Is It Possible To Neutralise Fake News?

Estonia. Georgia. Ukraine. Czech Republic. Germany. Russian disinformation & fake news is nothing new.

In response to Donald Trump’s executive order banning citizens of seven predominantly Muslim countries from entering the United States, Senators John McCain and Lindsey Graham issued a joint statement arguing that the measure would “do more to help terrorist recruitment than improve our security.”

In response, Trump took to Twitter. “The two Senators should focus their energies on ISIS, illegal immigration and border security instead of always looking to start World War III,” he tweeted.  

This invocation of World War III, which he also made in Charlotte, North Carolina during the campaign (“You’re going to end up in World War III over Syria if we listen to Hillary Clinton”) bears a striking similarity to those aired by Russia’s state-owned media, as Anne Applebaum pointed out in October.

Russian state media outlets favor headlines like “Are NATO’s Massive War Games on Russia’s Border a Pretext to World War III?” from Sputnik in May 2016, or “US Bombing Syrian Army Would Start World War III,” from the same site in October, and “Trump’s Victory Prevented World War 3” from November. Lately, Russian state media have suggested that Trump has been battling a coup to remove him from office since before inauguration. “Is the United States facing a coup d’état?” a British RT columnist wrote in December.

These headlines are characteristic of the disinformation campaigns the Kremlin uses to frighten and destabilize its eastern European neighbors.

The precise nature of Russian state-backed interference in the last November’s US presidential election and the contact, if any, between Russian officials and members of President Trump’s election campaign, may never be fully known.

But the apocalyptic stylings of Russian disinformation have reached across the Atlantic. Resisting this strain of anxious rhetoric means looking to its origin.

Not coincidentally, Senators McCain, Graham, and Amy Klobuchar recently returned from a tour of the Baltic countries, Ukraine, and Georgia, where they sought to restore confidence in US support for their continued independence.

Each of those countries, along with Finland and Sweden, have been targeted by Russian disinformation campaigns attempting to exploit regional, ethnic, religious, and linguistic divisions, usually pitting Russian-speaking populations in Scandinavia, the Baltic region, and Ukraine, against their neighbors, in an effort to divide and conquer.

The alleged Russian interference campaign against the United States, involving hacks and leaks damaging to the Democratic nominee Hillary Clinton, is different in some clear ways: It did not target a population of “Russian compatriots,” nor did it seek to reassert a Russian sphere of influence. It did not come from a neighboring aggressor. But like those earlier campaigns, it sought to exploit a fractured political landscape and sow confusion.

In 2007, the government of Estonia, a former Soviet satellite that Russian President Vladimir Putin still considers a part of his country’s sphere of influence, decided to relocate what is known as the “Bronze Soldier of Tallinn,” a memorial to Soviet soldiers killed in World War II. The Kremlin quickly condemned the plan.

Despite Russia’s response, Estonian officials proceeded with the removal. Soon afterwards, the country was hit with a torrent of crippling distributed denial-of-service attacks that took down critical pieces of the government, banking, and media infrastructure.

Russia has officially denied involvement in the attack, but multiple Russian political figures have claimed responsibility, and Estonian officials have little doubt about the origin of the attacks.

As Piret Pernik, a cyber-security researcher at Tallinn’s International Centre for Defense and Security (ICDS) explained, the assault was meant to impact national decision-making, and reverse the decision to relocate the bronze soldier to a military cemetery.

The same was true of the hacks of the Democratic National Committee and campaign officials, which were geared toward changing public opinion and voters’ choice, she said.

In the years that followed, Russia refined its disruptive techniques in the invasions of Georgia in 2008, and Ukraine in 2014, in an effort to distance both countries from NATO and reassert Russian political control.

Ukraine has been subject to a series of cyber-attacks on critical infrastructure since the Maidan revolution. More recently, the Czech Republic and Germany have been hit by DNC-style cyber operations.

Learning to respond to such intervention is a gradual, but ultimately straightforward process, as Jed Willard, director of the Franklin Delano Roosevelt Center for Global Engagement at Harvard, explained. “When Russia attacked Georgia, they lost the war of ideas. Georgia was very efficient in demonstrating to the west that they were the victim.” With Putin’s return to the presidency in 2012, Russia recommitted to information warfare. “The Russians realised that their information operations were not as effective. So they doubled down and heavily invested in research and in staff,” Willard said.

Five months after the annexation of Crimea in 2014, a dozen Russian television channels were banned from Ukraine for “broadcasting propaganda of war and violence.” But those channels had spread an abundance of falsehoods in the intervening months.

In one now-infamous case, the Russian state TV station Channel One aired a story claiming locals in the Ukrainian town of Slavyansk had crucified a three-year-old boy in the town square. The claim was quickly debunked by Ukrainian and Western sources on the ground, but the story proliferated across the Russian Internet, drumming up anti-Ukrainian sentiment and support for Russia’s military action in Crimea and in Eastern Ukraine.

A similar tactic was used to spread word of false “NATO war preparation against Russia” involving the deployment of 3,600 tanks. Initially reported by the small state media outlet of the Donetsk People’s Republic, the Russian-backed separatist organisation in occupied Eastern Ukraine, the story was replicated over 40,000 times within three days across the United States, Canada, and Europe, according to the Atlantic Council’s Digital Forensics Research Lab. It was a clear case of what the lab calls “disinformation laundering.”

“In Ukraine, there was a lot of uncertainty about what was going on. In one day, all Russian TV channels starting issuing crazy fake stories,” said Tetiana Popova, Ukraine’s former deputy minister of information policy. “It’s a pity that we didn’t do things in time, earlier,” Popova added.

In the summer of 2016 as the Swedish government debated whether to join the NATO alliance, social media in the country swarmed with false rumors about the potential repercussions of the decision.

In Finland, where ethnic Russians are the country’s second-largest minority group, Russian state media circulated false claims that children of Russian mothers in Finland were being removed from their households by Finnish authorities, and that in Europe, children of straight parents were being removed and placed in the care of gay couples. The Russian children’s rights ombudsman accused Finland of perpetrating “juvenile terror.”  

The Swedish and Finnish governments turned to Willard, who has worked extensively on public diplomacy campaigns, to help formulate a response. “Number one, have a message. It needs to be a good, positive one. Number two, stay on message. Do not repeat lies,” Willard said.

He helped the governments of Finland and Sweden to distill their core national values into coherent, positive narratives that could counter-message Russian propaganda, a much easier task for the smaller, more homogeneous Scandinavian nations than it would be for the United States.

Today in Finland, government-run training sessions teach border guards, child protection agencies, educators, and civil servants how to respond to propaganda. In Sweden, a “Civil Contingencies Agency” makes similar preparations.

“The most important thing is salience. The US is not going to get the unified message the way they did. What’s the Swedish message? Free press. What’s the Finnish message? Rule of law. What’s the American message? No one knows,” Willard said. “For the Finns this job was a lot easier than, say, for the Americans, because we don’t agree very much. We’ve really lost the [national] story, because we’ve stopped drilling it into our children,” he said.

Since 2007, Estonia has emerged as one of the leading players in detecting and combating Russian meddling, both online, where it arrives in the form of coordinated cyber-attacks and propaganda campaigns, as well as through more conventional forms of espionage.

The severity of the 2007 attacks forced the government to enhance cooperation both domestically and with its NATO partners “to raise awareness of the Kremlin’s means and methods,” as Harrys Puusepp, press officer for the Estonian Internal Security Service, wrote in an email. The trick, he said, is to prepare for the “lies and half-truths are going to be used against you.”

In 2010, Estonia introduced a new long-term national defense strategy that emphasized “psychological defense,” which it defined as “the development, preservation and protection of common values associated with social cohesion and the sense of security.” The government also launched a Russian-language domestic television channel aimed at “empower[ing] the local identity,” in the words of Ilmar Raag, a filmmaker who helped devise the psychological defense efforts.

Now, the small nation is experimenting with training a portion of new draftees as “cyber-conscripts,” focused on information security, rather than on conventional warfare. The country’s domestic and foreign security services issue annual reports detailing the state of national security operations inside and outside its borders, which more often than not focus on Russian attempts at interference.

Yet it has been difficult to determine the impact of these efforts, Russian-produced news outlets are still widely available in Estonia, after all. The Russian and Estonian populations still often “reside in separate information spaces and hold divergent perceptions and perspectives not just about each other, but also about the Estonian state and its history, its threat environment, and its national security policies,” a 2014 ICDS report found.

While Estonia offers some instructive examples for the United Sates, state attempts at responding to Russian influence in Ukraine and elsewhere in the Baltic region have been less successful.

Outright bans of Russian broadcasters, websites, and journalists tend to backfire, as Peter Pomerantsev and Marina Presenti found in a July 2016 survey of Ukrainian responses to propaganda, which calls for the introduction of stronger government media regulations. Operations attempting to “fact-check the news” are often too narrowly focused, reaching only a select audience of already-engaged readers.

You don’t have to educate the population too much about the Russian threat in Estonia, but it’s quite unknown in America.

For now, it seems unlikely that the Trump administration will choose to respond to Russia’s alleged interference in the United States. But that doesn’t mean that the private sector and civil society cannot. Those who choose to do so should consider the strategies that nations long familiar with these methods have deployed in response.

America’s experience with Russian disinformation seems to have “really broadened US interest in [disinformation], such that it almost matches that in Central and Eastern Europe,” said Donald Jensen, a senior adjunct fellow at the Center for European Policy Analysis.

“You don’t have to educate the population too much about the seriousness of the Russian threat in Estonia, but it’s quite unknown in America, though maybe now that’s changing,” Eerik-Niiles Kross, an Estonian member of parliament and former intelligence director said.

“The whole Western world needed to see it happening in the US to understand that it is not some ‘paranoia’ of the Eastern European states when they warn about the Kremlin’s hostile actions,” one EU official dealing with information warfare who spoke on the condition of anonymity told me.

Awareness of the threat, of the potential for head fakes and distracting diversions is half the battle.

“It’s like playing a game of fetch in the forest,” Arnold Sinisalu, head of the Estonian Internal Security Service, said about of Russia’s strategy. “They want us to think only about that game, while the main problem is somewhere else. But it’s not that easy, we’re not playing that game.”

DefenseOne

NATO Tools Up For Cybewar:       How Cyber Propaganda Influenced Politics in 2016

Social Media and the 'Information War’- Russia is Winning:

 

« Banks Lack Confidence They Can Detect Data Breaches
Welcome To Australia: No More Passports & Biometric Identification »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Skybox Security

Skybox Security

Skybox combines firewall and network device data with vulnerability and threat intelligence, putting security decisions in your unique network context.

CLUSIF

CLUSIF

Clusif is the reference association for digital security in France. Its mission is to promote the exchange of ideas and feedback through working groups, conferences and publications.

CSIRT Panama

CSIRT Panama

CSIRT Panama is the national Computer Incident Response Team for Panama.

PartnerRe

PartnerRe

PartnerRe provides multi-line reinsurance to insurance companies on a worldwide basis. Services include Cyber Risk.

ThreatBook

ThreatBook

ThreatBook is dedicated to providing real-time, accurate and actionable threat intelligence to block, detect and prevent attacks.

Andreessen Horowitz (a16z)

Andreessen Horowitz (a16z)

Andreessen Horowitz (known as "a16z") is a venture capital firm in Silicon Valley, California that backs bold entrepreneurs building the future through technology.

GELLIFY

GELLIFY

GELLIFY is the first innovation platform dedicated to the high-tech B2B market, supporting start-ups and companies.

eSec Forte Technologies

eSec Forte Technologies

eSec Forte Technologies is a CMMI Level-3 ISO 9001-2008, 27001-2013 certified global consulting and implementation company focused on Information Security and Cyber Security.

ZARIOT

ZARIOT

ZARIOT's mission is to restore order to what is becoming connected chaos in IoT by bringing unrivalled security, control and quality of service.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Prescient Solutions

Prescient Solutions

Prescient Solutions is a managed services provider, using a cloud-based model to provide IT solutions to small, mid-sized, global organizations and government entities.

Avint

Avint

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

Edge Security

Edge Security

Edge Security is an information security research and consulting firm of expert hackers.

Leaf IT

Leaf IT

Leaf IT are a pioneering cloud-first MSP, dedicated to helping businesses in the UK and Ireland. We focus on delivering tangible results for our clients through IT transformation.

ClearFocus Technologies

ClearFocus Technologies

ClearFocus Technologies provides advanced cybersecurity services that secure our nation’s most sensitive assets.