Cyberwar: Enter the Trolls

Savushkina Street, St Petersburg

The great breach in the US government’s database is a classic case of informational smash and grab. But operations to plant misinformation are also worrying for states which care about truth.

Digital wars are being fought in many theatres around the world and in many forms. In the light of the Snowden revelations, citizens who guard their privacy may already feel that their privacy has already been eroded. But recently, the Obama administration conceded that the US federal government had itself fallen victim to a hack on an unprecedented scale, with the security of the details of up to four million former and present employees apparently breached.

The Chinese, who were initially considered the most likely suspects, hotly deny any responsibility for this data smash and grab. Nor is it immediately obvious what the perpetrators’ motives might be. It could be a fishing expedition to establish who has access to real secrets. It could be a more straightforward criminal enterprise, a prelude to identity theft. The initial hack probably happened months ago, for one of the distinguishing features of the digital age is its capacity to host the faceless along with the intimate. This is what lends a more sinister force to the familiar equation of information, truth and power. The ability to extract or insert information that may or may not be true is not new – but it is uniquely facilitated in a digital world.

The phenomenon of the troll factory is a particularly egregious example of its exploitation. A troll factory is not some happy Scandinavian workshop peopled by happy elves, but a profoundly nihilistic and disturbing use of the Internet. The Guardian newspapeer tracked down a building in Savushkina St. in St Petersburg and talked to some of the paid bloggers who work to establish an inoffensive online personality in the comment sections of media outlets, and on social media, and then seed their posts with pro-Putin or pro-government remarks. The Guardian has experienced this kind of organised assault on reports from Ukraine and, presumably because of implications for the Russian-hosted world cup in 2018, on corruption at Fifa.

This kind of trolling is the digital offspring of earlier practices like “astroturfing”, where American corporations would organise letter-writing campaigns to local papers in order to make a lobbying initiative appear to be something that came from the grassroots. It can be an effective way to subvert opinion, and it is almost certainly more effective in the apparently intimate corners of the Internet than in print. 

This is not just a matter for government in Moscow, Beijing or Pyongyang. Non-state movements such as Islamic State adopt them, too. The Internet is a new front in asymmetrical warfare. We’re so used to thinking of soft power as a benign weapon that it requires an effort of will and understanding to see that it can be used in entirely malign ways, domestically as well as externally. Governments need to be where people are listening. Presumably the west is out there trolling too. 

But the BBC World Service built its reputation with honesty and this should be the policy of any British presence on the Internet. It must be out there at least trying to defend the truth without subterfuge against the lies of dictators and extremists everywhere.

Ein News:  

« Top 6 Hacking Tools Security Teams Should Know About
FBI Unable to Monitor ISIS’s Encrypted Communications »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Academy - University of Southampton

Cyber Security Academy - University of Southampton

An industry/University partnership established to advance cyber security through world class research, teaching excellence, industrial expertise and training capacity.

Cloud53

Cloud53

Cloud53 specialise in improving operational IT through strategic use of Cloud technologies and services.

Bulletproof Cyber

Bulletproof Cyber

Bulletproof offer a range of security services, from penetration testing and vulnerability assessments to 24/7 security monitoring, and consultancy.

Ammune.ai

Ammune.ai

Ammune.ai (formerly L7 Defense) helps organizations to protect their infrastructure, applications, customers, employees, and partners against the growing risk of API-borne attacks.

Seclab

Seclab

Seclab is an innovative player in the protection of industrial systems and critical infrastructure against sophisticated cyber attacks.

Woz U

Woz U

Woz U provides best-in-class technology training for Learners, Higher-Ed and Corporations. We focus on the most in-demand occupations such as Software Development, Data Science and Cyber Security.

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

CERT.lu

CERT.lu

CERT.lu is an initiative to enhance cyber security practices and techniques, and support security professionals in Luxembourg.

Project Moore

Project Moore

Project Moore is an Amsterdam law firm specialising in IT-law and privacy.

Binary Defense

Binary Defense

Binary Defense protect businesses of all sizes through advanced cybersecurity solutions including Managed Detection and Response, Security Information and Event Management and Counterintelligence.

Intellias

Intellias

Intellias is a trusted technology partner to top-tier organizations and digital natives helping them accelerate their pace of sustainable digitalization.

Sevco Security

Sevco Security

Sevco Delivers Real-time Asset Intelligence to Identify and Close Unknown Security Gaps.

CyberUSA

CyberUSA

CyberUSA is a collaboration of leaders and states focused on a common mission purpose of enabling innovation, education, workforce development, enhanced cyber readiness and resilience.

Zigrin Security

Zigrin Security

Zigrin Security offer comprehensive, hands-on security testing of internal networks, applications, cloud-based solutions, e-commerce applications and mobile devices.

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.