While Russian influence operations have received enormous media coverage in the United States and Europe, American cybersecurity firm FireEye has now exposed a similar operation waged by Iran.
Like the Russian operations, the Iranian government is using fake websites and social media accounts to promote Iranian government interests and denigrate its perceived opponents. Because consumers of social media are more likely to retransmit information from sources they trust, modern information warfare techniques involve setting up websites, social media pages and accounts that appear to be from individuals who share the consumer’s values and priorities, when in fact they are actually the creations of a hostile foreign entity, such as an intelligence agency, a vendor, or an allied organization.
Fire Eye’s experts conducted excellent work in exposing Russian information operations both in terms of successful attempts to penetrate the computer networks of American individuals and political parties, as well as social media campaigns designed to amplify existing social tensions in the United States.
The Iranian operations focus on using fake news websites and social media accounts to promote narratives unfriendly to Saudi Arabia and Israel, while promoting the US-Iran nuclear deal. Read the report: Suspected Iranian Influence Operation.
A common tactic employed by the Russians and Iranians is to establish fake social media accounts which appear to have characteristics similar to members of their target audience. Many of the posts from these accounts do not concern political issues, but rather are designed to be interesting while seeming to share the ideological perspective of the target audience. In the Russian case, paid advertising was used to promote these fake accounts, including Twitter accounts and Facebook pages, to expand their following.
Over time, as these fake accounts gain the trust of their targets, posts are generated pushing a particular narrative, which in turn is rebroadcast, or shared, by those following the fake accounts.
Everyone online should take greater care in validating information they share on their own accounts, and be conscious of the fact that foreign powers hostile to the United States and our allies continue to experiment with new techniques to manipulate public opinion in democratic countries.
BERLIN -- German media is reporting the German government discovered in December that its Foreign and Defense ministries were penetrated by APT 28, the cyberespionage group attached to the Foreign Intelligence Agency of the Main Intelligence Directorate of the Russian Armed Forces, or GRU.
Details are expected to be forthcoming. Meanwhile, here is what we know about APT 28.
- APT 28, and its sister organization, APT 29 of the Russian FSB, were responsible for the hacking of the Democratic National Committee in 2015 and 2016. Information exfiltrated by these two groups were curated and then later leaked through Wikileaks and a site the Russians themselves created, DCLeaks[.]com.
- The group is believed to be the same one responsible for a sustained attack on the German Parliament in 2014.
- Previous attacks on foreign computer systems by APT 28 have been followed by leaks designed to damage the target in the media, including at the World Anti-Doping Agency, France's TV5 Monde, and the Ukranian Central Election Commission. Not all successful hacks by APT 28 are followed by such leaks.
- The German reporting indicates a malware exploit was involved. A common approach used by APT 28 is to send a spearphishing e-mail containing a malicious link or document exploit which in turn triggers a downloader which pulls down a second stage of malware which serves as a remote access tool, allowing the hackers to maintain their access to the compromised system.
Here are two slides documenting the APT 28 methodology and known APT 28 malware tools.
As a branch of Russia's military intelligence complex, APT 28 frequently targets NATO countries and their defense sectors. Here is a list of previously identified document attachments known to contain APT 28-generated malware.
The American cybersecurity firm FireEye developed two reports on APT 28. If you are interested in this topic I recommend reviewing them both. They can be accessed here.
One of the most important tools for conservatives working together to advance sound principles worldwide is the International Democrat Union, or IDU. Founded in 1983 by America's Ronald Reagan, Britain's Margaret Thatcher and Germany's Helmut Kohl, the IDU is a global alliance of center-right political parties sharing a common commitment to the principles spelled out in the group's founding document, the London Declaration.
While some may have felt the group's mission was accomplished with the West's victory in the Cold War and subsequent collapse of the Soviet Union, on closer examination it is clear that the need for conservatives to work together worldwide is as great as ever. While we have seen the spread of democracy in the 20th century, we have not automatically seen the uniform advancement of the center-right principles of free markets, individual liberty, and personal responsibility. Venezuela has worked to export "21st century socialism" throughout Latin America, for example, while Russia uses information warfare to cause problems within NATO nations, the EU, and the United States. Many more examples abound.
Last week at the IDU's Party Leaders Meeting in Spain, the IDU took another step forward toward fulfilling its post-Cold War potential with the election of former Canadian Primer Minister Stephen Harper as President. Harper, a skilled and principled leader who understands how political parties work, is the latest addition to the IDU's new leadership team. Christian Kattner, the skilled political operative from Bavaria's CSU party (the more conservative sister party to Angela Merkel's CDU), came on board as Secretary General in 2014, setting the stage for the group's future growth.
The IDU's greatest potential lies in serving as a dynamic forum for the exchange of ideas and best practices among center-right political parties, both in terms of policies as well as political campaign strategies and tactics. Last year at the IDU Campaign Managers Meeting in Berlin I was introduced to numerous campaign leaders from a variety of countries including the UK, Norway, New Zealand, and a host of others. Each presentation provided insight into techniques, messages and methods used by the campaign teams of each of these parties to advance. It is a critically important function.
With the continued strengthening of the IDU leadership team, I have great confidence we will see a further sharpening of the center-right parties that fully participate in this critically important organization.
President Trump's State of the Union address in February 2018 was strong. In 2017 his address was not technically a State of the Union, but nonetheless was also strong and Presidential. Here is what I said about the President's 2018 address:
Ron Nehring, the former chairman of the California Republican Party, said he thought the address was “a solid speech aimed at the issues on the minds of many Americans.” Trump also made inroads toward Democrats, Nehring argued, by previewing policies on areas such as infrastructure, “which people in both parties for years have cited as important” — and his arguments about MS-13, Nehring said, recognized “that immigrant communities are most directly threatened by criminal gangs and networks.”
Read the complete article, "President Hails 'New American Moment'"
Since becoming an opinion contributor over at The Hill, I get asked to submit articles on specific topics. For the one year mark since President Trump's inauguration, I put together this piece marking the major developments in 2017 and the impact on the 2018 campaign. Take a look.
The Hill: Trump boosted citizen involvement while solidifying political division.
As a conservative, I'm particularly concerned with protecting America's sovereignty. That's why it is vital that we fully understand the strategies and tactics the Russian government and its surrogates employed in 2016 and continue to use today to create problems in America and destabilize our democracy. I wrote about this in The Hill:
We need to know how far Russia's attack on our sovereignty really goes