• Here’s How Russia Will Attack the 2020 Election. We’re Still Not Ready.

    In 2016, the GRU, Russia’s military intelligence branch, launched a massive, and successful disinformation campaign to change the way Americans were talking about the two candidates – Hillary Clinton and Donald Trump. Among the GRU’s most effective disinformation techniques was one known as “narrative laundering,” which aims to inject the Kremlin’s preferred stories – real, fake, or doctored — into mainstream American media. “It is quite possible that these exact techniques will be used again,” Renee DiResta, Michael McFaul, and Alex Stamos write. “And why shouldn’t they? We’ve done almost nothing to counter the threat.”

  • Fighting Deepfakes When Detection Fails

    Deepfakes intended to spread misinformation are already a threat to online discourse, and there is every reason to believe this problem will become more significant in the future. Automated deepfake detection is likely to become impossible in the relatively near future, as the approaches that generate fake digital content improve considerably.

  • Five Faces of Russia’s Soft Power: Far Left, Far Right, Orthodox Christian, Russophone, and Ethnoreligious Networks

    Does Russia exercise true “soft power”—the power of attraction—in any significant measure? Şener Aktürk writes that while some argue that the power Russia exerts is not really soft power, “I suggest Russia’s soft power may be at least as great as its hard power in international politics.” There are at least five different categories of foreign audiences that espouse a pro-Russian geopolitical identity – “In addition to pro-Russian far right parties and networks, which have attracted most of the attention of scholars and journalists, there are also far left, Orthodox Christian, Russophone, and various ethnoreligious and separatist groups that favor a pro-Russian geopolitical identity.”

  • Private Vendors Critical to Election Security Inadequately Supervised

    Private vendors build and maintain much of the election infrastructure in the United States with minimal oversight by the federal government. A new report presents the risks this poses to the security of our elections and offers a solution.

  • How Fake News Spreads Like a Real Virus

    When it comes to real fake news, the kind of disinformation that Russia deployed during the 2016 elections, “going viral” isn’t just a metaphor. Using the tools for modelling the spread of infectious disease, cyber-risk researchers at Stanford Engineering are analyzing the spread of fake news much as if it were a strain of Ebola.

  • Saudi “Twitter Spies” Broke No Federal Privacy Laws -- Because There Are None

    Privacy expert Mike Chapple of the University of Notre Dame says that the Saudi “Twitter Spies,” who were charged last week by the Justice Department for spying on behalf of Saudi Arabia, committed espionage — but broke no federal privacy laws because there are no such laws. Chapple says that Twitter failed to live up to industry-standard cybersecurity practices.

  • Can the United States Deter Election Meddling?

    The 2020 election is still a year away, but law enforcement officials are already sounding the alarm about foreign interference in the election. Leaders of the U.S. intelligence and law enforcement communities warn that Moscow is preparing to launch a similar effort next year. Joshua Rovner writes that cyber-meddling is a challenge, but that we should not despair.

  • Disinformation Agents Are Targeting Veterans in Run-Up to 2020 Election

    Disinformation campaigns are targeting U.S. veterans through social media, seeking to tap the group’s influential status in their communities and high voting turnout in order to influence elections and fuel discord. Katerina Patin writes that veterans present an ideal target for foreign actors. In addition to their social status and voting rate, veterans are also more likely to run for office and more likely to work in government than any other demographic.

  • We’re Underestimating China’s Impact on Governance in Latin America: Three Persistent Myths

    China’s growing engagement with Latin America and the Caribbean (LAC) in recent years has captured the attention of policymakers, business leaders and foreign policy observers across the region. Jessica Ludwig writes that much of this discussion has focused on the economic dimensions of the relationship. “But largely absent from the conversation has been a serious, dedicated look at the normative impact of relations with Beijing on governance—and, in particular, on whether closer relationships with China’s party-state authorities will affect prospects for democracy in a region that has—at least theoretically—adopted a consensus around democratic values,” Ludwig writes. “Without a firm, well-rounded foundation of knowledge about China and the priorities of its political leadership, LAC countries are starting from a significantly disadvantaged position when negotiating the terms of the relationship.”

  • U.S. Security Leaders Warn About Russian, Iranian Interference in 2020 Polls

    Top U.S. intelligence and law enforcement officials have joined together to warn Americans about attempts by Russia, Iran, and other foreign “adversaries” to interfere with next year’s presidential election. “Our adversaries want to undermine our democratic institutions, influence public sentiment, and affect government policies,” the leaders of the Trump’s administration on security matters said in a joint statement released on 5 November. “Russia, China, Iran, and other foreign malicious actors all will seek to interfere in the voting process or influence voter perceptions,” they added.

  • Are Journalists Ready for Foreign Interference in 2020?

    Last month, the U.S. Senate Select Committee on Intelligence released volume two of its investigation into Russian interference, which details an extensive campaign that aims to sow division and undermine American democracy via social media. One of Russia’s key strategies is to target journalists. As the report describes, “Information warfare, at its core, is a struggle over information and truth. A free and open press — a defining attribute of democratic society — is a principal strategic target for Russian disinformation.” By targeting journalists and news outlets in democratic countries, authoritarians weaken a key pillar of democratic societies.

  • Inside the Microsoft Team Tracking the World’s Most Dangerous Hackers

    When the Pentagon recently awarded Microsoft a $10 billion contract to transform and host the U.S. military’s cloud computing systems, the mountain of money came with an implicit challenge: Can Microsoft keep the Pentagon’s systems secure against some of the most well-resourced, persistent, and sophisticated hackers on earth?

  • Officials Just Had Their Last Chance to Road Test Elections Before 2020

    From a security perspective, Tuesday’s odd-year election went off without a hitch: Officials didn’t spot any major disruptions from hacking or disinformation campaigns. But Joseph Marks writes that the fight to protect the 2020 contest is only ramping up. And officials were quick to warn that it will be a far juicier target for foreign actors.

  • Foreign Money Flows into U.S. Politics

    Untold amounts of foreign donations are flowing into America’s political system, with little accountability or limits. Although election experts say it’s impossible to accurately estimate the extent of foreign financial influence over U.S. elections, many agree it has increased substantially since a landmark Supreme Court ruling nearly a decade ago opened the flood gates.

  • The WhatsApp-NSO Group Lawsuit and the Limits of Lawful Hacking

    On 29 October, WhatsApp sued the Israeli cybersecurity company NSO Group for installing surveillance malware on the phones of more than a thousand WhatsApp users, including journalists and human rights activists. (The WhatsApp vulnerability that NSO Group exploited was publicly reported in May 2019 and patched shortly thereafter.) WhatsApp sued primarily under the Computer Fraud and Abuse Act (CFAA), the main federal law criminalizing computer hacking, which also permits private lawsuits. Alan Z. Rozenshtein writes that the complaint is notable for what it doesn’t include: the identity of the “customers” on whose behalf NSO Group installed the malware. But it’s pretty easy to figure out.