By: Tarmo Joeveer
On September 1, 2020, Facebook announced that it had removed a “network of fake accounts and pages” based on a tip from the FBI.[1] The network of 13 fake accounts and two pages was one of a dozen operations tied to the Russian Internet Research Agency that was involved in meddling with the last presidential elections. Few days later, on the heels of the Facebook announcement, the Department of Homeland Security issued a warning in its intelligence bulletin that Russia is trying to undermine Americans’ confidence by spreading false claims about mail-in voting through its state media outlets and proxy websites.[2] The intelligence assessment warned that Russia will likely “step up trolling by promoting allegations of U.S. election system corruption” to undermine public trust.[3]
Interference with elections is not anything new, throughout the modern history various actors have attempted to influence elections or sovereign states affairs by using any tools available.[4] Cyberattacks and social media disinformation campaigns to shape elections outcome are simply new tools in the box, deployed by the same “Cold War statecraft playbook.”[5] Although Russian meddling in foreign elections and other countries’ affairs entered American consciousness mostly as late as 2016, during the last presidential elections, it was by far not the first time when Russia used cyber attacks to influence politics in another country. The beginnings were most likely in spring of 2007 when pro-Kremlin groups used cyberattacks to provoke violence and disrupt government and private businesses operations in Estonia.
In April 2007, Sami Saydjari, president of Professionals for Cyber Defense, testified in front of Congressional homeland defense subcommittee describing in vivid terms how cyberattack could incapacitate a nation’s electronic infrastructure – event to which United States was unprepared at the time.[6] Exactly one day after this testimony the scenario described by Mr. Saydjari became a reality in Estonia. The political situation surrounding the removal of a Soviet memorial (“Bronze Soldier”) that resulted in two days of riots, provided the backdrop for cyber-attacks that lasted for 22 days.[7] Coordinated attacks came in four waves and disrupted their targets with denial of service (DoS) attacks and malformed web queries targeting government platforms, media outlets and private businesses.[8] Although the attacks were widespread and managed to shut down many online services for several hours, they did not widely affect the Estonian public.[9]
Since then, suspected Russian groups have used similar methods several times in Ukraine – after 2014 revolution and Russia’s annexation of Crimea, and most recently during their 2019 presidential elections.[10] Cyber-attacks in Ukraine have been so numerous that Ukraine is considered a “testing ground” for pro-Kremlin or suspected Russian state sponsored hacking groups who are assembling “unrivalled set of cyber weapons” that are being tested out before used in targeting activities elsewhere.[11]
Besides direct hacking activities, groups with Russian ties are engaging more and more in public disinformation campaigns by using social media trolls as evidenced already during the 2016 elections. A recent Rand Corporation report states that “Russia has adopted increasingly sophisticated social media techniques, including sophisticated trolling on news sites, fake hashtag and Twitter campaigns, and the close coordination between social media operations and other media.”[12] To better fit into the target market, disinformation groups are using either directly or indirectly native writers to produce content for their websites. When Facebook made its announcement last week, it also said it planned to inform 200 or so journalists who were recruited by the operators of the fake accounts and pages.[13] This was a wakeup call for a New York based freelance writer who was approached via Twitter in July to write articles for Peace Data, a website that was identified as part of a covert Russian campaign.[14]
While Facebook was successful in shutting down the latest disinformation attempt through its platform, it is troubling that Russian attempts to sow distrust and misinformation amongst American voters may have carried even more weight. Recent criticism from President Trump on mail-in voting, who Tweeted that “With Universal Mail-In Voting [], 2020 will be the most INACCURATE & FRAUDULENT Election in history,” lends credibility to disinformation campaigns and trolls who are trying to influence the elections outcome.[15]
Governments, technology companies, and businesses alike have come a long way from 2007 in strengthening their cyber defense capacities.[16] While direct hacking and denial of service attacks may not be as successful now, the social media trolling and using native unwitting writers to push disinformation agendas pose a different kind of threat. In addition, lot of misinformation is forwarded around on social media platforms by regular users without knowing its origins. As our lives amid COVID-19 pandemic have most inevitably moved online, tactics carried out by pro-Kremlin or Russian state sponsored groups may prove even more successful in shaping Americans minds during this election season. It will take concerted effort between government, social media outlets, freelance writers, and most importantly all of us, to ward off these threats.
[1] Elizabeth Dwoskin & Craig Timberg, Facebook takes down Russian operation that recruited U.S. journalists, amid rising concerns about election misinformation, The Washington Post (Sept. 1, 2020), https://www.washingtonpost.com/technology/2020/09/01/facebook-disinformation-takedown/.
[2] Mark Hosenball, U.S. Homeland Security warns that Russia is trying to undermine confidence in mail-in voting, Reuters (Sept. 3, 2020), https://www.reuters.com/article/us-usa-election-russia-ballots/u-s-homeland-security-warns-that-russia-is-trying-to-undermine-confidence-in-mail-in-voting-idUSKBN25U358.
[3] Id.
[4] Liisa Past, What Estonia’s record number of i-voters teaches us about election trust, Euractiv (Mar. 1, 2019), https://www.euractiv.com/section/elections/opinion/what-estonias-record-number-of-i-voters-teaches-us-about-election-trust.
[5] Id.
[6] Kertu Ruus, Cyber War I: Estonia Attacked from Russia, The European Institute, https://www.europeaninstitute.org/index.php/component/content/article?id=67:cyber-war-i-estonia-attacked-from-russia (last visited Sept. 7, 2020).
[7] Ivo Juurvee & Mariita Mattiisen, The Bronze Soldier Crisis of 2007 (International Centre for Defense and Security, Aug. 2020), 29, https://icds.ee/wp-content/uploads/2020/08/ICDS_Report_The_Bronze_Soldier_Crises_of_2007_Juurvee_Mattiisen_August_2020.pdf.
[8] Id.
[9] Id. at 30.
[10] David Gilbert, Inside the massive cyber war between Russia and Ukraine, Vice (Mar. 29, 2020), https://www.vice.com/en_us/article/bjqe8m/inside-the-massive-cyber-war-between-russia-and-ukraine.
[11] Zak Doffman, Russia Unleashes New Weapons In Its ‘Cyber Attack Testing Ground’: Report, Forbes (Feb. 5, 2020), https://www.forbes.com/sites/zakdoffman/2020/02/05/russia-unleashes-new-weapons-in-its-cyber-attack-testing-ground-report/#2143b4bc5ce5.
[12] Todd C. Helmus et al, Russian Social Media Influence (Rand Corporation, 2018), 2, https://www.rand.org/content/dam/rand/pubs/research_reports/RR2200/RR2237/RAND_RR2237.pdf.
[13] Dwoskin & Timberg, supra note 1.
[14] Donie O’Sullivan, How an American who lost his job due to Covid-19 got roped into an apparent Russian plot to meddle in American life, Cnn (Sept. 4, 2020), https://www.cnn.com/2020/09/04/tech/covid-19-american-russian-plan/index.html.
[15] Hosenball, supra note 2.
[16] Dwoskin & Timberg, supra note 1.
