Russian Internet Research Agency Has A New Propaganda Campaign

The Mueller-indicted Russian troll farm known as the Internet Research Agency (IRA) is apparently declaring victory in the US election and warning the “citizens of the United States of America” that “your intelligence agencies are powerless.”

“Despite all their efforts, we have thousands of accounts registered on Facebook, Twitter and Reddit spreading political propaganda,” read a statement attributed to the St. Petersburg-based organisation. “These accounts work 24 hours a day, seven days a week to discredit anti-Russian candidates and support politicians more useful for us than for you.”

The statement appeared on a website titled the “Internet Research Agency American Division” that popped up over the weekend. Featuring a clip art logo of a green goblin typing on a laptop, and packed with absurd boasts about the IRA’s prowess, the site at first appeared to be a lampoon. 

But on Tuesday 6th November it posted a previously unseen list of 100 IRA Instagram accounts that Facebook confirmed as authentic.

It’s still not entirely clear if the website is intended as self-parody, a parody of US perceptions of Russian information operations, or an earnest effort to terrify the American citizenry and cast doubt on the midterm results. 

“Hundreds of your fellow citizens are our unintentional agents unaware of the fact that they actually act for the good of the Russian ‘troll farm,’” the statement declared. “We have allies and spoilers intervening the political campaigns of the candidates for both parties. The victory of the Democratic party is our top priority in these midterm elections.”

“Soon after November 6, you will realise that your vote means nothing,” the statement reads. “We decide who you vote for and what candidates will win or lose. Whether you vote or not, there is no difference as we control the voting and counting systems. Remember, your vote has zero value. We are choosing for you.”

The public saber-rattling may be a sign that the IRA is still struggling to recover from the exposure and social media bans that began last year, said Clint Watts, a research fellow at the Foreign Policy Research Institute. 

“They’re suffering because they can’t build an audience,” said Watts. “It also looks like they’re trying to claim, ‘Yeah, we won this for the Democrats’… This plays into Trump’s narrative and it promotes distrust in American institutions.”

There’s circumstantial evidence that the IRA has lately been trying to insert itself into its own fake news.

Last month an anonymous source offered news outlets including The Daily Beast a tranche of supposedly leaked legal documents about the IRA that turned out to be some old already-public material padded with corrupt ZIP files made from gigabytes of random congressional proceedings. 

Days later, a former IRA video blogger who went by “Williams Johnson” reached out to The Daily Beast and nearly two dozen other publications with a dramatic YouTube video claiming he’d mounted a desperate “escape from the troll factory” and now feared arrest. Former IRA workers have discussed their work openly in the press without being thrown in a gulag.

The IRA has trolled the Western press in the past. In October last year the troll farm blasted out emails to news outlets soliciting advance questions for an upcoming “ask me anything” session on Reddit, and even posted a video (also starring Johnson) promoting the event on two of the fraudulent websites it used in its 2016 election interference campaign. 

When the AMA unfolded two months later, the trolls packed the subreddit with their own fake accounts, and asked themselves the reporters’ questions.

Facebook also seems to be a target of the IRA’s annoyance. Acting on a tip from US officials, on Monday 5th November the company shut down 115 suspected troll accounts, 30 on Facebook and 85 on Instagram. The troll farm website mocked that effort.

“Facebook and intelligence agencies tried to stop us but they only managed to uncover 1/25 of the whole picture,” it said. The bottom of the post contained a list of about 100 Instagram accounts. Facebook security chief Nathaniel Gleicher said in a statement that most of the accounts on the list were the ones that the company had just deleted.

“We had already blocked most of these accounts yesterday, and have now blocked the rest,” Gleicher said in the statement. “This is a timely reminder that these bad actors won’t give up, and why it’s so important we work with the US government and other technology companies to stay ahead.”

Caches of the IRA Instagram accounts show they’re mostly the same mix as the IRA’s previous work. The conservative account “American Made” featured patriotic posts about guns and flags, while “Bring America Back” pushed more direct pro-Trump content. 

The Daily Beast:

You Might Also Read:

Learning About Russian Hackers:

The US Is Losing the Information War To Russia

« How Companies Can Minimise Cyber Attack Damage
China Exports Cyber Surveillance To Africa »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Oppida

Oppida

Oppida provides tailored IT security services to help you identify security gaps and assist in finding the most effective remediation.

Westermo Network Technologies

Westermo Network Technologies

Westermo designs and manufactures robust, resilient and secure data communications products for mission-critical industrial systems.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

LaoCERT

LaoCERT

LaoCERT is the national Computer Incident Response Team for Laos.

Banshie

Banshie

Banshie is an independent cyber security company with a small team of recognized specialist that are among the best in their field.

Cybil

Cybil

Cybil is a publicly-available portal where members of the international cyber capacity building community can find and share information to support the design and delivery of programs and projects.

BTblock

BTblock

Blockchain and cybersecurity is a vital combination for Enterprise success. BTblock is a Force Multiplier for its clients.

Techfusion

Techfusion

Techfusion is a cyber security research and consulting firm focusing on digital forensics and data recovery.

KETS Quantum Security

KETS Quantum Security

KETS harnesses the properties of quantum mechanics to solve challenging problems in randomness generation and secure key distribution and enable ultra secure communications.

Turnkey Consulting

Turnkey Consulting

Turnkey Consulting is a leading provider of Integrated Risk Management (IRM), Identity Access Management (IAM), and Cyber and Application Security.

WhiteJar

WhiteJar

WhiteJar offers an innovative approach to modern cybersecurity needs, empowering Ethical Hackers within its unique crowd platform.

ICS

ICS

ICS is a leading provider of outsourced IT services, cybersecurity, communications, and distributed workforce solutions throughout the US.

Single Point of Contact

Single Point of Contact

Single Point of Contact is a Managed IT Services provider that helps businesses to achieve a seamless and secure IT environment.

Strivacity

Strivacity

Strivacity lets brands quickly add secure login and identity management capabilities to their customer-facing applications without tying up an army of developers or consultants to do it.

Radius Technologies

Radius Technologies

Radius Technologies is trusted by progressive SMEs to deliver world-class cloud, IT solutions, IT and data security, and telecoms systems.

Defendis

Defendis

Defendis develops AI-powered cybersecurity solutions for Government Agencies, Banks, and Businesses, designed to helps them contain data leaks, minimise damage, and proactively hunt for new threats.