The ways in which foreign state actors use the internet to further their agenda are diverse and range in intent and methods from broad efforts to sow chaos, division, and disillusionment to very targeted attempts on individuals to compromise or covertly co-opt members of the government, academia, business or media as a means of influencing and accessing information.
Our current media and social landscape has been influenced in no small way by these foreign actors. Divisive, hateful and unproductive language has seeped into our political discourse at all levels, distracting from real solutions and bringing about an age of unparalleled social backlash.
It is important to be aware and to try to begin to distinguish between voices of good intent and those merely trying to injure our entire nation by pulling it apart.
Influence Versus Intelligence
Use of covert cyber can be placed into two broad categories: influence and intelligence. Influence campaigns are generalized as attempts to provoke or inspire Americans to act or think in a particular way. This may include convincing - or attempting to convince - Americans not to do or think something, or merely to question the veracity of a news story or the media at large.
Intelligence campaigns are merely intended to collect data. Target information may be related to military secrets, trade secrets and intellectual property, or it may concern other sensitive information such as that related to elections, political parties or activist groups. Pretty much any information capable of benefiting the foreign power or disadvantaging or injuring the host country or one of its allies.
Information gathering activities can be pivoted to influence campaigns, and often are. A great example would be the DNC emails hack in 2016. Russian state actors allegedly* hacked the DNC through a phishing scheme. That scheme was then pivoted into a catfishing and influencing scheme
Phishing And Catfishing
Phishing is a means of gaining covert access to a network or computer using email, social media, or phone calls engineered to compromise the target. Often many avenues or attempts are utilized and most will fail. The idea of phishing is similar to fishing - hackers will cast a net in many different ways, sometimes with emails containing embedded files, or sometimes through less technological means. Sometimes merely gaining the contact is the goal, in which case, phishing and/or catfishing using social media sites like LinkedIn can be an avenue. The FBI found out the hard way the seriousness of a catfish connecting with an individual with sensitive data, inspiring their production of The Nevernight Connection, a narrative film loosely based on the co-opting of Kevin Mallory. Mallory was convinced to compromise classified data related to work he had done with the Navy in years prior. He was working in academia in a related field when he was approached by a Chinese company interested in his academic work, the identities used were fake, as was the business - he was catfished. Before discovering the fraud, Mallory was ultimately convinced to reveal information a court of law deemed represented a crime.
This particular example exposes how catfishing and phishing work hand-in-hand; the Chinese actors had attempted a great number of contacts including Mallory, each using false credentials. Phishing is about playing the odds and casting a broad net, while catfishing is about building rapport built upon a false identity and persona.
Crime or not, phishing schemes are immensely common and they aren’t always seeking “high-value” targets. The Chinese especially have revealed themselves to be interested in information of virtually any type, whether it be intellectual property exclusively related to the consumer market or whether it have military significance, Chinese state actors are the most prolific in their use of catfishing and phishing.
Phishing and catfishing are used far beyond this capacity. We saw a large number of phish/catfish during the 2016 and even the 2020 election cycles most notably. During the election cycle, catfishing was used most famously by Russian state actors in an influence campaign determined to sow discord and division and to erode trust in media and government while also splintering the perception of reality into evermore echo chambers.
Ultimately, all catfishing schemes are a form of phishing - the idea is to create a new persona and to reach out until you get a bite, just like phishing and fishing. The distinction with phishing and catfishing is the relationship between the target and the hacker. The scheme is built around a single individual, with the identity of the hacker catered to maximize access and influence over the target.
The scheme is predicated on repeated interactions, each one resulting in further trust and therefore leverage. Catfishing is a longer-game. A phishing scheme desires as little interaction and memorability between hacker and target as possible. While a catfish will be someone you will want to know, a phish will be someone you will easily forget. Both are effective in different ways. A phishing scheme is an information acquisition scheme typically - usually seeking to gain password access, credit card numbers, or sensitive information in the case of state actors. Now, phishing may pivot into a catfishing campaign if the phishing scheme results in the opportunity to impersonate an individual capable of luring an individual identified in a phishing scheme. Catfishing is almost always about influence, though this approach is likely to net both information and influence.
The Russian state actors were able to prove that there is little needed in terms of backstory and history to convince people of authenticity in the case of the 2016 election. State actors have repeatedly attempted to manipulate the American people to further sow chaos, the best example occurring in Texas in 2017, when what were determined to be Russian-generated accounts created simultaneous pro and anti “Muslim-ban” demonstrations at the same location.
Trolls and Troll Farms
In the world of user-generated content and social media, the ubiquitous “trolls” have become more and more a part of the social consciousness and they have subsequently influenced our digital landscape accordingly.
Trolls are understood in context as being a user of social media, a message board, or a comments section with a stubborn and obnoxious contrarian opinion, open animosity, and the intent to belittle and enrage an individual or group. Trolls are unpleasant and are used by state actors to amplify and inflame social pressure points. Often, for state actors, this goal may be a moving target, dynamic, esoteric, and difficult to quantify directly. However, trolls also are capable of working toward very specific outcomes - encouraging someone to do X through intimidation, ridicule, persistence, bullying, coercion, etc.
Trolling is an influence technique distinct from phishing or catfishing in that no information is generally desired from the target, and there is rarely any effort to establish a believable false identity. Trolling is about offending people, enraging them, and generating further distrust of their peers.
Though distinct from catfishing, trolling often parallels the practice in that an end goal of trolling is for the target(s) to associate the offensive behavior with a certain group or identity which is almost always fabricated. Targets are chosen because they have revealed sensitivity and vulnerability to influence from this form of interaction. The state-sponsored trolls identify a flash point and try to provide the spark.
Trolls sow hatred, manifest stereotypes, create suspicion, and distract from everything else. Trolls incept their targets through obnoxious repetition, seeking out pressure points, exploiting sensitive issues in challis ways, making claims of fraud, “false-flag” operations, or merely spamming chats, message boards, comment sections, emails, whatever - with intrusive comments over and over.
Though authentic trolls do exist, state-sponsored trolls mimick the routine of an authentic troll with the same intent, albeit disingenuous. State-sponsored trolls will work together in “troll farms”, coordinating their efforts to exponentially increase their impact.
The impact of single-actor trolls is very limited. They may sow anger, but they will usually grow bored, or tired, or even come to the conclusion that their behavior is abhorrent, and even if they don’t, they will be quickly banned, ignored, muted, or blocked by their victims.
Troll farms, however, are coordinated across a great many individuals, making banning or blocking almost futile. Trolls acting individually are essentially hecklers tossing their rotten wares from the safety found behind a screen. Trolls in a troll farm will often be managing multiple individual accounts, perhaps even feigning a vicious argument between two trolls, whose dialogue is engineered to ultimately imprint a very specific conclusion upon the audience.
It may not be the same conclusion for each audience member either…
However, most of these troll farms will target a specific group, demographic, ideology, or even race or ethnic group, or lifestyle identity and enter into the dialogue endeavoring to manipulate the audience, to influence them in innumerable, often unpredictable ways. 2016 displayed especially destructive emotions rooted in these sources. They undermined faith in the media in a lasting way - dealing a blow to the most essential cog in the manufacture of consent.
A Nation Run By The Devil
With years of frequent engagement and observation of Russian state-funded media, I can tell you that they like to frame the U.S. as a nation with a rigged economic and political system. The Russians recognized a real sense of anger about rigged elections and primaries, intentionally inaccurate reporting seemingly designed to benefit the powerful, donor class, and repeated examples of our own government lying to the public.
Russian state-actors of all types certainly chose their targets and sought to convince, when possible, Americans to turn to ever more extremist, journalistically questionable news outlets. The sad fact is that we are vulnerable to these campaigns designed to undermine our faith in our democracy because there have been so many blatant domestic abuses of the very integrity of that democracy.
People will continue to be distorted by foreign influence if they continue to get a majority of their information from dubious sources - and there are many out there…
What is the goal?
There is a whole lot you can read about foreign state actors and the myriad of personas, causes, aesthetics - the Russian social media butlers whose job it was to write copy, articles, SEO, hashtags, source material, photographs, and if the accounts catch on, engaging directly through messages and through groups and events and memberships and so on. In the realm of mass disinformation, state actors will continually try to undermine the integrity of our institutions and to sow division between individuals as groups.
Simultaneously, mass-influence disinformation propagates in concert with more direct access to influencers, politicians, so-called “businessmen”. There are embarrassingly large numbers of references to American greed as a reliable and preferable mechanism for collaboration in leaked Chinese training media. The Foreign actor may be a plant - an angel investor, a chance meeting evolving into a romance - paid to cozy up to you and exploit you. To do this through the internet - to convince someone to embrace an internet connection - takes alluring motivation. In America, that motivation is almost always greed. Explaining proposals in terms of profits seals deals for Americans according to Chinese espionage wisdom.
There are so many angles and means of influencing both the public and the civil servants. These campaigns are going on right now. American’s ignorance must be replaced with an understanding of how these cyber campaigns work and how and why they may be targeted. Those with power, an audience, money, or access to valuable information are prone to even more exhaustive and complex tactics, yet still, there will be clues to the real intention of the individual or group one deals with.
We must educate ourselves and appropriately guard our nation, its secrets, and the trust we have in one another and our institutions.