Skip to content
Naked Security Naked Security

While Americans were going to the polls for the 2018 US midterm elections, the US military was cyber-hammering Russian’s infamous troll factory to frustrate its election-meddling ways, the Washington Post has reported.

According to unnamed US officials who weren’t authorized to discuss classified information, the cyberstrike was launched against the Russian government-linked Internet Research Agency (IRA).

This is reportedly the first official US cyberattack on the IRA, a St. Petersburg company underwritten by an oligarch close to President Vladi­mir Putin. From the sounds of it, it was more annoying – think messing with their minds – to those whom US intelligence has deemed to be Russian election meddlers than crippling to that country’s ongoing propaganda efforts.

The Post quoted one individual who was familiar with the matter:

They basically took the IRA offline. They shut them down.

Or not, said Thomas Rid, a strategic-studies professor at Johns Hopkins University:

Such an operation would be more of a pinprick that is more annoying than deterring in the long run.

Well, maybe, but there’s still value in inflicting fear, uncertainty and doubt, one defense official told the Post:

Part of our objective is to throw a little curveball, inject a little friction, sow confusion. There’s value in that. We showed what’s in the realm of the possible. It’s not the old way of doing business anymore.

US to Russia: You’re not the only internet-borne threat

The “new” way of doing business is another way to say hacking back – what’s also called offensive hacking, or what the Defense Department has called “defending forward” in its new cyber strategy, which it introduced in September.

It’s what we can think of as plain old “attacking,” but without the need for the military to get an OK from the president’s National Security Council.

One of the Post’s sources from the Defense Department said that the ability to hack back/defend forward makes the US, finally, a contender:

The calculus for us here was that you’re just pushing back in the same way that the adversary has for years. It’s not escalatory. In fact, we’re finally in the game.

Cybercom stomps

In this case, the Post reports, the attack was carried out by Cyber Command (Cybercom). In October, the New York Times reported that Cybercom’s attack was in part psychological: agents individually targeted Russian operatives to try to convince them not to spread disinformation that could skewer elections. The Russian operatives were told that US operatives knew their names and their online handles and that they were tracking their work.

Two US officials told the Post that some IRA officials were so freaked out, they launched an internal investigation to root out what they thought were insiders leaking information.

Some officials said that this type of mind-play won’t have much impact on Russia’s overall strategy. One such:

Causing consternation or throwing sand in the gears may raise the cost of engaging in nefarious activities, but it is not going to cause a nation state to just drop their election interference or their malign influence in general. It’s not going to convince the decision-maker at the top.

Besides Cybercom’s efforts to defend the elections, the broader defensive/offensive strategy included Homeland Security, the State and Justice departments, and the FBI. The Post reports that it was led by Gen. Paul Nakasone, who in July formed the Russia Small Group, made up of 75 to 80 people from Cybercom and the National Security Agency (NSA), which are part of the Defense Department.

In an interview with Joint Force Quarterly, Nakasone said that up until now, the country has employed ineffective defenses against adversaries who’ve penetrated our networks, weaponized information for conducting propaganda campaigns, stolen intellectual property, and ripped off people’s personally identifiable information (PII).

In order to fight off such adversaries, Nakasone said that we have to get on the same playing field and figure out their moves:

We’ve learned that if we’re going to have an impact on an adversary, we have to persistently engage with that adversary, we have to understand that adversary, we have to be able to impose cumulative costs on that adversary, and we have to be able to understand where that adversary not only is but also where he is going.

5 Comments

“Defending forward” just like Preemptive strike, Regime change, and Bipartisan.
“Euphemisms are a propagandistic tool of misdirection. They ill serve a free people.” (quoted ’cause I stole it elsewhere)
Well, we’ve gone from real war, to cold war, to cyber war, how about we go to computer games (like old Quake 2 LMCTF) next. That way we can take dinner and potty breaks, and like politicians and arms dealers (the real winners) we get to live. I’d rather not back track to real war, even if I’m to old to get drafted.

NYT and WaPo rely almost exclusively on career civil servants or anonymous officials to perpetuate this myth of Russian election interference.

Got another source?

Anonymous officials to perpetuate this myth of Russian election interference – For example defectors of the old soviet union before President Vladi­mir Putin clear back to Lenin therefore if some one can not keep up with current event as one reporter said it becomes propaganda. Therefore with so many thing going on in the world there most be some one that can see the difference between fact and fiction. Many cybercriminals from any country would love to shift the blame from them to some other person therefore creating more a problem than solution. If a defectors of the old soviet union before President Vladi­mir Putin clear back to Lenin were to lose their job they could claim things that are not real for a job here with propaganda..

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?