Foreign Influence Operations – “Sock Puppetry” or “Let me Catch Up with Russian Active Measures”?

It’s becoming increasingly evident that what was once a free netspace with thousands of active participants that also includes security researchers hackers crackers and reverse engineers including secure coding programmers and the general force that used to drive them which is thousands of loyal users across the globe is becoming increasingly positioned as a possible nation-state attack vectors which according to several recently released documents and research which are wrongly perceiving basic military concepts as sophisticated information warfare campaigns and operations including a highly misused word these days which is the so called foreign influence operations who are supposedly aiming to disrupt U.S National Security and see launched by Russia who are using Soviet Union type of techniques known as Active Measures in cyberspace.

We can easily conclude the day when cybercrime-friendly black hat SEO farms and rogue and bogus online content farms slowly matured into the basics of foreign influence operations including the rise of DIY (do-it-yourself) social media account management and spam tools which basically do nothing more than attempt to entice a user into visiting a link and attempting to spread a message. In a recent White House study it’s becoming increasingly evident that a general misunderstanding is starting to take place in the U.S Cyberspace Strategy which wrongly and possibly dangerously names and highlights the use of information warfare in cyberspace which is totally wrong in the context of having an official U.S White House document naming the practice which could lead to dangerous copycat type of activity on behalf of foreign adversaries.

It used to a situation and moment in time when Russia and China were busy acting as copycats for the purpose of stealing information warfare and cyber warfare know-how from publicly accessible U.S DoD and related agencies type of documents with the U.S continuing to lead the practice with one of the most sophisticated cyber warfare and information warfare doctrine in the World and within and U.S Intelligence Community.

Up to present day there’s no evidence of a sophisticated online propaganda campaign launched by a possible Russia active measures campaign besides seperate cases of bogus and rogue content farms which are capable of doing nothing more than hijack legitimate traffic and cannot really entice or provoke an action or entice users into falling victim into the campaign and propaganda message. The use of think-tanks producing and generating publicly accessible research on a persistent and systematic basis including the production of pro-Russia content sponsored by nation-state sponsored media outlets and news organizations should be really considered a threat to a specific set of audience that’s actually going through the news including the actual use of sophisticated media and sentiment including OSINT analysis services.

If we were to speculate on the true origin of these campaigns we could easily conclude that it’s sophisticated blackhat SEO campaigners or actual rogue and bogus content farm operators that are truly responsible for such type of content potentially raising the eyebrows of Intelligence Agencies internationally on their way to track down sometimes even using AI methodologies for the purpose of tracking down the individuals behind these campaigns. In a similar case we can also easily attribute the rise of some type of foreign influence operations type of content to the general rise and commercial availability of sophisticated and market relevant DIY (do-it-yourself) account registration tools that have a built-in CAPTCHA solving mechanism that’s usually outsourced to third-party CAPTCHA solving providers which often rely on humans in combination with technological innovation to solve them.

If a foreign power was to look for ways to disinform or launch offensive foreign influence operations they can easily outsource the entire campaign project to a third-party managed black hat SEO vendor and operator who can easily generate and begin distributing the specific content in question using basic and advanced blackhat SEO tactics and techniques including basic and advanced traffic acquisition and traffic hijacking tactics for the purpose of launching a disinformation or a foreign influence campaign.

At the end of the day it’s cybercrime and large scale and massive blackhat SEO campaigns as usual.

Stay tuned!


Author: admin

Dancho Danchev is the world's leading expert in the field of cybercrime fighting and threat intelligence gathering having actively pioneered his own methodlogy for processing threat intelligence leading to a successful set of hundreas of high-quality anaysis and research articles published at the industry's leading threat intelligence blog - ZDNet's Zero Day, Dancho Danchev's Mind Streams of Information Security Knowledge and Webroot's Threat Blog with his research featured in Techmeme, ZDNet, CNN, PCWorld, SCMagazine, TheRegister, NYTimes, CNET, ComputerWorld, H+Magazine currently producing threat intelligence at the industry's leading threat intelligence blog - Dancho Danchev's - Mind Streams of Information Security Knowledge. With his research featured at RSA Europe, CyberCamp, InfoSec, GCHQ and Interpol the researcher continues to actively produce threat intelligence at the industry's leading threat intelligence blog - Dancho Danchev's - Mind Streams of Information Security Knowledge publishing a diverse set of hundreds of high-quality research analysis detailing the malicious and fraudulent activities at nation-state and malicious actors across the globe.

Leave a Reply

Your email address will not be published. Required fields are marked *