ransom payment under certain circumstances. Finally, the portals and the messages of Ransomware threat actors offer space for geopolitical propaganda.” In the Technion incident, he sees three factors in play:
- "The main PE module supports command-line options and data encryption optimization for large files.
- "Given the political theme behind the attack, there may be other factors besides financial motivation. Based on the code analysis, we cannot link this group to any publicly known Ransomware groups.
- "The Threat Actor behind this Golang-compiled ransomware has geopolitical motivations due to the ransom note being laden with wording describing anti-Israeli and anti-government rhetoric, along with mentions of the recent spate of layoffs across the tech industry.")