Yepper it’s rare that Western disinformation efforts are discovered and exposed. This week, the Stanford Internet Observatory and social media analysis firm Graphika detailed a five-year operation that was pushing pro-Western narratives. (The research follows Twitter, Facebook, and Instagram as they remove a series of accounts from their platforms for “coordinated inauthentic behavior.”)
Unheard Voice: Evaluating five years of pro-Western covert influence operations
Security News This Week: A US Propaganda Operation Hit Russia and China With Memes
Expect more in the next 12-18 months
✓
"This week, former Twitter chief security officer Peiter “Mudge” Zatko filed an explosive whistleblower complaint against the company. The allegations, which Twitter contests, claim the social media firm has multiple security flaws that it hasn’t taken seriously. Zatko alleges Twitter put an Indian government agent on its payroll and failed to patch servers and company laptops. Among the claims, however, one stands out: the suggestion that Twitter engineers could access live software and had virtually untracked access to its system.
✓ In a privacy win for students across the US, an Ohio judge has ruled that it is unconstitutional to scan students’ homes while they are taking remote tests. We also detailed the privacy flaw that is threatening US democracy—a lack of federal privacy protections means mass surveillance systems could be used against citizens in new ways.
✓ Elsewhere, as Russia’s full-scale invasion of Ukraine passes six months, military forces are increasingly turning to open source data to back their efforts. Police in India are using facial recognition with very low accuracy rates—the technology is being widely used in Delhi but could be throwing up plenty of false positives. And we dived deeply (perhaps too deeply) into how four high school students hacked 500 of their schools’ cameras, across six locations, and rickrolled thousands of students and teachers. It’s one elaborate graduation prank.
And there’s more. Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.
Since Russia-backed trolls flooded Facebook and Twitter with disinformation around the 2016 US elections, the social media firms have improved their ability to bust disinformation networks. The companies frequently take down propaganda accounts linked to authoritarian states, such as Iran, Russia, and China. But it’s rare that Western disinformation efforts are discovered and exposed. This week, the Stanford Internet Observatory and social media analysis firm Graphika detailed a five-year operation that was pushing pro-Western narratives. (The research follows Twitter, Facebook, and Instagram as they remove a series of accounts from their platforms for “coordinated inauthentic behavior.”)
The propaganda accounts used memes, fake news websites, online petitions, and various hashtags in an attempt to push pro-Western views and were linked to both overt and covert influence operations. The accounts, some of which appear to use AI-generated profile pictures, targeted internet users in Russia, China, and Iran, among other countries. The researchers say the accounts “heavily criticized” Russia following its full-scale invasion of Ukraine in February and also “promoted anti-extremism messaging.” Twitter said the activity it saw is likely to have originated in the US and the UK, while Meta said it was the US.
Many of the techniques used by the online influence operation appear to mimic those the Russia-backed accounts used in the buildup to the 2016 elections. It’s likely, however, that the Western influence operations weren’t that successful. “The vast majority of posts and tweets we reviewed received no more than a handful of likes or retweets, and only 19 percent of the covert assets we identified had more than 1,000 followers,” the researchers say.
In recent years, Charming Kitten, a hacking group linked to Iran, has been known for its “aggressive, targeted phishing campaigns.” These phishing efforts aim to gather the usernames and passwords of people’s online accounts. This week, Google’s Threat Analysis Group (TAG) detailed a new hacking tool Charming Kitten is using that’s capable of downloading people’s entire email inboxes. Dubbed Hyperscrape, the tool can steal people’s details from Gmail, Yahoo, and Microsoft Outlook. “The attacker runs Hyperscrape on their own machine to download victims’ inboxes using previously acquired credentials,” TAG says in a blog post. The tool can also open new emails, download their contents, and then mark them as unread, so as not to raise suspicions. So far, Google says it has seen the tool used against fewer than two dozen accounts belonging to people based in Iran.
Password management company LastPass says it has been hacked. “Two weeks ago, we detected some unusual activity within portions of the LastPass development environment,” the company wrote in a statement this week. LastPass says an “unauthorized party” was able to gain access to its development environment through a compromised developer account. While the hacker (or hackers) were within LastPass’s systems, they took some of its source code and “proprietary LastPass technical information,” the company says in its statement. It has not detailed which elements of its source code were taken, making it difficult to assess the seriousness of the breach. However, the company does say that customer passwords and data have not been accessed—there’s nothing LastPass users need to do in response to the hack. Despite this, the indictment is still likely to be a headache for the LastPass technical teams. (It’s not the first time LastPass has been targeted by hackers either.)
The chief communications officer of crypto exchange Binance claims scammers created a deepfake version of him and tricked people into attending business meetings on Zoom calls with his fake. In a blog post on the company’s website, Binance’s Patrick Hillmann said that several people had messaged him for his time. “It turns out that a sophisticated hacking team used previous news interviews and TV appearances over the years to create a ‘deepfake’ of me,” Hillmann wrote, adding that the alleged deepfake was “refined enough to fool several highly intelligent crypto community members.” Neither Hillmann nor Binance has posted any images showing the claimed deepfake. Since deepfakes first emerged in 2017, there have been relatively few incidents of faked video or audio scams impersonating people. (The vast majority of deepfakes have been used to create nonconsensual pornographic images). However, recent reports say deepfake scams are on the rise, and in March of last year the FBI warned that it anticipated a rise in malicious deepfakes within the next 12 to 18 months."
✓
New! Follow this author to stay notified about their latest stories.
In a display of even-handedness, Facebook and Twitter have taken down a series of accounts that have for five years been engaging in pro-Western propaganda.
Twitter said the accounts violated its policies on platform manipulation and spam, while Meta described them as 'coordinated inauthentic behavior'.
Following the takedown of the accounts during this month and last, data was handed over to social media analytics firm Graphika and the Stanford Internet Observatory for analysis.
The accounts were found to be targeting users in the Middle East and central Asia with narratives promoting the interests of the US and its allies, while opposing countries including Russia, China, and Iran.
They heavily criticized Russia in particular for the deaths of innocent civilians and other atrocities committed by its soldiers following the invasion of Ukraine in February this year. Some also promoted anti-extremism messaging.
"We believe this activity represents the most extensive case of covert pro-Western influence operations on social media to be reviewed and analyzed by open-source researchers to date," the researchers say.
"With few exceptions, the study of modern influence operations has overwhelmingly focused on activity linked to authoritarian regimes in countries such as Russia, China, and Iran, with recent growth in research on the integral role played by private entities. This report illustrates the much wider range of actors engaged in active operations to influence online audiences."
The pattern of activity indicates a series of campaigns over a period of almost five years, rather than one homogeneous operation. However, say the researchers, they're similar to propaganda campaigns seen before.
They involved fake personas with faces created by generative adversarial networks, along with fake media outlets, leveraged memes and short-form videos. Their creators attempted to start hashtag campaigns and launched online petitions - all tactics observed in past operations by other actors.
The Twitter dataset covered 299,566 tweets from 146 accounts between March 2012 and February 2022, and fell into two broad categories. The first was linked to an overt US government messaging campaign called the Trans-Regional Web Initiativ. The second consisted of a series of covert campaigns 'of unclear origin' that were also represented in the Meta dataset of 39 Facebook profiles, 16 pages, two groups, and 26 Instagram accounts active from 2017 to July 2022.
The researchers haven't identified the origin of the campaigns, although Meta suggests the US, and Twitter the US and UK. However, they don't appear to have been particularly successful.
"Importantly, the data also shows the limitations of using inauthentic tactics to generate engagement and build influence online," the researchers say.
"The vast majority of posts and tweets we reviewed received no more than a handful of likes or retweets, and only 19 per cent of the covert assets we identified had more than 1,000 followers."
✓
No comments:
Post a Comment