Leave a Comment

Advising the Next President of the United States: Options for Countering Russian Disinformation

Lewis R. Grant holds a Master of Science in Biodefense from George Mason University’s Schar School of Policy and Government. His research focused on the Russian Federation’s biosecurity and biodefense modernization activities. He was recently published in the Journal of Science Policy and Governance and has an accepted manuscript with Health Security pending publication. Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group. 

National Security Situation:  Due to U.S. inaction, Russia continues to wage an informational war to erode democratic institutions, ideologies, and norms.

Date Originally Written:  February 10, 2024. 

Date Originally Published:  February 26, 2024.

Author and / or Article Point of View:  The author believes Russia’s disinformation campaigns and other malign influence operations pose a significant threat to U.S. national security. The article is written from the point of view of providing written options to the U.S. President to address Russian disinformation campaigns. 

Background:  Aktivnyye meropriyatiya – or “active measures” – have long been one of the Kremlin’s most essential, far-reaching weapons in its fight against Western democracies[1]. Disinformation is a pillar of this strategy. The Kremlin’s disinformation campaigns follow five overarching themes: 1) Russia is a victim, 2) historical revisionism, 3) western civilization will collapse imminently, 4) popular movements are U.S.-sponsored, and 5) Flooding the information space with differing narratives to confuse the facts[2].

Significance:  Russia’s active measures threaten multiple national and global security aspects. Moscow’s disinformation campaigns interfere with U.S. elections, inflame domestic and global political tensions, adversely affect U.S. efforts to increase international biosecurity, biosafety, and global health, weaken global nonproliferation norms, and undermine the authority and legitimacy of international treaties and legal bodies[3][4][5].

Option #1:  The U.S. establishes a Public Information Agency (PIA) to develop and coordinate Public-Private Partnerships to counter Russian disinformation.

Risk:  U.S. government partnerships with private media may be interpreted as an infringement on free speech. This interpretation becomes especially concerning when U.S. citizens are sharing or posting disinformation content[6]. Political controversy could embroil the PIA, adversely impacting its legitimacy, funding, and efficacy. In addition, public skepticism combined with the prevalence of misinformation and disinformation on social media may render Option #1 less effective. A new agency will also require Congressional approval and significant new and continued funding. 

Gain:  Partners of the PIA will be better able to identify, counter, and remove disinformation from their platforms. Joint educational efforts of the PIA and private partners will increase informational literacy among consumers, promoting resilience against disinformation operations[6][7]. Option #1 gives private sector partners access to regular and timely analysis and information regarding foreign malign influence operations, including disinformation. The PIA will also represent a single point of contact for private partners to engage with, increasing the efficiency of communications and ensuring that information is disseminated clearly and concisely. 

Option #2:  The U.S. reestablishes an expanded Active Measures Working Group within the Foreign Malign Influence Center (FMIC) at the Office of the Director of National Intelligence.

Risk:  The Active Measures Working Group’s (AMWG) influence and legitimacy will likely fluctuate with election cycles, depending on the political legitimacy the President awards to it and the FMIC[8]. Changes in leadership at interagency partners and their influence and legitimacy may result in inconsistent operations, compromising the efficacy of the AMWG. Agency leaders and their respective agencies could lose their reputation for objectivity and independence from partisan politics in the public eye[9]. Option #2 may also stretch resources for the newly created FMIC too thin, too quickly. This option will also require the declassification and publication approvals of information necessary to the AWMG’s efforts. This declassification and prepublication requirement could result in bottlenecks at agency partners and delay AMWG efforts to be proactive and swiftly reactive to new disinformation campaigns.

Additionally, portions of the public may interpret a U.S. government effort to identify and remove Russian disinformation as an effort to infringe on free speech and backfire[8].

Gain:  A critical element that made the AMWG effective was its narrow focus[8]. The AWMG’s reestablishment would build on the success of the 1980s AMWG, which successfully countered Russian disinformation about the origins of the HIV/AIDS epidemic. Option #2 gives the U.S. a specialized team to combat Moscow’s efforts via intelligence analysis, advance warnings, and disruption of covert and overt disinformation operations. Early exposure and communication of Russia’s disinformation operations would help disrupt its spread throughout the media. The AMWG would coordinate all interagency activities to publicly expose and refute Russian disinformation between the State Department’s Global Engagement Center, the Central Intelligence Agency (CIA), the Defense Intelligence Agency, the Federal Bureau of Investigation, and the Cybersecurity and Infrastructure Security Agency. 

Option #3:  The U.S. responds in kind to Russian disinformation activities.

Risk:  U.S. covert and overt measures to disrupt Russian malign influence operations could escalate high tensions between Moscow and Washington. The Russian government’s internet supervision service, Roskomnadzor, also presents a formidable obstacle to disseminating disinformation within Russia’s “RuNet.” Roskomnadzor closely monitors the RuNet for “anti-government” activities[10]. Roskomnadzor can surveil and reveal those behind anti-government accounts and pass the information to Russian security services[10]. This identification presents significant challenges to running covert operations and assets to support opposition movements.

Offensive cyber operations aimed at Russian cyber and intelligence agencies would likely prompt counter-cyberattacks. U.S. offensive cyber operations will likely add fuel to the “Russia is a victim” disinformation theme. Option #3 will also require a reevaluation of U.S. cyber policy – an issue policymakers have been reluctant to address – and U.S. policy towards nation-states harboring parties contributing to malign influence operations[11][12].

Gain:  Moscow’s authoritarianism and control of information make it vulnerable to U.S. information campaigns[13][14]. Most Russians receive their news from state-run media sources via television, but the share of those using social media and news sites is rapidly increasing[15]. This shift to social media presents an opportunity for the U.S. to introduce information that would otherwise be restricted from the RuNet. A CIA covert action codenamed QRHELPFUL successfully aided democratic opposition movements in Poland by creating an underground media enterprise[14]. Today’s Russian government is weaker than its Soviet predecessor, and the Russian public’s trust in their government is low, indicating similar campaigns could be highly effective[13][16]. Compelling exposition and dissemination of the Kremlin’s domestic malign practices within the RuNet could increase domestic support for opposition movements, forcing Moscow to reexamine its priorities[13].

Moscow’s use of non-state parties for deniability also presents a weakness that offensive cyber operations can exploit. Since these parties are not officially Russian government entities, using offensive operations against them comes with a lower risk of escalation. Effective cyber operations will increase U.S. cyber deterrence, discouraging future disinformation campaigns and other malign interference operations[12]. 

Other Comments:  None.

Recommendation:  None.

Endnotes:

[1] Disarming Disinformation: Our Shared Responsibility. (n.d.). United States Department of State. Retrieved February 1, 2024, from https://www.state.gov/disarming-disinformation/

[2] Russia’s Top Five Persistent Disinformation Narratives. (n.d.). United States Department of State. Retrieved February 8, 2024, from https://www.state.gov/russias-top-five-persistent-disinformation-narratives/

[3] Leitenberg, M. (2022, March 10). Russian nuclear and biological disinformation undermines treaties on weapons of mass destruction. Bulletin of the Atomic Scientists. https://thebulletin.org/2022/03/russian-nuclear-and-biological-disinformation-undermines-treaties-on-weapons-of-mass-destruction/

[4] Filippa Lentzos. (2018, November 19). The Russian disinformation attack that poses a biological danger. Bulletin of the Atomic Scientists. https://thebulletin.org/2018/11/the-russian-disinformation-attack-that-poses-a-biological-danger/

[5] Stowe-Thurston, A. (2022, March 22). Russia’s non-proliferation disinformation campaign. Bulletin of the Atomic Scientists. https://thebulletin.org/2022/03/russias-non-proliferation-disinformation-campaign/

[6] McGeehan, T. (2018). Countering Russian Disinformation. The US Army War College Quarterly: Parameters, 48(1). https://doi.org/10.55540/0031-1723.2850

[7] Levis, J. M., Casi Gentzel, Adela. (2021, May 10). Toward a Whole-of-Society Framework for Countering Disinformation. Modern War Institute. https://mwi.westpoint.edu/toward-a-whole-of-society-framework-for-countering-disinformation/

[8] Dhunjishah, M. (2017, July 7). COUNTERING PROPAGANDA AND DISINFORMATION: BRING BACK THE ACTIVE MEASURES WORKING GROUP? War Room – U.S. Army War College. https://warroom.armywarcollege.edu/articles/countering-propaganda-disinformation-bring-back-active-measures-working-group/

[9] David M. Tillman. (2020). Combatting Russian Active Measures. Small Wars Journal. https://smallwarsjournal.com/jrnl/art/combatting-russian-active-measures

[10] Mozur, P., Satariano, A., Krolik, A., & Aufrichtig, A. (2022, September 22). ‘They Are Watching’: Inside Russia’s Vast Surveillance State. The New York Times. https://www.nytimes.com/interactive/2022/09/22/technology/russia-putin-surveillance-spying.html

[11] Joseph S. Nye. (2021, July 8). Will Biden’s red lines change Russia’s behaviour in cyberspace? Australian Strategic Policy Institute | The Strategist. https://www.aspistrategist.org.au/will-bidens-red-lines-change-russias-behaviour-in-cyberspace/

[12] LCDR Stephanie Pendino, MAJ Robert K. Jahn, Sr., & Kirk Pedersen. (2022, September 7). U.S. Cyber Deterrence: Bringing Offensive Capabilities into the Light. Joint Forces Staff College. https://jfsc.ndu.edu/Media/Campaigning-Journals/Academic-Journals-View/Article/3149856/us-cyber-deterrence-bringing-offensive-capabilities-into-the-light/https%3A%2F%2Fjfsc.ndu.edu%2FMedia%2FCampaigning-Journals%2FAcademic-Journals-View%2FArticle%2F3149856%2Fus-cyber-deterrence-bringing-offensive-capabilities-into-the-light%2F

[13] Jones, S. G. (2021). Three Dangerous Men: Russia, China, Iran and the Rise of Irregular Warfare. W. W. Norton & Company.

[14] Jones, S. G., Reagan, A. from A. C. A., Cia, T., & Jones,  and the C. W. S. in P. by S. G. (2018). Going on the Offensive: A U.S. Strategy to Combat Russian Information Warfare. https://www.csis.org/analysis/going-offensive-us-strategy-combat-russian-information-warfare

[15] Parsons, L. (2022, March 14). How Russians see Russia. Harvard Gazette. https://news.harvard.edu/gazette/story/2022/03/how-russians-see-russia/

[16] Рейтинги января 2024 года: Оценка положения дел в стране, одобрение институтов, доверие политикам и рейтинги партий. (2024, February 1). https://www.levada.ru/2024/02/01/rejtingi-yanvarya-2024-goda-otsenka-polozheniya-del-v-strane-odobrenie-institutov-doverie-politikam-i-rejtingi-partij/

Cyberspace Influence Operations Journalism / The Press Lewis R. Grant Option Papers Political Warfare Psychological Factors Russia Social Media Soviet Union United States
Leave a Comment

An Assessment of Information Warfare as a Cybersecurity Issue

Justin Sherman is a sophomore at Duke University double-majoring in Computer Science and Political Science, focused on cybersecurity, cyberwarfare, and cyber governance. Justin conducts technical security research through Duke’s Computer Science Department; he conducts technology policy research through Duke’s Sanford School of Public Policy; and he’s a Cyber Researcher at a Department of Defense-backed, industry-intelligence-academia group at North Carolina State University focused on cyber and national security – through which he works with the U.S. defense and intelligence communities on issues of cybersecurity, cyber policy, and national cyber strategy. Justin is also a regular contributor to numerous industry blogs and policy journals.

Anastasios Arampatzis is a retired Hellenic Air Force officer with over 20 years’ worth of experience in cybersecurity and IT project management. During his service in the Armed Forces, Anastasios was assigned to various key positions in national, NATO, and EU headquarters, and he’s been honored by numerous high-ranking officers for his expertise and professionalism, including a nomination as a certified NATO evaluator for information security. Anastasios currently works as an informatics instructor at AKMI Educational Institute, where his interests include exploring the human side of cybersecurity – psychology, public education, organizational training programs, and the effects of cultural, cognitive, and heuristic biases.

Paul Cobaugh is the Vice President of Narrative Strategies, a coalition of scholars and military professionals involved in the non-kinetic aspects of counter-terrorism, defeating violent extremism, irregular warfare, large-scale conflict mediation, and peace-building. Paul recently retired from a distinguished career in U.S. Special Operations Command, and his specialties include campaigns of influence and engagement with indigenous populations.

Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.

Title:  An Assessment of Information Warfare as a Cybersecurity Issue

Date Originally Written:  March 2, 2018.

Date Originally Published:  June 18, 2018.

Summary:  Information warfare is not new, but the evolution of cheap, accessible, and scalable cyber technologies enables it greatly.  The U.S. Department of Justice’s February 2018 indictment of the Internet Research Agency – one of the Russian groups behind disinformation in the 2016 American election – establishes that information warfare is not just a global problem from the national security and fact-checking perspectives; but a cybersecurity issue as well.

Text:  On February 16, 2018, U.S. Department of Justice Special Counsel Robert Mueller indicted 13 Russians for interfering in the 2016 United States presidential election [1]. Beyond the important legal and political ramifications of this event, this indictment should make one thing clear: information warfare is a cybersecurity issue.

It shouldn’t be surprising that Russia created fake social media profiles to spread disinformation on sites like Facebook.  This tactic had been demonstrated for some time, and the Russians have done this in numerous other countries as well[2].  Instead, what’s noteworthy about the investigation’s findings, is that Russian hackers also stole the identities of real American citizens to spread disinformation[3].  Whether the Russian hackers compromised accounts through technical hacking, social engineering, or other means, this technique proved remarkably effective; masquerading as American citizens lent significantly greater credibility to trolls (who purposely sow discord on the Internet) and bots (automated information-spreaders) that pushed Russian narratives.

Information warfare has traditionally been viewed as an issue of fact-checking or information filtering, which it certainly still is today.  Nonetheless, traditional information warfare was conducted before the advent of modern cyber technologies, which have greatly changed the ways in which information campaigns are executed.  Whereas historical campaigns took time to spread information and did so through in-person speeches or printed news articles, social media enables instantaneous, low-cost, and scalable access to the world’s populations, as does the simplicity of online blogging and information forgery (e.g., using software to manufacture false images).  Those looking to wage information warfare can do so with relative ease in today’s digital world.

The effectiveness of modern information warfare, then, is heavily dependent upon the security of these technologies and platforms – or, in many cases, the total lack thereof.  In this situation, the success of the Russian hackers was propelled by the average U.S. citizen’s ignorance of basic cyber “hygiene” rules, such as strong password creation.  If cybersecurity mechanisms hadn’t failed to keep these hackers out, Russian “agents of influence” would have gained access to far fewer legitimate social media profiles – making their overall campaign significantly less effective.

To be clear, this is not to blame the campaign’s effectiveness on specific end users; with over 100,000 Facebook accounts hacked every single day we can imagine it wouldn’t be difficult for any other country to use this same technique[4].  However, it’s important to understand the relevance of cybersecurity here. User access control, strong passwords, mandated multi-factor authentication, fraud detection, and identity theft prevention were just some of the cybersecurity best practices that failed to combat Russian disinformation just as much as fact-checking mechanisms or counter-narrative strategies.

These technical and behavioral failures didn’t just compromise the integrity of information, a pillar of cybersecurity; they also enabled the campaign to become incredibly more effective.  As the hackers planned to exploit the polarized election environment, access to American profiles made this far easier: by manipulating and distorting information to make it seem legitimate (i.e., opinions coming from actual Americans), these Russians undermined law enforcement operations, election processes, and more.  We are quick to ask: how much of this information was correct and how much of it wasn’t?  Who can tell whether the information originated from un-compromised, credible sources or from credible sources that have actually been hacked?

However, we should also consider another angle: what if the hackers hadn’t won access to those American profiles in the first place?  What if the hackers were forced to almost entirely use fraudulent accounts, which are prone to be detected by Facebook’s algorithms?  It is for these reasons that information warfare is so critical for cybersecurity, and why Russian information warfare campaigns of the past cannot be equally compared to the digital information wars of the modern era.

The global cybersecurity community can take an even greater, active role in addressing the account access component of disinformation.  Additionally, those working on information warfare and other narrative strategies could leverage cybersecurity for defensive operations.  Without a coordinated and integrated effort between these two sectors of the cyber and security communities, the inability to effectively combat disinformation will only continue as false information penetrates our social media feeds, news cycles, and overall public discourse.

More than ever, a demand signal is present to educate the world’s citizens on cyber risks and basic cyber “hygiene,” and to even mandate the use of multi-factor authentication, encrypted Internet connections, and other critical security features.  The security of social media and other mass-content-sharing platforms has become an information warfare issue, both within respective countries and across the planet as a whole.  When rhetoric and narrative can spread (or at least appear to spread) from within, the effectiveness of a campaign is amplified.  The cybersecurity angle of information warfare, in addition to the misinformation, disinformation, and rhetoric itself, will remain integral to effectively combating the propaganda and narrative campaigns of the modern age.

Endnotes:

[1] United States of America v. Internet Research Agency LLC, Case 1:18-cr-00032-DLF. Retrieved from https://www.justice.gov/file/1035477/download

[2] Wintour, P. (2017, September 5). West Failing to Tackle Russian Hacking and Fake News, Says Latvia. Retrieved from https://www.theguardian.com/world/2017/sep/05/west-failing-to-tackle-russian-hacking-and-fake-news-says-latvia

[3] Greenberg, A. (2018, February 16). Russian Trolls Stole Real US Identities to Hide in Plain Sight. Retrieved from https://www.wired.com/story/russian-trolls-identity-theft-mueller-indictment/

[4] Callahan, M. (2015, March 1). Big Brother 2.0: 160,000 Facebook Pages are Hacked a Day. Retrieved from https://nypost.com/2015/03/01/big-brother-2-0-160000-facebook-pages-are-hacked-a-day/

Anastasios Arampatzis Assessment Papers Cyberspace Information and Intelligence Information Systems Justin Sherman Paul Cobaugh Political Warfare Psychological Factors