• Corporate data collection and U.S. national security: Expanding the conversation in an era of nation state cyber aggression

    What has the Russia investigation revealed about risks inherent in mass private data collection? Carrie Cordero writes that one thing we learned from the Russia investigation is that we may be framing the conversation about corporate data collection too narrowly. “Based on what we have learned publicly so far about the Russian election interference, it is worth pausing to reflect on the national security implications of corporate data collection and aggregation as it relates to the collection of individual, private citizens’ data,” she says. “Although the Senate Select Committee on Intelligence (SSCI) and special counsel investigations are not yet complete, we know enough already about Russia’s interference in the 2016 election to understand that data collected from private companies and organizations can be accessed, exposed and potentially misused in a way that is harmful to the country’s institutional stability. At the very least, its misuse sows distrust and confusion. At worst, it shreds the institutional and societal fabric that holds the country together.”

  • World Cup 2018: British intelligence briefs players, staff on Russian cyberthreats

    The U.K. Football Association (FA) said it was taking cybersecurity seriously this summer – the Soccer World Cup tournament will be held in Russia from 15 June to 15 July — and will be taking advice from the National Cyber Security Center (NCSC) at the GCHQ (the British equivalent of the U.S. NSA). The England team will be briefed by GCHQ staff before flying out to the World Cup to help them stay safe from Russian hackers.

  • The era of fake video begins

    “Deepfake” videos produced by Russian-linked trolls are the latest weapon in the ongoing fake news war. The Kremlin-backed trolls are already experimenting with new video manipulation techniques which use artificial intelligence to create convincing doctored videos. Franklin Foer writes the internet has always contained the seeds of postmodern hell, and that mass manipulation, from clickbait to Russian bots to the addictive trickery that governs Facebook’s News Feed, is the currency of the medium. In this respect, the rise of deepfakes is the culmination of the internet’s history to date—and probably only a low-grade version of what’s to come. Fake-but-realistic video clips are not the end point of the flight from reality that technologists would have us take. The apotheosis of this vision is virtual reality.The ability to manipulate consumers will grow because VR definitionally creates confusion about what is real,” Foer writes. “Several decades ago, after giving the nascent technology a try, the psychedelic pamphleteer Timothy Leary reportedly called it ‘the new LSD’.”

  • Regulation or research? Searching for solutions to reduce Truth Decay in the media

    What is social media’s role in the decline of trust in the media? Is government intervention needed to help stop the spread of misinformation on these platforms? These questions were the focus of a recent RAND Corporation event on the connection between the media and Truth Decay.

  • Hacker accused of aiding Russian spies in massive breach gets prison

    A Kazakh-born computer hacker who U.S. prosecutors say unwittingly worked with a Russian spy agency in a massive Yahoo data breach has been sentenced to five years in prison. Karim Baratov was named in an indictment last year that charged two Russian spies with orchestrating the 2014 Yahoo breach involving 500 million users — one of the largest breaches at any Internet company.

  • Russia’s active measures architecture: Task and purpose

    Russia’s latest iteration of the Soviet-era tactic of “active measures” has mesmerized Western audiences and become the topic de jour for national security analysts. In my last post, I focused on the Kremlin’s campaign to influence the U.S. elections from 2014 to 2016 through the integration of offensive cyber hacking, overt propaganda, and covert social media personas In this post, I focus on the elements of Russia’s national power that execute active measures abroad.

  • U.S. disrupted major Russian cyberattack, possibly on Ukraine

    The U.S. Justice Department has seized an Internet domain controlled by a hacking group tied to Russian military intelligence that was planning a major cyberattack, possibly in Ukraine. The U.S. move late on 23 May was aimed at breaking up what the department said was a dangerous botnet of a half-million infected computer network routers that could have allowed the hackers to take control of computers and stage destructive attacks, as well as steal valuable information.

  • Russia’s corruption, influence “a matter of national security”: U.K. Parliamentary panel

    “Dirty” Russian money is undermining Britain’s efforts to stand up to the Kremlin and supports President Vladimir Putin’s campaign “to subvert the international rules-based system,” a British parliamentary report says. “The scale of damage that this ‘dirty money’ can do to U.K. foreign-policy interests dwarfs the benefit of Russian transactions in the City,” Foreign Affairs Committee Chairman Tom Tugendhat said today (21 May) ahead of the release of the report. “Over the years, Moscow has turned from being a corrupt state to an exporter of instability. Russian corruption and influence has become a matter of national security,” he added.

  • “The day that we can't protect human sources”: The president and the House Intelligence Committee burn an informant

    It wasn’t that long ago that both the executive branch and the legislature considered the protection of intelligence sources a matter of surpassing national importance. In 1982 Congress passed the Intelligence Identities Protection Act, which criminalized the knowing and intentional outing of U.S. covert operatives and intelligence sources whom the government is taking active steps to protect. So what happens, Quinta Jurecic and Benjamin Wittes write in Lawfare , “when the intentional outing of U.S. intelligence assets is the province not of rogue insiders, not of foreign hackers or foreign agents, not of people who end up spending the rest of their lives as fugitives, but of senior officials in two branches of this country’s government who are most responsible for protecting those assets” — and “when they do so for frankly political reasons?”

  • The top three trends we miss when discussing Russian ads

    Last week, the Democrats of the House Intelligence Committee released the trove of over 3,500 Facebook ads purchased by the St. Petersburg-based Internet Research Agency (IRA) from 2015 to 2017. For the most part, the release confirms what we already knew: Accounts based in Russia exploited America’s societal fissures to sow chaos in the United States in order to weaken our democratic structures, force us to turn inward, and thereby increase Russia’s standing in the world. But taken holistically, three trends emerge that are not evident when only highlighting the most divisive content.

  • What's trending in fake news?

    Researchers have launched upgrades to two tools playing a major role in countering the spread of misinformation online. The improvements to Hoaxy and Botometer aim to address concerns about the spread of misinformation and to build trust in quality journalism. A third tool — which goes by the name Fakey — is an educational game designed to make people smarter news consumers, was also launched with the upgrades.

  • Putin’s doctrine blends “bare-face lying,” “social media disinformation,” and “criminal thuggery”: MI5 Director

    In a speech on Wednesday, MI5 Director General Andrew Parker discussed the security challenges the West is facing, chief among them the threat from Russia. Parker said the threat from Russia is a “hybrid threat,” as Russia is a practitioner of a doctrine “blending media manipulation, social media disinformation and distortion with new and old forms of espionage, high levels of cyberattacks, military force, and criminal thuggery.” Parker added: “Our democracies, our societies and our bonds of partnership are strong. But we must not be complacent about the longer-term potential impact of this [Russian] activity on the international rules-based order that supports our security and prosperity.”

  • Kaspersky to move data center from Russia to Switzerland

    Kaspersky Lab, the Moscow-based anti-virus maker will open a Swiss data center after allegations that Russian hackers exploited the company’s software to spy on customers. The said the new location would help it “rebuild trust.”

  • The Facebook ad dump shows the true sophistication of Russia’s influence operation

    The massive trove of Facebook ads House Intelligence Committee Democrats released last Tuesday offers a breathtaking view of the true sophistication of the Russian government’s digital operations during the 2016 presidential election. Many stories have already been written about the U.S. intelligence community’s investigation of the hacking operation Russian intelligence services carried out to influence the election in favor of then-candidate Donald Trump. Derek Hawkins writes that the more than 3,000 “incredibly specific and inflammatory” Russian ads released last week allow us for the first time to “have a swath of empirical and visual evidence of Russia’s disinformation campaign.”

  • War on fake news could be won with the help of behavioral science

    Facebook CEO Mark Zuckerberg recently acknowledged his company’s responsibility in helping create the enormous amount of fake news that plagued the 2016 election – after earlier denials. Yet he offered no concrete details on what Facebook could do about it. Fortunately, there’s a way to fight fake news that already exists and has behavioral science on its side: the Pro-Truth Pledge project. I was part of a team of behavioral scientists that came up with the idea of a pledge as a way to limit the spread of misinformation online. Two studies that tried to evaluate its effectiveness suggest it actually works.