Is It Possible To Neutralise Fake News?

Uploaded on 2017-02-28 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Estonia. Georgia. Ukraine. Czech Republic. Germany. Russian disinformation & fake news is nothing new.

In response to Donald Trump’s executive order banning citizens of seven predominantly Muslim countries from entering the United States, Senators John McCain and Lindsey Graham issued a joint statement arguing that the measure would “do more to help terrorist recruitment than improve our security.”

In response, Trump took to Twitter. “The two Senators should focus their energies on ISIS, illegal immigration and border security instead of always looking to start World War III,” he tweeted.  

This invocation of World War III, which he also made in Charlotte, North Carolina during the campaign (“You’re going to end up in World War III over Syria if we listen to Hillary Clinton”) bears a striking similarity to those aired by Russia’s state-owned media, as Anne Applebaum pointed out in October.

Russian state media outlets favor headlines like “Are NATO’s Massive War Games on Russia’s Border a Pretext to World War III?” from Sputnik in May 2016, or “US Bombing Syrian Army Would Start World War III,” from the same site in October, and “Trump’s Victory Prevented World War 3” from November. Lately, Russian state media have suggested that Trump has been battling a coup to remove him from office since before inauguration. “Is the United States facing a coup d’état?” a British RT columnist wrote in December.

These headlines are characteristic of the disinformation campaigns the Kremlin uses to frighten and destabilize its eastern European neighbors.

The precise nature of Russian state-backed interference in the last November’s US presidential election and the contact, if any, between Russian officials and members of President Trump’s election campaign, may never be fully known.

But the apocalyptic stylings of Russian disinformation have reached across the Atlantic. Resisting this strain of anxious rhetoric means looking to its origin.

Not coincidentally, Senators McCain, Graham, and Amy Klobuchar recently returned from a tour of the Baltic countries, Ukraine, and Georgia, where they sought to restore confidence in US support for their continued independence.

Each of those countries, along with Finland and Sweden, have been targeted by Russian disinformation campaigns attempting to exploit regional, ethnic, religious, and linguistic divisions, usually pitting Russian-speaking populations in Scandinavia, the Baltic region, and Ukraine, against their neighbors, in an effort to divide and conquer.

The alleged Russian interference campaign against the United States, involving hacks and leaks damaging to the Democratic nominee Hillary Clinton, is different in some clear ways: It did not target a population of “Russian compatriots,” nor did it seek to reassert a Russian sphere of influence. It did not come from a neighboring aggressor. But like those earlier campaigns, it sought to exploit a fractured political landscape and sow confusion.

In 2007, the government of Estonia, a former Soviet satellite that Russian President Vladimir Putin still considers a part of his country’s sphere of influence, decided to relocate what is known as the “Bronze Soldier of Tallinn,” a memorial to Soviet soldiers killed in World War II. The Kremlin quickly condemned the plan.

Despite Russia’s response, Estonian officials proceeded with the removal. Soon afterwards, the country was hit with a torrent of crippling distributed denial-of-service attacks that took down critical pieces of the government, banking, and media infrastructure.

Russia has officially denied involvement in the attack, but multiple Russian political figures have claimed responsibility, and Estonian officials have little doubt about the origin of the attacks.

As Piret Pernik, a cyber-security researcher at Tallinn’s International Centre for Defense and Security (ICDS) explained, the assault was meant to impact national decision-making, and reverse the decision to relocate the bronze soldier to a military cemetery.

The same was true of the hacks of the Democratic National Committee and campaign officials, which were geared toward changing public opinion and voters’ choice, she said.

In the years that followed, Russia refined its disruptive techniques in the invasions of Georgia in 2008, and Ukraine in 2014, in an effort to distance both countries from NATO and reassert Russian political control.

Ukraine has been subject to a series of cyber-attacks on critical infrastructure since the Maidan revolution. More recently, the Czech Republic and Germany have been hit by DNC-style cyber operations.

Learning to respond to such intervention is a gradual, but ultimately straightforward process, as Jed Willard, director of the Franklin Delano Roosevelt Center for Global Engagement at Harvard, explained. “When Russia attacked Georgia, they lost the war of ideas. Georgia was very efficient in demonstrating to the west that they were the victim.” With Putin’s return to the presidency in 2012, Russia recommitted to information warfare. “The Russians realised that their information operations were not as effective. So they doubled down and heavily invested in research and in staff,” Willard said.

Five months after the annexation of Crimea in 2014, a dozen Russian television channels were banned from Ukraine for “broadcasting propaganda of war and violence.” But those channels had spread an abundance of falsehoods in the intervening months.

In one now-infamous case, the Russian state TV station Channel One aired a story claiming locals in the Ukrainian town of Slavyansk had crucified a three-year-old boy in the town square. The claim was quickly debunked by Ukrainian and Western sources on the ground, but the story proliferated across the Russian Internet, drumming up anti-Ukrainian sentiment and support for Russia’s military action in Crimea and in Eastern Ukraine.

A similar tactic was used to spread word of false “NATO war preparation against Russia” involving the deployment of 3,600 tanks. Initially reported by the small state media outlet of the Donetsk People’s Republic, the Russian-backed separatist organisation in occupied Eastern Ukraine, the story was replicated over 40,000 times within three days across the United States, Canada, and Europe, according to the Atlantic Council’s Digital Forensics Research Lab. It was a clear case of what the lab calls “disinformation laundering.”

“In Ukraine, there was a lot of uncertainty about what was going on. In one day, all Russian TV channels starting issuing crazy fake stories,” said Tetiana Popova, Ukraine’s former deputy minister of information policy. “It’s a pity that we didn’t do things in time, earlier,” Popova added.

In the summer of 2016 as the Swedish government debated whether to join the NATO alliance, social media in the country swarmed with false rumors about the potential repercussions of the decision.

In Finland, where ethnic Russians are the country’s second-largest minority group, Russian state media circulated false claims that children of Russian mothers in Finland were being removed from their households by Finnish authorities, and that in Europe, children of straight parents were being removed and placed in the care of gay couples. The Russian children’s rights ombudsman accused Finland of perpetrating “juvenile terror.”  

The Swedish and Finnish governments turned to Willard, who has worked extensively on public diplomacy campaigns, to help formulate a response. “Number one, have a message. It needs to be a good, positive one. Number two, stay on message. Do not repeat lies,” Willard said.

He helped the governments of Finland and Sweden to distill their core national values into coherent, positive narratives that could counter-message Russian propaganda, a much easier task for the smaller, more homogeneous Scandinavian nations than it would be for the United States.

Today in Finland, government-run training sessions teach border guards, child protection agencies, educators, and civil servants how to respond to propaganda. In Sweden, a “Civil Contingencies Agency” makes similar preparations.

“The most important thing is salience. The US is not going to get the unified message the way they did. What’s the Swedish message? Free press. What’s the Finnish message? Rule of law. What’s the American message? No one knows,” Willard said. “For the Finns this job was a lot easier than, say, for the Americans, because we don’t agree very much. We’ve really lost the [national] story, because we’ve stopped drilling it into our children,” he said.

Since 2007, Estonia has emerged as one of the leading players in detecting and combating Russian meddling, both online, where it arrives in the form of coordinated cyber-attacks and propaganda campaigns, as well as through more conventional forms of espionage.

The severity of the 2007 attacks forced the government to enhance cooperation both domestically and with its NATO partners “to raise awareness of the Kremlin’s means and methods,” as Harrys Puusepp, press officer for the Estonian Internal Security Service, wrote in an email. The trick, he said, is to prepare for the “lies and half-truths are going to be used against you.”

In 2010, Estonia introduced a new long-term national defense strategy that emphasized “psychological defense,” which it defined as “the development, preservation and protection of common values associated with social cohesion and the sense of security.” The government also launched a Russian-language domestic television channel aimed at “empower[ing] the local identity,” in the words of Ilmar Raag, a filmmaker who helped devise the psychological defense efforts.

Now, the small nation is experimenting with training a portion of new draftees as “cyber-conscripts,” focused on information security, rather than on conventional warfare. The country’s domestic and foreign security services issue annual reports detailing the state of national security operations inside and outside its borders, which more often than not focus on Russian attempts at interference.

Yet it has been difficult to determine the impact of these efforts, Russian-produced news outlets are still widely available in Estonia, after all. The Russian and Estonian populations still often “reside in separate information spaces and hold divergent perceptions and perspectives not just about each other, but also about the Estonian state and its history, its threat environment, and its national security policies,” a 2014 ICDS report found.

While Estonia offers some instructive examples for the United Sates, state attempts at responding to Russian influence in Ukraine and elsewhere in the Baltic region have been less successful.

Outright bans of Russian broadcasters, websites, and journalists tend to backfire, as Peter Pomerantsev and Marina Presenti found in a July 2016 survey of Ukrainian responses to propaganda, which calls for the introduction of stronger government media regulations. Operations attempting to “fact-check the news” are often too narrowly focused, reaching only a select audience of already-engaged readers.

You don’t have to educate the population too much about the Russian threat in Estonia, but it’s quite unknown in America.

For now, it seems unlikely that the Trump administration will choose to respond to Russia’s alleged interference in the United States. But that doesn’t mean that the private sector and civil society cannot. Those who choose to do so should consider the strategies that nations long familiar with these methods have deployed in response.

America’s experience with Russian disinformation seems to have “really broadened US interest in [disinformation], such that it almost matches that in Central and Eastern Europe,” said Donald Jensen, a senior adjunct fellow at the Center for European Policy Analysis.

“You don’t have to educate the population too much about the seriousness of the Russian threat in Estonia, but it’s quite unknown in America, though maybe now that’s changing,” Eerik-Niiles Kross, an Estonian member of parliament and former intelligence director said.

“The whole Western world needed to see it happening in the US to understand that it is not some ‘paranoia’ of the Eastern European states when they warn about the Kremlin’s hostile actions,” one EU official dealing with information warfare who spoke on the condition of anonymity told me.

Awareness of the threat, of the potential for head fakes and distracting diversions is half the battle.

“It’s like playing a game of fetch in the forest,” Arnold Sinisalu, head of the Estonian Internal Security Service, said about of Russia’s strategy. “They want us to think only about that game, while the main problem is somewhere else. But it’s not that easy, we’re not playing that game.”

DefenseOne

NATO Tools Up For Cybewar:       How Cyber Propaganda Influenced Politics in 2016

Social Media and the 'Information War’- Russia is Winning:

 

« Banks Lack Confidence They Can Detect Data Breaches
Welcome To Australia: No More Passports & Biometric Identification »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Business Intelligence Associates (BIA)

Business Intelligence Associates (BIA)

BIA's TotalDiscovery is a defensible and cost-effective corporate preservation and legal compliance software solution.

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU CCIS is a national centre for research, education, testing, training and competence development within the area of cyber and information security.

Telesoft Technologies

Telesoft Technologies

Telesoft Technologies is a global provider of cyber security, telecom and government infrastructure products and services.

Golden Frog

Golden Frog

Golden Frog is a Virtual Private Network services provider offering secure encrypted access to the internet.

Leadcomm

Leadcomm

Leadcomm is a Brazilian company focused on the distribution and integration of IT systems and security solutions for large companies.

AppGuard

AppGuard

AppGuard prevents breaches by blocking applications from performing inappropriate processes using our patented dynamic isolation and inheritance technologies.

EU Joint Research Centre

EU Joint Research Centre

JRC is the European Commission's science and knowledge service which employs scientists to carry out research in order to provide independent scientific advice and support to EU policy.

Enzoic

Enzoic

Enzoic is an enterprise-focused cybersecurity company committed to preventing account takeover and fraud through compromised credential detection.

Tego Cyber

Tego Cyber

Tego Cyber delivers a state-of-the-art threat intelligence platform that helps enterprises deploy the proper resolution to an identified threat before the enterprise is compromised.

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

Amidas Hong Kong

Amidas Hong Kong

Amidas is your trusted companion on the road to Digital Transformation. We provide a full range of Information Technology Solutions and Professional Services to Enterprise customers.

ConductorOne

ConductorOne

ConductorOne is building the identity security platform for the modern workforce.

One Step Secure IT

One Step Secure IT

One Step provide Managed IT Services, Cybersecurity Protections, and Compliance to businesses in the USA nationwide.

Darwinium

Darwinium

Darwinium is a Cyberfraud Prevention Platform that provides scalable customer journey protection without complexity.

Pontiro

Pontiro

At Pontiro, we are enabling a new era of data-sharing. Bridging the gap between protected data and valuable insights through the use of cutting edge Homomorphic Encryption.

Exertis Cybersecurity

Exertis Cybersecurity

Exertis Cybersecurity is a sub-division of Exertis Enterprise. We provide market-leading cybersecurity solutions that help to address the cybersecurity challenges that organisations face today.