Is It Possible To Neutralise Fake News?

Uploaded on 2017-02-28 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Estonia. Georgia. Ukraine. Czech Republic. Germany. Russian disinformation & fake news is nothing new.

In response to Donald Trump’s executive order banning citizens of seven predominantly Muslim countries from entering the United States, Senators John McCain and Lindsey Graham issued a joint statement arguing that the measure would “do more to help terrorist recruitment than improve our security.”

In response, Trump took to Twitter. “The two Senators should focus their energies on ISIS, illegal immigration and border security instead of always looking to start World War III,” he tweeted.  

This invocation of World War III, which he also made in Charlotte, North Carolina during the campaign (“You’re going to end up in World War III over Syria if we listen to Hillary Clinton”) bears a striking similarity to those aired by Russia’s state-owned media, as Anne Applebaum pointed out in October.

Russian state media outlets favor headlines like “Are NATO’s Massive War Games on Russia’s Border a Pretext to World War III?” from Sputnik in May 2016, or “US Bombing Syrian Army Would Start World War III,” from the same site in October, and “Trump’s Victory Prevented World War 3” from November. Lately, Russian state media have suggested that Trump has been battling a coup to remove him from office since before inauguration. “Is the United States facing a coup d’état?” a British RT columnist wrote in December.

These headlines are characteristic of the disinformation campaigns the Kremlin uses to frighten and destabilize its eastern European neighbors.

The precise nature of Russian state-backed interference in the last November’s US presidential election and the contact, if any, between Russian officials and members of President Trump’s election campaign, may never be fully known.

But the apocalyptic stylings of Russian disinformation have reached across the Atlantic. Resisting this strain of anxious rhetoric means looking to its origin.

Not coincidentally, Senators McCain, Graham, and Amy Klobuchar recently returned from a tour of the Baltic countries, Ukraine, and Georgia, where they sought to restore confidence in US support for their continued independence.

Each of those countries, along with Finland and Sweden, have been targeted by Russian disinformation campaigns attempting to exploit regional, ethnic, religious, and linguistic divisions, usually pitting Russian-speaking populations in Scandinavia, the Baltic region, and Ukraine, against their neighbors, in an effort to divide and conquer.

The alleged Russian interference campaign against the United States, involving hacks and leaks damaging to the Democratic nominee Hillary Clinton, is different in some clear ways: It did not target a population of “Russian compatriots,” nor did it seek to reassert a Russian sphere of influence. It did not come from a neighboring aggressor. But like those earlier campaigns, it sought to exploit a fractured political landscape and sow confusion.

In 2007, the government of Estonia, a former Soviet satellite that Russian President Vladimir Putin still considers a part of his country’s sphere of influence, decided to relocate what is known as the “Bronze Soldier of Tallinn,” a memorial to Soviet soldiers killed in World War II. The Kremlin quickly condemned the plan.

Despite Russia’s response, Estonian officials proceeded with the removal. Soon afterwards, the country was hit with a torrent of crippling distributed denial-of-service attacks that took down critical pieces of the government, banking, and media infrastructure.

Russia has officially denied involvement in the attack, but multiple Russian political figures have claimed responsibility, and Estonian officials have little doubt about the origin of the attacks.

As Piret Pernik, a cyber-security researcher at Tallinn’s International Centre for Defense and Security (ICDS) explained, the assault was meant to impact national decision-making, and reverse the decision to relocate the bronze soldier to a military cemetery.

The same was true of the hacks of the Democratic National Committee and campaign officials, which were geared toward changing public opinion and voters’ choice, she said.

In the years that followed, Russia refined its disruptive techniques in the invasions of Georgia in 2008, and Ukraine in 2014, in an effort to distance both countries from NATO and reassert Russian political control.

Ukraine has been subject to a series of cyber-attacks on critical infrastructure since the Maidan revolution. More recently, the Czech Republic and Germany have been hit by DNC-style cyber operations.

Learning to respond to such intervention is a gradual, but ultimately straightforward process, as Jed Willard, director of the Franklin Delano Roosevelt Center for Global Engagement at Harvard, explained. “When Russia attacked Georgia, they lost the war of ideas. Georgia was very efficient in demonstrating to the west that they were the victim.” With Putin’s return to the presidency in 2012, Russia recommitted to information warfare. “The Russians realised that their information operations were not as effective. So they doubled down and heavily invested in research and in staff,” Willard said.

Five months after the annexation of Crimea in 2014, a dozen Russian television channels were banned from Ukraine for “broadcasting propaganda of war and violence.” But those channels had spread an abundance of falsehoods in the intervening months.

In one now-infamous case, the Russian state TV station Channel One aired a story claiming locals in the Ukrainian town of Slavyansk had crucified a three-year-old boy in the town square. The claim was quickly debunked by Ukrainian and Western sources on the ground, but the story proliferated across the Russian Internet, drumming up anti-Ukrainian sentiment and support for Russia’s military action in Crimea and in Eastern Ukraine.

A similar tactic was used to spread word of false “NATO war preparation against Russia” involving the deployment of 3,600 tanks. Initially reported by the small state media outlet of the Donetsk People’s Republic, the Russian-backed separatist organisation in occupied Eastern Ukraine, the story was replicated over 40,000 times within three days across the United States, Canada, and Europe, according to the Atlantic Council’s Digital Forensics Research Lab. It was a clear case of what the lab calls “disinformation laundering.”

“In Ukraine, there was a lot of uncertainty about what was going on. In one day, all Russian TV channels starting issuing crazy fake stories,” said Tetiana Popova, Ukraine’s former deputy minister of information policy. “It’s a pity that we didn’t do things in time, earlier,” Popova added.

In the summer of 2016 as the Swedish government debated whether to join the NATO alliance, social media in the country swarmed with false rumors about the potential repercussions of the decision.

In Finland, where ethnic Russians are the country’s second-largest minority group, Russian state media circulated false claims that children of Russian mothers in Finland were being removed from their households by Finnish authorities, and that in Europe, children of straight parents were being removed and placed in the care of gay couples. The Russian children’s rights ombudsman accused Finland of perpetrating “juvenile terror.”  

The Swedish and Finnish governments turned to Willard, who has worked extensively on public diplomacy campaigns, to help formulate a response. “Number one, have a message. It needs to be a good, positive one. Number two, stay on message. Do not repeat lies,” Willard said.

He helped the governments of Finland and Sweden to distill their core national values into coherent, positive narratives that could counter-message Russian propaganda, a much easier task for the smaller, more homogeneous Scandinavian nations than it would be for the United States.

Today in Finland, government-run training sessions teach border guards, child protection agencies, educators, and civil servants how to respond to propaganda. In Sweden, a “Civil Contingencies Agency” makes similar preparations.

“The most important thing is salience. The US is not going to get the unified message the way they did. What’s the Swedish message? Free press. What’s the Finnish message? Rule of law. What’s the American message? No one knows,” Willard said. “For the Finns this job was a lot easier than, say, for the Americans, because we don’t agree very much. We’ve really lost the [national] story, because we’ve stopped drilling it into our children,” he said.

Since 2007, Estonia has emerged as one of the leading players in detecting and combating Russian meddling, both online, where it arrives in the form of coordinated cyber-attacks and propaganda campaigns, as well as through more conventional forms of espionage.

The severity of the 2007 attacks forced the government to enhance cooperation both domestically and with its NATO partners “to raise awareness of the Kremlin’s means and methods,” as Harrys Puusepp, press officer for the Estonian Internal Security Service, wrote in an email. The trick, he said, is to prepare for the “lies and half-truths are going to be used against you.”

In 2010, Estonia introduced a new long-term national defense strategy that emphasized “psychological defense,” which it defined as “the development, preservation and protection of common values associated with social cohesion and the sense of security.” The government also launched a Russian-language domestic television channel aimed at “empower[ing] the local identity,” in the words of Ilmar Raag, a filmmaker who helped devise the psychological defense efforts.

Now, the small nation is experimenting with training a portion of new draftees as “cyber-conscripts,” focused on information security, rather than on conventional warfare. The country’s domestic and foreign security services issue annual reports detailing the state of national security operations inside and outside its borders, which more often than not focus on Russian attempts at interference.

Yet it has been difficult to determine the impact of these efforts, Russian-produced news outlets are still widely available in Estonia, after all. The Russian and Estonian populations still often “reside in separate information spaces and hold divergent perceptions and perspectives not just about each other, but also about the Estonian state and its history, its threat environment, and its national security policies,” a 2014 ICDS report found.

While Estonia offers some instructive examples for the United Sates, state attempts at responding to Russian influence in Ukraine and elsewhere in the Baltic region have been less successful.

Outright bans of Russian broadcasters, websites, and journalists tend to backfire, as Peter Pomerantsev and Marina Presenti found in a July 2016 survey of Ukrainian responses to propaganda, which calls for the introduction of stronger government media regulations. Operations attempting to “fact-check the news” are often too narrowly focused, reaching only a select audience of already-engaged readers.

You don’t have to educate the population too much about the Russian threat in Estonia, but it’s quite unknown in America.

For now, it seems unlikely that the Trump administration will choose to respond to Russia’s alleged interference in the United States. But that doesn’t mean that the private sector and civil society cannot. Those who choose to do so should consider the strategies that nations long familiar with these methods have deployed in response.

America’s experience with Russian disinformation seems to have “really broadened US interest in [disinformation], such that it almost matches that in Central and Eastern Europe,” said Donald Jensen, a senior adjunct fellow at the Center for European Policy Analysis.

“You don’t have to educate the population too much about the seriousness of the Russian threat in Estonia, but it’s quite unknown in America, though maybe now that’s changing,” Eerik-Niiles Kross, an Estonian member of parliament and former intelligence director said.

“The whole Western world needed to see it happening in the US to understand that it is not some ‘paranoia’ of the Eastern European states when they warn about the Kremlin’s hostile actions,” one EU official dealing with information warfare who spoke on the condition of anonymity told me.

Awareness of the threat, of the potential for head fakes and distracting diversions is half the battle.

“It’s like playing a game of fetch in the forest,” Arnold Sinisalu, head of the Estonian Internal Security Service, said about of Russia’s strategy. “They want us to think only about that game, while the main problem is somewhere else. But it’s not that easy, we’re not playing that game.”

DefenseOne

NATO Tools Up For Cybewar:       How Cyber Propaganda Influenced Politics in 2016

Social Media and the 'Information War’- Russia is Winning:

 

« Banks Lack Confidence They Can Detect Data Breaches
Welcome To Australia: No More Passports & Biometric Identification »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Digital Gurus Recruitment

Digital Gurus Recruitment

Digital Gurus provide specialist recruitment services in areas including IT and information security

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

Rollbar

Rollbar

Rollbar is a full-stack error monitoring platform for web and mobile applications. We help developers find and fix bugs fast. Built by developers for developers.

Digital Detective

Digital Detective

Digital Detective offer a range of products and services for digital forensic analysis and advanced data recovery.

Omada

Omada

Omada is a leading provider of IT security solutions and services for identity management and access governance.

Fyde

Fyde

Fyde helps companies with an increasingly distributed workforce mitigate breach risk by enabling secure access to critical enterprise resources.

Ingenio Global

Ingenio Global

Ingenio is a specialist recruitment business for SaaS companies. Our purpose is to source exceptional talent in areas including cyber security for leading SaaS companies in the UK and Ireland.

Savanti Consulting

Savanti Consulting

Savanti provides practitioner-led cyber security services tailored to meet each organisation’s unique requirements.

Dynics

Dynics

The Dynics ICS-Defender is an Industrial Control System Security Appliance for OT or OT/IT convergent environments.

Finnish Security & Intelligence Service (SUPO)

Finnish Security & Intelligence Service (SUPO)

The Finnish Security and Intelligence Service is a government agency tasked with combating serious threats to national security in Finland.

TheGreenBow

TheGreenBow

TheGreenBow is a trusted VPN software company. We help organizations and individuals become cyber-responsible. For this, we design and develop reliable and easy-to-use solutions.

Gravitee

Gravitee

Gravitee helps organizations manage and secure their entire API lifecycle with solutions for API design, management, security, productization, real-time observability, and more.

Zyber 365

Zyber 365

Zyber 365 are providing a robust, decentralized, and cyber-secured operating system which adheres to the fundamental principles of environmental sustainability.

Tracebit

Tracebit

Tracebit uses decoys to detect and respond to cloud intrusions in minutes.

Dryad Global

Dryad Global

Dryad Global offers a comprehensive suite of maritime intelligence solutions, including a best-in-class situational awareness, planning and security system and industry-leading cyber protection tools.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.