Pages

3 November 2020

“Smoke and Mirrors”: An Examination of Information Warfare’s Capabilities and the U.S. Defense Against Them

Alan C. Cunningham

Introduction

In the start of 2020, much of the world and virtually all of the United States was consumed by news reports and developments about COVID-19, a new strain of the Coronavirus respiratory disease. Hysteria was rampant with people buying toilet paper and masks and gloves, despite news agencies and international health organizations urging against this; some did this of their own accord, but it is undeniable the effect that social media websites (like Facebook) and “news” agencies (like InfoWars) had on inciting this hysteria.[1] Not only was misinformation spread about what individual countries were experiencing, but about the cause of the virus.

On 12 March 2020, The Hill reported that a spokesman for the People’s Republic of China’s Ministry of Foreign Affairs, the agency responsible for spearheading diplomatic endeavors with other countries, suggested via Twitter a, “conspiracy theory…[that] instead suggests the virus was brought to the country in 2019 by U.S. athletes participating in the Military World Games that were held in Wuhan,”.[2] Two days prior to this comment, an article was written on Defense One which discussed Iranian, Russian, and Chinese media channels pushing theories that COVID-19 was a bioweapon, while noting that these stories are being, “fueled by Iranian, Russian, and Chinese government-backed campaigns blaming and attacking the United States as the source for the scourge,”.[3] The article describes how Iran’s Press TV published conspiracies previously reported by Alex Jones’ InfoWars website and how RT News (the state-sponsored media outlet, largely regarded as undeniably pro-Russian), “has used its considerable media reach via channels [like RT] to amplify statements coming out of Iranian leadership,”.[4]

This led me to begin thinking about how Foreign Intelligence Entities (FIEs) and States utilize Information Warfare (IW) practices to attain their overall goals as well as how significant of a threat IW is to the United States. After examining this and America’s defenses against such action, I began thinking of how America could improve upon their current state of preparation. Overall, I came to the conclusion that Information Warfare is an extreme threat to the United States, our political system, and our public’s thought process along with our government and private industry needing to drastically and quickly take measures to ensure that our country is protected. However, before going into this analysis and description, we must first define what exactly Information Warfare is and how it is utilized.

Defining “Information Warfare” and the History Behind It

Information Warfare is a relatively new term in the public consciousness, with most of the works discussing the area coming from 2015 onward. Megan Burns, a Masters student studying Software Engineering at Carnegie Mellon in 1999, wrote a short paper on IW for a course; she finds Information Warfare difficult to define and describes it as being about certain topics within cyberspace, these being, “a class of techniques, including collection, transport, protection, denial, disturbance, and degradation, by which one maintains an advantage over one’s adversaries,”.[5] Though written in 1999, Burns’ definition of IW is quite accurate when comparing them to more authoritative works on the subject.

In a 1997 paper written at the United States Air Force’s Air Command and Staff College, Major Mary Gillam describes more clearly how the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence sees IW, quoting, “Actions taken to achieve information superiority by affecting adversary information, information-based processes, information systems, and computer-based networks while defending one’s own information, information-based processes, and computer-based networks,”.[6] Gillam then notes that, to be successful at Information Warfare, one must work to be an offensive and defensive force, going after those who are trying to penetrate computer systems while also establishing a solid defense against penetrations.

Information Warfare as well is not a completely new innovation, one not born in a 1980’s Silicon Valley board room, but rather from the battlefields of the Franco-Prussian War and the Battle of Tsushima. In his commentary for War on the Rocks, retired U.S. Army Lieutenant Colonel Conrad Crane writes, “[in the Second World War] in a prescient consolidation that foreshadowed what most of America’s adversaries do with information warfare today – but is anathema to U.S. civilian authorities – the 12th Army Group combined its publicity and psychological warfare elements,” while noting that the U.S. slacked off greatly in the Cold War era, splitting up the public affairs and psychological warfare sections and leaving them largely untouched throughout the Cold War.[7] It was only in the 1990’s when certain members of the Armed Forces and the start of Operations Desert Storm and Desert Shield that emphasis was put onto IW missions and in which electronic IW was first utilized in combat. Based on this, we can see that electronic usage of Information Warfare is a relatively new idea, one not utilized much until the 1990’s and little afterwards. 

In my own definition of what Information Warfare is, I find it to be the usage of a variety of methods (all based on modes of communication and media) to misinform and destabilize an enemy combatant’s populace, means of government, and overall sow discontent. Proper IW tactics utilize both offensive and defensive measures, ensuring that the homeland is secured while also actively penetrating others. However, despite having one of the strongest militaries on the face of the Earth and being the superpower of the globe, the United States is woefully unprepared to combat IW. As Conrad Crane notes, “the whole idea of American information warfare suffers from a lack of a controlling national policy and structure,”.[8] To showcase just how susceptible the United States is to an attack like this and how the U.S. has been unprepared for such cyberwarfare and information warfare operations for some time, I will examine the actions of the Russian government upon U.S. endeavors.

Russian Information Warfare in Ukraine (2014)

As mentioned previously, electronic IW (and IW in general) is something that has only been discussed by the broad public recently. Perhaps one of the biggest instances of Information Warfare in recent history has been the case of Russian involvement in the 2016 Presidential Election. However, evidence of Russian attempts to influence both the United States election and elections serving their interests have been underway for many a few years prior to 2016.

The first instance of Russia utilizing Information Warfare tactics was in 2014 in Ukraine during the country’s revolution. The revolution began in 2013 when President Viktor Yanukovych, a longtime Ukrainian politician with pro-Russian sentiments, rejected a political and economic association package with the European Union, instead deciding to strengthen ties with Russia. As the BBC reports, “student protests…developed into a revolution that overthrew the government and sparked a counter-revolution… [while Putin] ordered the rollout of a plan to annex Crimea. Nationalist forces inside the Russian Federation, groomed by Russian media for years and flushed with the annexation, took it upon themselves to free the east of Ukraine from the rest of the country. Behind them came Russian military hardware and soldiers,”.[9] However, Russian military forces and equipment were not the only way war was being waged in the Eastern European country; Russia was taking the war online.

David Patrikarakos, a journalist who reported on the revolution for Foreign Policy magazine, was in the Eastern Ukrainian region of Donbass in 2014, covering the fighting occurring and predominantly reporting on the People’s Republic of Donetsk, a pro-Russian separatist group. Detailing this in the introduction of his book on social media’s ability to wage war, he writes firsthand how the Russians were utilizing social media to their advantage, writing, “I saw pro-Kremlin accounts out in force, spinning the loss of Sloviansk as best they could. The rebels hadn’t retreated but were merely “strategically relocating”…More striking, as ever, were the pro-Russia narratives that filled this corner of the Internet: stories of Ukrainian atrocities (a three-year-old boy crucified by the Ukrainian army was a particularly notorious example), accounts of the machinations of the country’s government, and its affiliates that had no basis in truth…It wasn’t propaganda I was witnessing, it was the reinvention of reality,”.[10] As one can see, there were many pro-Russian accounts being utilized to sway public opinion, but how can this be traced back to Russia?

Patrikarakos interviews later in the book a young man from Siberia named Vitaly Bespalov, who detailed to the journalist his time as an IW fighter for the Russian government in a “troll farm”. Bespalov details how he went about manufacturing news stories on a fake website about Ukrainian events, changing certain words (e.g. “terrorist” into “separatist”) from Ukrainian articles to make them more pro-Russian to pushing fake, pro-Russian websites with similar articles on social media; he also detailed how the Russian troll farm had multiple sections working on different content, with one floor, “working on about ten or twelve Russian and fake Ukrainian websites,” while the second floor housed those, “responsible for creating cartoons and memes to spread around social media in support of Kremlin policy on Ukraine,” and the fourth floor, “contained the people whose job it was to post comments on social media, including Facebook…Twitter, YouTube – any social media platform where news was discussed,”.[11]

Bespalov details extensively how each area worked and had essentially the sole goal of sowing discontent and ensuring that pro-Kremlin policies and skewed information was being broadcast online in Ukraine. He also notes how the farm made use of the MH17 passenger disaster, in which, “pro-Russian separatists shot down [the plane] with a rocket obtained from a Russian army unit”; the farm had two goals in this aspect, according to Bespalov, “The first was to shore up the Kremlin’s own constituency by giving them a narrative to hold on to and subsequently disseminate. The second…was to simply sow as much confusion as possible,”[12]. Bespalov eventually left the farm after only three and a half months, but believes that the Russian taxpayers were footing the bill stating, “The troll farm is a continuation of Russian TV – to teach people fake patriotism, to justify the behavior and the actions of the Russian government…they are doing exactly what Russian TV does, except on the internet,”.[13]

This type of glance into Russian IW operations is enlightening and shows how intricate they can be, with those doing the actual work not knowing who exactly their bosses are. Russia’s capacity for Information Warfare and their reach into a country is massive, as can be seen through the hundreds of websites created with modified language and through the potentially hundreds of thousands of memes and fake social media accounts designed to support a very specific and very distorted agenda. While the entire endeavor may not have worked in terms of a public affairs standpoint (with almost 90% of the country declining to join Russia)[14], Putin has succeeded somewhat in Eastern Ukraine where it seems that many desire to join the authoritarian nation.[15] Regardless, Russia’s endeavor in Ukraine shows their proficiency in the tactic and their ability to utilize cyberspace swiftly as well as how to improve upon the mistakes learned in the Eastern European country to better prepare for such intervention in the United States.

Russia and the 2016 Presidential Election

Russian involvement in the 2016 Presidential Election is a long, complex, and interesting case study. It becomes even more complex when considering the Trump administration’s efforts to stop investigations into Russian activity. However, by all accounts, Russian information warfare against the United States began not in 2016, but rather in 2015, in Bastrop County, Texas of all places.

Beginning in July of 2015, the U.S. Army Special Operations Command (USSOCOM) began conducting unconventional warfare training exercises in the Bastrop County region of Texas, involving regular airborne military units with the entire intent being to, “respond to a potential international crisis and…strengthen working relationships for future deployments,”.[16] Many within the county (and beyond) began claiming that the operation was actually a mission endorsed by President Obama that had the goal of rounding up political dissidents, causing severe problems for the local government and military commanders conducting the training operation.[17] While there does not seem to be any relation to Russia, Michael Hayden, the former Principle Deputy Director of National Intelligence and former director of both the National Security Agency (NSA) and the Central Intelligence Agency (CIA), believed, “that hysteria [over the training mission] was fueled by Russians wanting to dominate ‘the information space’ and that Texas Gov. Greg Abbott’s decision to send the Texas State Guard to monitor the operation gave them proof of the power of such misinformation campaigns,”.[18]

This shows Russia how influential they can be upon the American populace; by promulgating conspiracy theories and blatantly false lies with little to no evidence backing up the main claims, they were able to force the governor of the largest state in the Union to call out the state’s military forces to monitor the operation, which almost is an endorsement of the conspiracy theories in a way. The type of power and ability to mobilize states and people into believing ridiculous theories would resurface again in conjunction with the election.

In 2016, during the campaign, one of those targeted by Russian bots was John Podesta, Hilary Clinton’s campaign chairman. As The Guardian reported, Russian hacking groups sent out, “volleys of phishing emails [an attacker impersonates an authority, tricks the victim into opening a line of communication to steal data] …a Podesta aide spotted the dodgy email and forwarded it to a technician. By mistake, however, the aide wrote that the message was OK,”.[19] The end result was that Russian hackers gained access to over 60,000 emails written by John Podesta, some of which included content that painted the Democratic candidate in a bad light (transcripts of speeches at Goldman Sachs where she spoke uncritically about Wall Street and their aiding in the 2008 financial crisis).[20] Naturally, these emails posed a great risk to the campaign and it is highly convenient that they were released by WikiLeaks in October of 2016, only a month before the election.

In their book The Red Web, investigative journalists Andrei Soldatov and Irinia Borogan cover the history of Russia’s electronic surveillance measures and the nation’s usage of information warfare tactics. They also discuss how the Russian government hacked the Democratic National Committee’s (DNC) servers, allowing a whole wealth of information that could be utilized against the candidate. In their description of the event, “[CrowdStrike, the private information security company contracted by the DNC to investigate the breach and run by the former head of the FBI’s Cyber Division and a Russian expat cybersecurity expert] published the report along with the technical details of the attack…[the report] made a bold claim about the hackers’ identity and their sponsors: the activity of Fancy Bear [the hackers] “may indicate affiliation with the Glavnoye Razvedivatelnoye Upravlenie (Main Intelligence Department) or GRU, Russia’s premier military intelligence service,” while also determining that a second group of hackers involved were from the Federal’naya sluzbha bezopastnosti, Russia’s Federal Security Bureau and main successor to the KGB.[21]

However, gaining the information was not only half of the goal; next came the dissemination. Like with Podesta’s hacked emails, the Russian government gave the contents of their DNC hack to WikiLeaks, which engaged in putting out the personal information (phone numbers, addresses) of staffers and DNC persons and promulgated conspiracy theories regarding Seth Rich and Satanic meetings.[22] The effect this played on Clinton’s campaign was enormous as it resulted in the re-opening of old conspiracies and falsities, forced the campaign to spend time and energy on defending their candidate instead of holding legitimate political discussions, and could be utilized by the other side to bash the opponent. As one can see, the Russian government’s ability at information warfare, to collect data via illicit means and through seemingly independent parties, disseminate these through independent collaborators, and then assist in the publicizing of such leaks and inciting of untruths is extremely advanced, highly complex and technical, and was utilized to an immensely effective degree. Influencing an election’s outcome is no small matter, yet Russia was able to accomplish this with seemingly little effort and not much strain on their economic, technological, or intelligence faculties.

The U.S. Response and Emerging Defense

Naturally, many Americans were distressed to learn that the Russian government had intervened so heavily in the election. Even more were distressed when the new administration decided not to take as heavy action against the foreign government despite the CIA, FBI, and National Security Agency (NSA) all concluding that the Russians were behind the penetration in a January 2017 report.[23] The question that was left in the wake of this incident was how was the United States seemingly so unprepared for such an attack?

To say that America was unaware of the Russian capability for a cyberwarfare attack or could perform media disinformation operations to an effective degree would be outright wrong. In fact, for a short time in 2015, the U.S. Department of State had a task force set up specifically to deal with disinformation by Russian and other powers, ready, “to expose the most laughable Moscow lies about America and the West that are disseminated regularly by RT and other outlets. They created a beta website and prepared to wage the struggle for truth online,”.[24]

However, by September, the task force was disbanded and, at least according to one reporter’s sources within the Intelligence Community, “it was closed out of a deep desire inside the White House “not to upset the Russians”,”.[25] John P. Carlin, the former Assistant Attorney General for National Security from April 2014 to October 2016, documents how, “Confronting Russia publically presented legitimate risks: for one thing, confrontation might have encouraged them to take even more provocative action…if their goal was to divide America and lead Americans to question the legitimacy of their elections, then being public about Russia’s efforts might actually help accomplish that goal…the best route the administration saw going forward was to make whatever action it took bipartisan…However, Senate Majority Leader Mitch McConnell shot down such attempts,”.[26] Certainly, maintaining proper foreign relations with a nation state, especially one in which tensions have long been uneasy from a four-decade long conflict, is essential to maintaining a solid and commanding standing in the world, but not at the cost of one’s own safety and security.

Because of this, there was no other agency or group or unit that was tasked with defending against Russian interference on the web despite there being a clear case (first in Ukraine and then in Bastrop County, Texas) that the Russians could and would utilize their technological ability to interfere and corrupt the U.S. populace online. America was essentially defenseless to such tactics and, while a great many people realized that much of the fake news stories being put out by less than reputable media agencies were inaccurate, the interference still had a debilitating effect on American democracy, caused campaigns to waste time refuting old and new baseless theories, and votes to be lost.

However, despite the outcry of a lack of defense against such intervention, there has been little done in terms of creating an effective force to deal with Russian interference politically and socially. While fruitful investigations (conducted by the Intelligence Community, Special Counsel Robert Mueller, and the Federal Bureau of Investigation) did determine that this was a significant threat and that the Russians showed no signs of desiring to stop interfering after the 2016 election (many raising calls of alarm for the 2020 Presidential Election), there has been no permanent governmental unit or force that has been specially created to deal with fake news or disinformation, like what was tried in 2015 with the State Department task force. 

The only meaningful, large scale contribution to combating Russian disinformation was done very recently. On February 6, 2020, Newsweek obtained documents from the U.S. Department of Defense which revealed that the United States Cyber Command (USCYBERCOM) has been, “tracking disinformation campaigns promulgated by accounts operated by – or attributable to – the Russian government…U.S. Army North [a theater level army force] is tracking the “information warfare” on Twitter, including the accounts of Sputnik, RT (formerly known as Russia Today), the Ministry of Defense-owned Channel Zvezda, and Russia, English, Spanish, French, German, and Turkish language profiles operated by those outlets,”.[27] While the command’s intent is to document disinformation about Coronavirus, it is understandable and reasonable to believe that the military is engaging in this activity in order to prepare themselves for potential Russian interference in the 2020 election (with the article making that assumption too).

It is apparent that America is defenseless against these kind of attacks. With cyberwarfare and information warfare becoming more apparent as a means of confusing the populace and influencing U.S. political elections (which in turn influence domestic and foreign policy, U.S. global standing, and various other forms of government), it is evident that a strong force against such action is in dire need. Beyond an attempt at developing a federal task force to combat IW, the U.S. federal government has taken little action, while the only state action taken has predominantly been against media literacy and promoting education within public schools.[28] The fact that there have been no U.S. legal statutes passed combating troll farms, sites that push false stories or fake news that are detrimental nor has there been a group like what the State Department envisioned shows how unprepared the U.S. is to defend against these types of activities. Despite the lack of government action, many former government officials and those who are experienced in cybersecurity, counterintelligence, and the private industry are coming forward with ideas that mirror what I have mentioned on how to defend against such action.

Methods Against IW

There have been many recommendations on how the U.S. should combat IW, with one of the first texts recommending an improved and unified command against IW being written by the previously mentioned U.S. Air Force Major Mary Gillam at the Air Command and Staff College. The Major writes, “First, there must be a more concentrated effort on the part of DOD to integrate all IW activities...there needs to be a conduit that brings all of these individual efforts together to produce a overall joint synergistic IW strategy…Secondly, education of our Armed Forces to the vulnerabilities inherent in the conduct of information transmission and reception remains a number one priority…Educating the populace on computer hacking techniques will aid in combat the IW threat in the 21st century…Thirdly, combatant commanders must incorporate IW into their major exercise schedule…Fourth, implementing simple protective countermeasures would eliminate many of the simple invasions that have occurred…[Fifth] risk assessments must be made to determine what information requires protecting…Finally, from a national perspective, there must be more done to resolve the legal dilemmas involving the prosecution of IW criminals,”.[29]

There is a lot to unpack here, but what Major Gillam is getting at is the idea that unity of combatant commands and branches of the military, the education of the public on technical matters, and engaging in constant security checks is essential to good IW protection. While not expanded upon in her paper, the “unity of combatant commands and branches” could be expanded to include individual agencies within the law enforcement and intelligence community. Some of these tactics have also been brought up by more modern theoreticians on IW and cyberwarfare, such as Clint Watts, a former West Point Graduate, U.S. Army Infantry Officer, and FBI Special Agent who testified before the U.S. Congress on Cyberwarfare.

In a re-print of his congressional testimony by The Daily Beast, Watts sums up how the federal government can better combat disinformation and information warfare campaigns with four points, these being “Task”, “Talent”, “Teamwork”, and “Technology”, “When the U.S. has done something to date [to counter cyber-related influence operations], at best, it has been ineffective. At worst, it has been counterproductive…The U.S. should begin by clearly mapping out the purpose and scope of Russian cyber influence methods. Second, American politicians, political organizations and government officials must reaffirm their commitment to fact over fiction by regaining the trust of their constituents through accurate communications…Third, the U.S. must clearly articulate its policies with regards to the European Union, NATO, and immigration, which, at present, sometimes seems to mirror rather than counters that of the Kremlin…a task force led by a single entity must be created to counter the rise of Russian cyber-enabled operations,” while noting that the best in the cybersecurity industry should not be constrained by government bureaucratic standards (e.g. disqualification for minor drug charges) and that this type of talent should be allowed access to the best versions of software and technology for anti-disinformation purposes.[30]

Many of Watts’ suggestions, particularly the need for a single entity to combat Russian cyber ops, mirrors what Gillam had suggested twenty years prior. Both have emphasized the need for a unified front against information warfare, the need to educate the public and their own IW fighters on emerging threats and new tactics that can be utilized to fight against such entities, as well as improve cybersecurity and technological safeguards. However, creating an effective defense against foreign penetration of cyber systems and protecting the online sphere and the public from disinformation is a multi-pronged fight, one that verges into the political, legal, intelligence, and law enforcement spheres simultaneously.

Recommendations

Throughout this paper, what is clear is that foreign interference in politics is occurring through the usage of social media sites and accounts and specially created fake news agencies designed to influence the mass populace of the United States. It is also clear that the United States is woefully unprepared for the 2020 Presidential Election and that the U.S. government, under the current administration, will make no concerted effort to prevent such intrusions.

My own recommendations for what the U.S. can do includes the creation of a permanent federal task force that has the purpose of combating fake news, interference on social media and the web, and shutting down/placing warnings on websites that are, based on all available evidence, known or believed to be agents of foreign intelligence. This unit would be comprised of Information Warfare experts, cybersecurity analysts, counterintelligence agents, and lawyers from the U.S. Intelligence Community, the Federal Bureau of Investigation, the United States Air Force, and the U.S. Department of Justice’s National Security Division along with certain cybersecurity members of “Big Internet”, leading tech companies like Amazon, Facebook, and Google.

What the unit would first have to do is collate and analyze information, collecting data upon a website’s output and reporting (determining the alliances the site has with other websites, the economic model utilized, the writer/creator’s political and foreign policy leanings, etc.) and determine with the counterintelligence agents and IW experts if the site is an affiliate of a foreign entity (examples of such analyses can already be found on the internet).[31] If the investigators determine this, then a warning will be put up on the site. Those trying to access the site will receive a brief definition as to how the U.S. government views this site and their content (with links to the evidence in the description) before forcing the person to click “continue” to view the site’s information. Restricting content from the listed sites being posted on Twitter or Facebook would also significantly help in reducing the overall effect of fake news and disinformation. Having these types of barriers to temporarily prevent people from being able to access and share certain content will keep the information contained within certain circles and minimize the overall effect.

This unit would also be following codified legal statutes created specifically to combat fake news groups and sites that put out false stories or conspiracies about political candidates or in direct relation to elections. These types of laws have already been enacted in places like France[32], Belarus[33], and Cambodia[34] with legal parameters being set on what fake news is classified as, how people can be prosecuted, and what sort of action qualifies as mis/disinformation. Naturally, some of these suggestions would raise First Amendment concerns. Some of these countries that have enacted laws have been criticized by national and international media and human rights organizations for suppressing legitimate journalism and news agencies. However, I am not recommending going after AP or Reuters; many of these sites that misinform or are probable agents of the Russian government (InfoWars and GlobalResearch) advertise and consider themselves journalistic entities (even though a very strong case can be made these agencies do not exercise the most basic journalistic practices or ethics), which poses a problem. To prevent against overreach or misuse of certain laws enacted, safeguards must be put in place, similar to the safeguards that FISA Courts utilize when considering actions.

It is obvious that the U.S. needs a stable and reliable defense against disinformation and information warfare. It is also obvious that, despite increased awareness of Russian efforts and disinformation in the media, people are easily swayed and convinced by news stories that seem professional and masquerade as truth while actually peddling fiction. By forming a permanent task force comprised of seasoned and experienced investigators, analysts, and cyber warfare operators following a stringent set of laws with essential safeguards in place, then foreign information warfare and U.S.-based disinformation websites can be stopped and their effect upon the conduct of American domestic and foreign policy can be minimized if not wholesale stopped.

No comments:

Post a Comment