20 February 2022

MDM Tactics: Misinformation, Disinformation and Malformation

Intro:
1

CISA warns of hybrid operations threat to US critical infrastructure

"CISA urged leaders of U.S. critical infrastructure organizations on Friday to increase their orgs' resilience against a growing risk of being targeted by foreign influence operations using misinformation, disinformation, and malformation (MDM) tactics.

Multiple influence operations coordinated by foreign actors had an impact on US critical services and functions across critical sectors," according to the cybersecurity agency.

"Current social factors—including heightened polarization and the ongoing global pandemic—increase the risk and potency of influence operations to U.S. critical infrastructure," CISA warned.

Risks increased by Ukraine-Russia tensions

These MDM campaigns can also be paired with cyberattacks as part of hybrid operations to "derive content, create confusion, heighten anxieties, and distract from other events."

Malicious actors can also use such tactics to shape the public's opinion, undermine trust in the state's capabilities, and amplify division.

The federal agency cautioned that the current tensions between Russia and Ukraine are behind an increased risk of influence operations that could directly impact National Critical Functions (NCFs) and critical infrastructure orgs.

"In light of developing Russia-Ukraine geopolitical tensions, the risk of foreign influence operations affecting domestic audiences has increased," CISA added [PDF].

"Recently observed foreign influence operations abroad demonstrate that foreign governments and related actors have the capability to quickly employ sophisticated influence techniques to target U.S. audiences with the goal to disrupt U.S. critical infrastructure and undermine U.S. interests and authorities."

Ongoing hybrid warfare campaign

This warning comes the White House pinned this week's wide-scale DDoS attacks targeting Ukrainian banks and government agencies on the Russian main intelligence directorate (aka GRU) during a press briefing on Friday.

This attribution was made based on high volumes of traffic to Ukraine-based IP addresses and domains from GRU infrastructure.

The UK government also blamed Russian GRU hackers for the distributed denial of service attacks targeting "the financial sector in Ukraine."

The Security Service of Ukraine (SSU)—whose website has been unreachable since Wednesday— said in a Monday press release that the country is currently the target of a "massive wave of hybrid warfare." 

This is eerily similar to the hybrid operations (combining cyberattacks and MDM campaigns) mentioned by CISA in its Friday advisory."

Related Articles:

US says Russian state hackers breached defense contractors

CISA orders federal agencies to patch actively exploited Windows bug

US govt warns of Russian hackers targeting critical infrastructure

CISA tells federal agencies to patch actively exploited Chrome, Magento bugs

FBI: BlackByte ransomware breached US critical infrastructure

 
=======================================================================
2 Press Briefing by Press Secretary Jen Psaki,
Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger, and Deputy National Security Advisor for International Economics and Deputy NEC Director Daleep Singh, February 18, 2022

James S. Brady Press Briefing Room

2:43 P.M. EST

MS. PSAKI:  Hi, everyone.  Happy Friday.  Okay, so we have two special guests with us today.  Joining us are Deputy National Security Advisors Anne Neuberger and Daleep Singh.

By way of a quick introduction, Anne is Deputy National Security Advisor for Cyber and Emerging Technology.  Previously, she served as the National Security Agency’s Director of Cybersecurity, where she led the NSA’s cybersecurity mission.

Prior to this role, Anne led NSA’s election security effort and served as Assistant Deputy Director of NSA’s Operations Directorate, overseeing foreign intelligence and cybersecurity operations.

Daleep is Deputy National Security Advisor for International Economics and Deputy Director of the National Economic Council.  He coordinates the administration’s policymaking process for a range of issues at the intersection of economic policy and national security.

Previously, he was the Executive Vice President and Head of the Markets Group at the New York Federal Reserve, where he led the implementation for most of the Fed’s emergency facilities launched during the pandemic.

He served as an Acting Assistant Secretary for Domestic Finance at the Treasury Department during the Obama-Biden administration, as well as a Deputy Assistant Secretary for International Affairs.

They will each give brief remarks, and then we’ll take some questions.  Your introduction won’t be as fancy the second time you come, but —

So, I think Anne is starting, right?

MS. NEUBERGER:  Thank you very much, Jen.  Good afternoon.  It’s good to see you all.

Over the last decade, Russia has used cyber as a major part of its military activity beyond its borders, including to undermine, coerce, and destabilize Ukraine.  For that reason, and at the President’s direction, we’ve been working to prepare for potential cyberattacks since November.  We’ve been focused on doing so in three ways:

First, we’ve continued our urgent work to shore up our cyber defenses at home.  Second, we’ve boosted our efforts providing support to Ukraine.  And third, we’ve worked closely with partners and Allies to defend against and disrupt malicious cyber activity. 

I’ll expand on each of these three areas. . .

[  ] We believe that the Russian government is responsible for wide-scale cyberattacks on Ukrainian banks this week.  We have technical information that links Russian — the Russian Main Intelligence Directorate, or GRU, as known GRU infrastructure was seen transmitting high volumes of communications to Ukraine-based IP addresses and domains.

We’ve shared the underlying intelligence with Ukraine and with our European partners. . .

The global community must be prepared to shine a light on malicious cyber activity and hold actors accountable for any and all disruptive or destructive cyber activity.

And as the President said earlier this week: If Russia attacks the United States or our Allies through asymmetric activities, like disruptive cyberattacks against our companies or critical infrastructure, we are prepared to respond.

Thank you.

MR. SINGH:  Good afternoon, everybody.  As President Biden has said: If Russia attacks Ukraine, we will respond decisively and forcefully to impose costs on Russia, alongside our Allies and partners.

The cost to Russia would be immense, both to its economy and its strategic position in the world.  Our financial sanctions have been designed to impose overwhelming and immediate costs to the largest financial institutions and state-owned enterprises in Russia.  They’ve been calibrated to maximize alignment with our Allies and partners.  They’re flexible to allow for further escalation or de-escalation, depending on how Putin responds.  And they’re responsible to avoid targeting the Russian people and to limit unwanted spillovers to the U.S. and global economy.

We’re also prepared to impose powerful export controls as part of our response package.  Both financial sanctions and export controls deny something to Russia that it needs and can’t get from anywhere other than the United States or our Allies and partners.  Financial sanctions deny foreign capital to Russia, and export controls deny critical technological inputs that Russia needs to diversify its economy and to deliver on Putin’s strategic ambitions in aerospace, defense, and high-tech.

Working in tandem, financial sanctions and export controls are embedded in a broader strategy that would undercut Putin’s aspirations to project power and exert influence on the world stage.

If Russia invades Ukraine, it would become a pariah to the international community, it would become isolated from global financial markets, and it would be deprived of the most sophisticated technological inputs.

Russia would face the >prospect of intense capital outflows, > mounting pressure on its currency, > surging inflation, > higher borrowing costs, > economic contraction, and the > erosion of its productive capacity.

Taken together, Russia would become more dependent on countries that cannot compensate for its losses.  This would be a strategic defeat for Russia, pure and simple.

Meanwhile, the West and international community would emerge more united and determined to defend shared values and core principles than at any point in the post-Cold War era.

We’re ready to impose costs in lockstep with our Allies and partners because we share the belief that Russia has no right to redraw its neighbors’ borders by force and that countries have the freedom to set their own course and to choose their own destiny.

To be clear: The test of unity with our Allies and partners is not whether our actions are matched to the letter or whether our implementation mechanics are identical.  The test of unity is whether we share a recognition of the core principles that are at stake, whether we share the resolve to defend those principles by imposing severe costs on Russia for its actions, and whether we’re willing to do all we can to support each other in managing the consequences.

I can tell you with confidence that we’ve met the test.  And on this last point, since I know many of you have asked, let me say that we are in active engagement with major energy consumers and major energy producers to coordinate potential actions, to stabilize energy markets, and all of our tools are on the table.

Thank you.

MS. PSAKI:  Okay.  Steve

 
Featured Clips from This Video
==============

No comments: