Information war and propaganda: a brute force attack on reality

Why is it so hard to get information about the source of computer hacks? Because the lag time between the hack and the discovery of the intrusion or theft can be months, if not longer. The Shadow Brokers exploits, for example, (supposing they were actually hacked), are thought to date from 2013.

The DNC hack was known about by Washington insiders since last year, but only became major news this year during the election.

“The average time it takes a victim of a cyber attack to detect that they have been breached is 205 days,” writes strategist Peter W Singer.

And that’s just when a target detects the attack.

“In cybersecurity…time operates by different rules,” Singer said, contrasting the idea of Cold War missile deterrence with the realities of today’s cyber conflict.

“The physics of a ballistic missile’s speed and arc determined conceptions of deterrence during the Cold War,” Singer writes.

Another place where time is operating by different rules is the world of news – and this has important considerations for information war and propaganda.

There’s the data. You have minutes to decide. (National Archives)

In fact, competition for eyeballs in news has media outlets in a situation with troubling parallels to that of a Cold War missile launch stand off. Decision-makers must act on incomplete or not fully digested information in minutes rather than days with the fear of being beat by competitor a major factor.

Thankfully, the button to push is only marked ‘publish.’

Overall, the concept of time that is understood by editors, producers, reporters, bloggers has been completely transformed from a generation ago. Social media amplifies the effect, giving the public a lever to help shape – and manipulate – the news as its crystallizing.

Singer writes about “The critical 30 minutes” it takes an ICBM to “fly across continents” as being essential to “planning and strategy.”

Because of the digital reality of the internet, the time frame between learning about breaking news and publishing the first take has been reduced from hours – a generation ago – to mere minutes. Or even seconds.

Breaking news from one outlet can trigger almost universal follow-on stories everywhere else. The first mover advantage when the story is breaking is enormous. Search engines reward you. Twitter and Facebook reward you. With high traffic stories translating to revenue from advertisement, media outlets can have a financial incentive to ‘publish first’ that extends past mere professional competition.

That is another reason why when one media outlet has a big story, the pack is likely to pile on quickly, creating what looks like a stampede online.

Of course, there was always fierce competition with media. Today, though, the ability of the masses to shape the terms of the coverage, through repostings, and indeed, their reaction to the news is a novel situation.

In this way, organisations with a disinformation/misinformation agenda along with allied social media players (partisans and trolls, alike) can strongly influence traditional news websites.


The first few minutes between awareness of a new story and the initial draft are prime time for manipulation of the media. As soon as the news story is published online, it begins to crystallize in the audiences imagination. From there, it can be hard to change.

Research indicates readers often remember the incorrect fact, even after the correction has been published.

First impressions have never counted so much.

The Truth doesn’t always win

When you factor into the mix the proliferation of social media the possibilities of manipulating the news become much clearer. The news momentum surges online, bringing expectations for content. A Trump fan describes what happens next:

Social media has become a source of news in and of itself for the very lazy journalism industry over the last few years. They skim what other people find interesting, put it into 300-700 words or less of boilerplate, and boom, content. Hundreds of millions of people rely on Facebook’s trending column or their Twitter feeds for this kind of news, and some of that news itself is recursively drawn from those trend lists. Nothing has to even happen in the real world … for us to become newsworthy anymore. We just meme things into reality.”

Once the momentum for a story is happening online and on social media, the role of traditional news outlets can be to legitimize, rather than to report an event.

The case of the gruesome Islamic State videos is a good example.

In an earlier time, media would block those images of IS captives in their final moments. These days with the explosion of choice online and social media, the mainstream media’s use of the images ensured they circulated even further.

Unlike the old days, when the media was elite and there was a scarcity of news outlets, today, online, simply refraining from reporting an item doesn’t mean the story dies.

A different pace of news  in past – legendary editor Harold Hayes (

With enough interest, the traffic will simply flow around the site that doesn’t offer the images, to find the one that does. Few editors could afford (literally) to not run still photos of the chilling IS imagery, for example, at least for the first few times it happened.

Russian misinformation exploits a similar swarm dynamic, by marshaling diverse voices to say the same thing – even from contradictory angles – in the process creating what is in effect a brute force attack on reported reality. 

Just look at the stories about Hillary Clinton’s health. It first originated years ago in the US around the time of Benghazi hearings. But the meme has had a powerful comeback during the 2016 election, helped by the full force of Russia-backed trolls and media outlets.

It brings to mind the RAND Corporation’s analysis of what they call the “Firehose of Falsehoods” propaganda strategy:

Russian propaganda is produced in incredibly large volumes and is broadcast or otherwise distributed via a large number of channels. This propaganda includes text, video, audio, and still imagery propagated via the Internet, social media, satellite television, and traditional radio and television broadcasting. The producers and disseminators include a substantial force of paid Internet “trolls” who also often attack or undermine views or information that runs counter to Russian themes, doing so through online chat rooms, discussion forums, and comments sections on news and other websites.

“It may come as little surprise that the psychology literature supports the persuasive potential of high-volume, diverse channels and sources, along with rapidity and repetition. These aspects of Russian propaganda make intuitive sense…This next characteristic, however, flies in the face of intuition and conventional wisdom, which can be paraphrased as ‘The truth always wins.’

“…Why might this disinformation be effective? First, people are often cognitively lazy. Due to information overload (especially on the Internet), they use a number of different heuristics and shortcuts to determine whether new information is trustworthy. Second, people are often poor at discriminating true information from false information—or remembering that they have done so previously.”

Hashtag hegemony

Glaring distortions appear to be a common tactic. Consider the DNC Leaks story. A reasonable examination of the facts shows the emails of the Democratic Party weren’t “leaked” but rather, hacked – by Guccifer 2.0, who is thought to be linked to Russia.

Yet the message of the DNC Leaks, we were relentlessly told by WikiLeaks and Russia-backed media, was that it supposedly showed “election fraud.” The reality was the emails showed some Democratic Party insiders were partial to Hillary Clinton over Bernie Sanders before the nomination process ran its course.


Searches on Hillary’s health

There was inside party favouritism. But that’s not quite the same as outright election fraud, which involves “misrepresentation or alteration of the true results of an election.”

Even the hashtag “DNCLeaks” is incorrect. But in the initial push from the partisans and trolls (and WikiLeaksand WikiLeaks) to get the story online, “DNCLeaks” was the hashtag.

For media to write their stories, they would likely use the “DNCLeaks” hashtag (because it was trending) when publishing it onto social media. This decision reinforced the meme of news that supports Donald Trump (and presumably Russia’s) position – that the US election is somehow rigged.

If the mainstream media wants to buy into the story, they have to use the partisans’ terms.

In the early moments of the breaking news situation, the short window of time media outlets have to match each others stories, even if people pushed back against DNCLeak to call it DNCHack, the sheer volume of partisans, and then innocents, retweeting and posting and titling headlines with “DNCLeak” establish a kind of hegemony of the hashtag.

In this way, debunking and fact-checking is of limited use. As the the Great Communicator said, “If you’re explaining, your losing.”

During a brute force attack on reality, the hope that Truth will always win out seems a bit quaint and wrapped up in the communications technology of the 20th Century.

Ideology part of psychology

The effect of these campaigns is visible today: If Hillary Clinton is not facing a grave, yet hidden disease,  why is Western media talking about her health? If Russia is fomenting rebellion in Eastern Ukraine, why does Western media discuss the issue as a populist uprising by local Ukrainians? Did Russia make the first move in destabilizing Ukraine? Or did the US by expanding NATO too close to Russia? Nothing conclusive. Just enough to sow doubts in the mind of the public.

Another way to communicate: Brubeck in Krakow (U of the Pacific)

Russia media is adept at getting breaking news stories up online quickly. RT and Sputnik apparently devote considerable resources to their breaking news desks. Sputnik has a direct line to the Kremlin to “discuss secret things”, which could be handy for some stories. The strength of the well reported fact serves the larger cause of foisting ideological distortions and propaganda on Western publics.

Russia-originated fictions migrating into mainstream Western news create doubt about the entire political Western political process. In this way, today’s Russian propaganda draws on a storied history.

The great advance of Russia propaganda in the 20th century was “making ideology part of psychological warfare.” 

The landscape of the internet is more fertile for this than the print world. So the arguments – globalized online – are even more seductive to Western publics genuinely searching for answers in a post-growth world.

If you are aggrieved by globalization, you are for nationalism, Russian propaganda says. (The return of nationalism is the supposed takeaway message from Russia’s discussion of the UK’s Brexit), an event which RT and Sputnik backed.

In the 1927, the Communist International’s slogan used to be “Against War, for the Soviet Union”.

See? So if you didn’t want war, then you were implicitly aligned with the Soviet Union, a country that – before fighting Hitler’s Nazis – would first make a pact with them.

Today if you’re fed up with the status quo in the West, then you should be really angry about Hillary Clinton’s actions in Libya, or the fact that the billionaire George Soros supports pro-democracy NGOs in Europe.

The new online reality we all live with means news travels so fast that no one can seem to stop the momentum once it starts. That being the case, governments in the West should fear the effect of propaganda like this. As in past times, when they turned even to jazz to get their message out, today Western governments may have to look for a fresh way to counter efforts that resist traditional fact-checking and accurate reporting.

Follow Chris on Facebook


Shadow Brokers and Edward Snowden’s misinformation

In Edward Snowden’s tweetstorm on the Shadow Brokers exploits leak, one of his statements stands out as particularly disingenuous.

He writes that the impact of the exposure of the exploits could have “significant foreign policy consequences. Particularly if any of those operations targeted US allies.”

The truth is closer to this: the exploits could have “significant propaganda consequences” because as we all learned from Snowden in 2013 is that all nations – not just the US – spy on each other, even among allies.

Instead, Snowden (or whoever is manning his account) implies that the Shadow Brokers Equation Group exploit revelation is again going to show that the US has crossed a line that isn’t crossed by everyone else. That sits right alongside the notion that the US through the NSA has a Panopticon view of the world, foes and friends alike, and with it a crushing grip on the world’s freedom.

Even if you have some misgivings about the truthfulness of statements from Snowden because he lives and works in a country that is hostile to Western democracy, internet-freedom and progressive values, you may still have trouble recognizing this particular line of misinformation on the Snowden account.

It brings to mind this observation about Russian propaganda, concluded by social scientists, that: “Even when people are aware that some sources (such as political campaign rhetoric) have the potential to contain misinformation, they still show a poor ability to discriminate between information that is false and information that is correct.”


If it’s any help, just think of one the most notable and most famous examples of NSA spying on allies: the case of German chancellor Angela Merkel’s cellphone. She was deeply unhappy to learn the NSA was tapping it. The news was also offensive and troubling to the German people who have suffered the privacy-crushing tyranny of the Nazi and the Stasi in East Germany.

So what happened to the investigation in the NSA’s wrongdoing against Merkel? It was dropped because of a lack of evidence. The were even questions about the news reporting that initiated the claim and put the notion into the public’s sphere.

But here again is Snowden telegraphing to the high-minded infosec crowd in the West that the NSA has been caught again – doing essentially what the NSA is paid to do.

This isn’t to suggest US spy agency are all good guys, or that they can’t overstep their bounds, which the NSA did with the PRISM program, for example. But Snowden’s tweetstorm contains disingenuous information that seems designed to send the public fleeing to conclusions drive a wedge between the public and government – which happens to be Russia’s propaganda strategy against the West these days.

Follow Chris on Facebook


Shadow Brokers NSA leak: this too could be a form of Russian propaganda, says expert

As the Western world’s information security crowd grapples with the implication of the Shadow Brokers leaks, one researcher has suggested that Edward Snowden’s role in interpreting the leaks is itself part of Russia’s information war against the US.

Associate Professor Matthew Sussex from the Australian National University studies Russian foreign security policy, with a focus on new trends in conflict “especially in ‘hybrid’ warfare and in the evolution of propaganda”.

The handling of the Shadow Brokers leaks of what are thought to be NSA spying tools points to the possibility of a Russian information war strategy, Sussex says.

Snowden on a pedestal 

The Shadow Brokers group initially contacted media and information security experts about the leaks, with the hacking group’s tweet plans for an auction of them to the public.

Once awareness of the leaks entered the news cycle, the Twitter account of Edward Snowden broke its silence of more than a week with a tweetstorm giving context on the nature of the NSA’s exploits. In it, Snowden concluded that the leak was intended to “influence the calculus of decision-makers wondering how sharply to respond to the DNC hacks.”

The DNC hacks, a cache of hacked emails from the Democratic Party, were published just before the beginning of the Democratic Convention in July.

They contained some embarrassing revelations – and some mundane ones – that forced resignations in the party. Their contents were immediately seized on by on partisans who used them as the basis for a wave of criticism of presidential candidate Hillary Clinton.

Coming against the backdrop a sustained effort by Russian online propaganda to shape perceptions within the US, the role of the ex-NSA worker in providing context for the leaks may be a case of “hybrid war” strategy, said Sussex.

Russia engages in ‘shotgun’ propaganda, which is sprayed to see what hits. And then if something hits, it can be exploited,” said Sussex.

“When you want to do ‘hybrid war’, you link the propaganda to other things,” he said.

“For example, while we don’t know for sure, it would be in Russia’s interests to claim credit for the Shadow Brokers hacks [through Snowden’s tweets],” he said.

Snowden’s Twitter activity in the period before the leaks has spurred some doubts about whether he himself is doing the tweeting.

With Snowden ensconced in Moscow since 2013, it would be impossible to confirm that he has full control of his Twitter account or public appearance. Although when he appears live by video link he is typically consistent in his remarks on security, privacy and civil liberties.

There are other potential linkages between Russian information war and the Shadow Brokers leak.

For example, once the leaks became public, WikiLeaks tweeted it has possession of the files.

Asked if WikiLeaks could be an “instrument” of Russia when it comes to its information warfare goals, whether wittingly or unwittingly, Sussex said “yes”.

He noted that it didn’t matter whether WikiLeaks was aware or unaware of how it was being used by Russia as “the effect is largely the same”.

Drawing a line between the Shadow Brokers leaks and Russia highlights the sense of power and leverage Russia has over the West, he said.

Injecting the tech community in the West, and in the US in particular, with anti-Western views on NSA intelligence and the US government helps to cause friction and undermine cohesion between the government, the public and industry.

Robert Litt, general counsel for the Office of the Director of National Intelligence, told New York Magazine that Snowden’s disclosures have had “a radicalising effect in the private sector”.

“The technology and communications community has moved from a position of willingness to cooperate … to an attitude that ranges from neutrality to outright hostility, which is an extremely bad thing.”

Sowing division within society outside of Russia is a broader theme of that nation’s information war strategy, which has focused, for example, on dividing the European Union by giving diplomatic clout, media attention and even funding to anti-EU parties across the continent. This in turn helps undermine the trade bloc, which draws political strength from shared economic and social activity. That in turn makes the bloc’s members less willing to uphold sanctions against Russia, for example over its annexation of Crimea.

This comes as US Republican candidate Donald Trump has been revealed to have a number of ties to Russia – including a foreign policy vision for Eastern Europe that conforms closely to Moscow’s geopolitical views.

Follow Chris on Facebook

Shadow Brokers NSA exploits: doubts about Edward Snowden’s tweets

Ex-National Security Agency contractor Edward Snowden’s statements on Twitter attributing the alleged leak of NSA bugs by the group the Shadow Brokers to Russia has raised suspicions about the authenticity of his tweets.

The timing around Snowden’s statements on social media as well as the basic lack of evidence the American citizen is himself behind them have prompted at least one expert to publicly question them.

Who does this man’s PR?

Security consultant Jonathan Nichols, who worked in hacking and psychological warfare for the US Army, said that nothing  Snowden has “said in the last 24 hours has challenged the question from the last week: ‘is Snowden still alive?'”

“That needs to proven before we take anything coming from that account as actually coming from the mouth of Edward Snowden, the person.”

Nichols said a person of Snowden’s background would know he’s expected to provide some kind of proof that he is the authentic voice behind the account after his unusual statements and period of absence from social media.

“He knows exactly what both (the IC and infosec) communities would expect, a message cryptographically signed by him, and a quick video of him referencing recent events.”

Snowden’s most recent communication on Twitter are a fairly blunt commentary on the leak of sophisticated bugs, or exploits, used to hack the computers of governments and organisations worldwide.

The malware is thought to have come from the NSA, and experts in the West are blaming Russia following the DNC Leaks, a position Snowden appears to endorse in the latest tweets, which is also unusual.

On August 5, Snowden tweeted an encryption key, which allows people to check any message they receive from him against the signature, or key, to see if they match and confirm identities.

Two days earlier, Snowden tweeted an unusual message: “Did you work with me? Have we talked since 2013? Please recontact me securely, or talk to @bartongellman. [The Washington Post journalist who wrote some of the initial stories on Snowden].” The tweet ends with the words “It’s time.” There was no additional explanation. Both of those tweets were deleted.

Then for 10 days, Snowden went quiet. So quiet, in fact, that his Russian lawyer went public to assure people that Snowden was in fact, still alive.

On the 15th, a picture of Mark Twain was posted with the author’s famous words, “The reports of my death are greatly exaggerated.”

Nichols notes Snowden “left the internet with 2 cryptic tweets” and “up until he started tweeting again 24 hours ago, there was serious question as to whether he was still alive.”

“From both an intelligence community- and an information security perspective, you don’t go silent after those creepy tweets he went offline with, and then suddenly pop back online and start acting like nothing happened,” Nichols said.

Other members of the US security community also see the timing and pattern around Snowden’s latest tweets as suspicious.

If Russia is behind the so-called Shadow Brokers’ group it follows a recent pattern including the hacking of the Democratic Party’s email and voicemail accounts in the US. A hacker named Guccifer 2.0, which is also thought to be linked to Russian intelligence, claimed to have accessed the trove of emails, known as DNC Leaks, which were distributed by WikiLeaks in time to disrupt the US Democratic Party before its convention in July.

The escalation of information war and cyberwar efforts against the US have caught Washington unprepared.

“The real problem for us is that the Russians seem to have taken the gloves off in the cyberdomain and we don’t know how to respond,” James A. Lewis, of the Center for Strategic and International Studies, told the New York Times.

Russia’s efforts against Western countries in the cyber realm has increased significantly in recent years, as Russia seeks to reestablish itself as a strong regional and even global player more than two decades after the fall of the Soviet Union.

Russia’s complex – and so far, successful – information war strategy combines expertise across a variety of areas to achieve its goals, which means  – in theory – that even as hackers go after the NSA exploits, propagandists are figuring the best way to exploit them in the evolving situation between Russia and the US during its presidential election.

As Jolanta Darczewska the Centre of Eastern Studies wrote in 2014, “Russian information warfare theory also has traits of an interdisciplinary applied science.”

“This is because it covers a very broad range of actions (political, economic, social, military, intelligence, counterintelligence, diplomatic, propaganda, psychological, informational, communication technologies, educational, etc.)”

In this way, the value of Edward Snowden to Russia may be equally for propaganda against Western democracies as any intelligence he would have provided about the inner workings of the NSA.

Snowden fled the US in 2013 after revealing the extent of the NSA’s post-September 11, 2001 electronic spying, which included unlawful domestic surveillance.

After travelling to Hong Kong, Snowden was given asylum in Russia amid fears he would be sent to the US and prosecuted for spilling government secrets. WikiLeaks leader Julian Assange claimed credit for helping direct Snowden to Russia.

Follow Chris on Facebook