Russian Internet Research Agency Has A New Propaganda Campaign

Uploaded on 2018-11-19 in TECHNOLOGY-Key Areas-Social Media, NEWS-Cybersecurity News, FREE TO VIEW

The Mueller-indicted Russian troll farm known as the Internet Research Agency (IRA) is apparently declaring victory in the US election and warning the “citizens of the United States of America” that “your intelligence agencies are powerless.”

“Despite all their efforts, we have thousands of accounts registered on Facebook, Twitter and Reddit spreading political propaganda,” read a statement attributed to the St. Petersburg-based organisation. “These accounts work 24 hours a day, seven days a week to discredit anti-Russian candidates and support politicians more useful for us than for you.”

The statement appeared on a website titled the “Internet Research Agency American Division” that popped up over the weekend. Featuring a clip art logo of a green goblin typing on a laptop, and packed with absurd boasts about the IRA’s prowess, the site at first appeared to be a lampoon. 

But on Tuesday 6th November it posted a previously unseen list of 100 IRA Instagram accounts that Facebook confirmed as authentic.

It’s still not entirely clear if the website is intended as self-parody, a parody of US perceptions of Russian information operations, or an earnest effort to terrify the American citizenry and cast doubt on the midterm results. 

“Hundreds of your fellow citizens are our unintentional agents unaware of the fact that they actually act for the good of the Russian ‘troll farm,’” the statement declared. “We have allies and spoilers intervening the political campaigns of the candidates for both parties. The victory of the Democratic party is our top priority in these midterm elections.”

“Soon after November 6, you will realise that your vote means nothing,” the statement reads. “We decide who you vote for and what candidates will win or lose. Whether you vote or not, there is no difference as we control the voting and counting systems. Remember, your vote has zero value. We are choosing for you.”

The public saber-rattling may be a sign that the IRA is still struggling to recover from the exposure and social media bans that began last year, said Clint Watts, a research fellow at the Foreign Policy Research Institute. 

“They’re suffering because they can’t build an audience,” said Watts. “It also looks like they’re trying to claim, ‘Yeah, we won this for the Democrats’… This plays into Trump’s narrative and it promotes distrust in American institutions.”

There’s circumstantial evidence that the IRA has lately been trying to insert itself into its own fake news.

Last month an anonymous source offered news outlets including The Daily Beast a tranche of supposedly leaked legal documents about the IRA that turned out to be some old already-public material padded with corrupt ZIP files made from gigabytes of random congressional proceedings. 

Days later, a former IRA video blogger who went by “Williams Johnson” reached out to The Daily Beast and nearly two dozen other publications with a dramatic YouTube video claiming he’d mounted a desperate “escape from the troll factory” and now feared arrest. Former IRA workers have discussed their work openly in the press without being thrown in a gulag.

The IRA has trolled the Western press in the past. In October last year the troll farm blasted out emails to news outlets soliciting advance questions for an upcoming “ask me anything” session on Reddit, and even posted a video (also starring Johnson) promoting the event on two of the fraudulent websites it used in its 2016 election interference campaign. 

When the AMA unfolded two months later, the trolls packed the subreddit with their own fake accounts, and asked themselves the reporters’ questions.

Facebook also seems to be a target of the IRA’s annoyance. Acting on a tip from US officials, on Monday 5th November the company shut down 115 suspected troll accounts, 30 on Facebook and 85 on Instagram. The troll farm website mocked that effort.

“Facebook and intelligence agencies tried to stop us but they only managed to uncover 1/25 of the whole picture,” it said. The bottom of the post contained a list of about 100 Instagram accounts. Facebook security chief Nathaniel Gleicher said in a statement that most of the accounts on the list were the ones that the company had just deleted.

“We had already blocked most of these accounts yesterday, and have now blocked the rest,” Gleicher said in the statement. “This is a timely reminder that these bad actors won’t give up, and why it’s so important we work with the US government and other technology companies to stay ahead.”

Caches of the IRA Instagram accounts show they’re mostly the same mix as the IRA’s previous work. The conservative account “American Made” featured patriotic posts about guns and flags, while “Bring America Back” pushed more direct pro-Trump content. 

The Daily Beast:

You Might Also Read:

Learning About Russian Hackers:

The US Is Losing the Information War To Russia

« How Companies Can Minimise Cyber Attack Damage
China Exports Cyber Surveillance To Africa »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clearwater Security & Compliance

Clearwater Security & Compliance

Clearwater Compliance specialize in Privacy, Security, Compliance and Risk Management Solutions for Health Care, Law Firms and other businesses.

Swedish Civil Contingencies Agency (MSB)

Swedish Civil Contingencies Agency (MSB)

MSB's Information Assurance Department is responsible for supporting and coordinating work relating to Sweden's national societal information security.

Repository of Industrial Security Incidents (RISI)

Repository of Industrial Security Incidents (RISI)

RISI is a database of cyber security incidents that have (or could have) affected process control, industrial automation or SCADA systems.

Institute for Cyber Security Innovation - Royal Holloway

Institute for Cyber Security Innovation - Royal Holloway

The Institute for Cyber Security Innovation aims to bring together Academia, Industry and Government to be a catalyst for applied research and innovation in cyber security policy and solutions.

Monegasque Digital Security Agency (AMSN)

Monegasque Digital Security Agency (AMSN)

AMSN is the national authority in charge of the security of information systems in Monaco.

Aporeto

Aporeto

The Aporeto platform protects cloud applications from attack by authenticating and authorizing all communications with a cryptographically signed identity assigned to every workload.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

Axio Global

Axio Global

Axio is a leading cyber risk management SaaS company. Our Axio360 platform gives companies visibility to their cyber risk, and enables them to prioritize investments to protect their business.

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance provides an array of cybersecurity services including cybersecurity policy management, risk assessments and regulatory compliance consulting.

Trellix

Trellix

Trellix is an extended detection and response (XDR) solutions provider created from a merger of McAfee Enterprise and FireEye Products.

PlexTrac

PlexTrac

PlexTrac is a cybersecurity reporting and workflow management platform that supercharges security programs, making them more effective, efficient, and proactive.

Votiro

Votiro

Votiro is an award-winning cybersecurity company that specializes in file sanitization, ensuring every organization is safe from zero-day and undisclosed attacks.

QuantumCTek

QuantumCTek

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.

RADICL

RADICL

RADICL's mission is to give SMBs that serve America's Defense Industrial Base (DIB) access to strong, enterprise-grade cyber security protection.

Synagex

Synagex

Synagex Modern IT is a simple IT and cybersecurity solution for businesses.