The Soviet Union and now Russia under Vladimir Putin have waged a political power struggle against the West for nearly a century. Spreading false and distorted information – called “dezinformatsiya” after the Russian word for “disinformation” – is an age-old strategy for coordinated and sustained influence campaigns that have interrupted the possibility of level-headed political discourse. Emerging reports that Russian hackers targeted a Democratic senator’s 2018 reelection campaign suggest that what happened in the lead-up to the 2016 presidential election may be set to recur. As an ethical hacker, security researcher and data analyst, I have seen firsthand how disinformation is becoming the new focus of cyberattacks. In a recent talk, I suggested that cyberwarfare is no longer just about the technical details of computer ports and protocols. Rather, disinformation and social media are rapidly becoming the best hacking tools. With social media, anyone – even Russian intelligence officers and professional trolls – can widely publish misleading content. As legendary hacker Kevin Mitnick put it, “it’s easier to manipulate people rather than technology.”
Two sets of federal indictments – one in February and another in July – allege in detail how a private company linked to Putin and the Russian military itself worked to polarize American political discourse and sway the 2016 U.S. presidential election. Cybersecurity experts in the U.S. knew that the Russian intelligence agencies were conducting these acts of information warfare and cyberwarfare, but I doubt they had any idea how comprehensive and integrated they were – until now.
The operation was complex. What is publicly known now is perhaps most easily understood in two pieces, the subjects of separate federal indictments.
First, a billionaire Russian businessman and Putin associate allegedly assembled a network of troll factories: private Russian companies engaging in a massive disinformation campaign. Their employees posed as Americans, created racially and politically divisive social media groups and pages, and developed fake news articles and commentary to build political animosity within the American public.
Second, the Russian military intelligence agency, known by its Russian acronym as the GRU, allegedly used coordinated hacking to target more than 500 people and institutions in the United States. The Russian hackers downloaded potentially damaging information and released it to the public via WikiLeaks and under various aliases including “DCLeaks” and “Guccifer 2.0.”