Over the past several weeks, we have all learned that Facebook will not take down doctored videos of Speaker Pelosi because they “don’t have a policy that stipulates that the information you post on Facebook must be true.” We have also learned that because the National Security Agency lost control of one of their most effective cyber hacking, infiltration, and manipulation tools, that Baltimore, Md., as well as other cities, is being targeted for extortion.
The FBI briefed Florida’s new governor that Russian military intelligence did actually hack into and penetrate the computer systems dealing with voting and elections of two different Florida counties. However, they made him sign a non-disclosure agreement, which is standard when non-cleared individuals are read onto classified matters, so we have very few details beyond the basics and an anodyne statement that the Russian intelligence hackers did not change any votes.
Reporting has also informed us that Facebook’s fake accounts have doubled in six months, that Facebook has broken up an Israeli plan to disrupt elections using its platform, and that Iranian intelligence is suspected of being responsible for creating multiple social media accounts, across platforms, pretending to be journalists and Republican candidates for office, in an attempt to promote Iranian interests.
Week after week, day after day, more of these incidents are reported by journalists and pointed out by cyber and information security professionals. They point to a through line, established in earlier reporting about attempts by Russian intelligence and/or Russians working on their behalf posing as Republican Party officials.
For instance the infamous Tennessee GOP twitter account, Israeli private security and intelligence firms being hired to interfere in local US elections by manipulating information and news, Chinese, North Korean, Saudi Arabian, Emirati, or other competitor states conducting hacking for the purposes of espionage and/or influence against Americans, our allies and our partners.
The purpose of all of this hacking and leveraging of cyberspace for espionage, extortion, influencing people’s beliefs in favor of the hacking states’ foreign policy objectives, is to make it as hard as possible for Americans to actually know what is true. The intention is to leverage partisan political divisions, as well as other societal disagreements, disputes, and cleavages so that Americans, our allies, and our partners cannot agree on the basic outlines of reality. As a result, nothing is true, which means anything is possible.
For instance, Russia’s cyber attacks have targeted actual American infrastructure. Russian for-cover officials have been tracked mapping U.S. critical physical infrastructure, such as the communication and power transmission grid. This was in support of a cyber warfare campaign to infiltrate and compromise another important American center of gravity: the US power generation and transmission grid.
[Valdimir] Putin’s ability to weaponize information and the platforms where Americans get their information, combined with his ability to bring down all or portions of the U.S. power grid, should have every national security professional, as well as every American very, very, very worried. Putin’s cyber-warriors have already tried to create a response through planting false social media stories of real looking, but fabricated news reports about a foreign terrorist attack on the U.S. energy sector, an Ebola outbreak, and a riot in response to a police shooting. All of which never happened.
Imagine what happens should Putin or Kim Jong Un decides to start turning parts of the U.S. power grid off during extreme weather events while at the same time they are spreading disinformation made to look like actual news reports or official municipal, state, and/or Federal responses to the disaster he’s created. This is the threat we face. A threat facilitated by making it impossible for Americans to agree on facts and have a common understanding of reality. This is the point of making it so that nothing is true and, therefore, anything is possible.
In this bi-weekly Thinking Security column, I will be covering these and other issues dealing with security, from the national to the state and local to the personal, often with an emphasis on the manipulation of information to make all of us less secure. I look forward to the conversation.