Security

When it comes to hacking societies, Russia remains the master at sowing discord and disinformation online

China can't hold a candle to GRU's shenanigans, says expert


Black Hat While China is the bête noire du jour of the US government, Russia is the master of spreading disinformation, fostering conflict, and derailing discourse online, the Black Hat security conference was told today.

At her Thursday keynote, Stanford Internet Observatory's research manager Renee DiResta explained how Russian military intelligence – the GRU – and the private Internet Research Agency (IRA) were putting the likes of China to shame. Security companies and government agencies have good reason to move their focus from Beijing to Moscow, she warned.

The basic methods of hacking public opinion are fairly simple, DiResta explained. Fake accounts generate content and spam it out on social media to amplify the message. If enough real people pick up and the posts go viral the mainstream media kicks in and amplifies the desired message still further.

In Russia's case, it spreads divisive material, stolen information, and fake news in an attempt to turn Americans against each other, sour civil society, sow doubt, and create distractions, leaving people unsure of what's really going on. This worked. In China's case, it tried to make people like China. This didn't work.

Middle Kingdom middling

DiResta says that, despite having gobs of cash and manpower at their disposal, efforts by China to sway public opinion in its favor weren't very effective. She pointed to the Communist Party's failed effort earlier this year to play up Middle Kingdom's handling of the coronavirus outbreak, a campaign that barely made a blip on social media channels.

"They really didn't do a very good job at getting people to pick up their content and amplify it," DiResta explained. "These are barely agents of influence, this is shockingly poor."

China slams President Trump's TikTok banned-or-be-bought plan in the US

READ MORE

In terms of influence, DiResta likens Chinese Communist Party campaigns to those of Saudi Arabia in the wake of the Jamal Khashoggi killings; fairly basic, heavy-handed stuff that didn't do much to swing public opinion. The tightly controlled media in China simply does not have enough impact on people outside of the Great Firewall, she said.

By contrast, Russia's GRU and IRA are able to sway public opinion thanks to not only being better at spreading clickbait through its networks of sockpuppets, but also having a much simpler objective. While China was trying to polish up its national image on the world stage and push political points, Russia simply wants to divide people along existing social fissures, so they only have to reaffirm what their targets already believe.

"Russians are not trying to tell a story," explains DiResta, "They are simply dividing the population of the adversary."

In a way, this should come as no surprise: in the Soviet Union era, dezinformatsiya was a program implemented by Stalin in 1923 to confuse and befuddle his opponents.

Hacking support

Russian disinformation efforts are also aided by the Kremlin's hackers.

DiResta noted how everyone, from Russian "patriot" trolls to IRA operations and even state media, were fed information that Moscow's miscreants stole from governments and companies in other countries. The swiped info is a particularly effective bait for social media shares, news articles, and broadcast packages, allowing the Kremlin to shift conversations toward the topics it wants people talking about.

"If you can turn people into unwitting content amplifiers, or people who will go out in the streets, that is a very powerful tool," said DiResta. "That is the kind of thing that is happening behind the scenes."

For Americans, this means that we should be spending less time worrying about China's influence operations and more time thwarting Russian efforts to divide the US population and cause chaos, she explained. While Chinese intelligence operations are nothing to sniff at, we are probably doing more harm than good by devoting so much news coverage to Beijing's operations.

"China is a well-resourced state advisory, it has developed significant capabilities," said DiResta. "They are modernizing tactics they have used for decades, but we should not overstate the impact of the efforts. That kind of breathless pumping up in some ways helps the adversary."

Twitter is trying

DiResta had barely finished her keynote when Twitter announced it is identifying accounts of government officials and state-backed media on its platform in the name of transparency.

"Labels will only be applied to accounts from the countries represented in the five permanent members of the UN Security Council: China, France, Russian Federation, the United Kingdom, and the United States," Twitter said in a blog post.

"We believe this is an important step so that when people see an account discussing geopolitical issues from another country, they have context on its national affiliation and are better informed about who they represent."

Interestingly, Twitter said the application of a "state-affiliated media" badge comes whenever "outlets where the state exercises control over editorial content through financial resources, direct or indirect political pressures, and/or control over production and distribution." That means RT gets the label while Blighty's BBC, Canada's CBC, and – strangely enough – the US government's Voice of America doesn't. ®

Send us news
53 Comments

Cisco tells UCS owners they may have a screw loose – in the server chassis

Power supplies are screwed up because they're not all screwed in

Cisco has warned owners of its UCS servers that they may have a screw loose. In the UCS X9508 chassis that houses their servers, that is.

A field notice issued by the company advises: "The Power Entry Module (PEM) for a small number of UCS 9508 units might not be secured in the chassis and could be pulled out when power cord is unplugged from the chassis.

"The captive screws designed to secure the PEM were not correctly tightened and some chassis were shipped with the module improperly secured."

Continue reading

AWS unveils Graviton3 Arm chips and more. But the real story is the slide from IaaS to packaged solutions

CEO Adam Selipsky takes the stage in Vegas – and may be on a collision course with customers

Re:Invent Adam Selipsky gave his first Re:Invent keynote as AWS CEO on Tuesday, introducing a range of services, and hinting that the cloud giant may move toward more packaged solutions rather than primarily offering infrastructure-as-a-service.

Selipsky was named as CEO in March and returned to AWS from Tableau, where he had been chief exec for five years. Prior to his stint at Tableau, he was at AWS for 11 years, from its beginning, becoming VP of marketing, sales and support.

Re:Invent this year is a fraction of the size it is was two years ago, when more than 70,000 attended. This year just over 20,000 have turned up in Las Vegas for Amazon's event, we were told, with many staying away because of pandemic concerns or travel disruption. The reduced crowding is a relief for those who made it, though the face masks and other precautions are a constant reminder that these are not normal times.

Continue reading

Qualcomm crams more smarts into flagship mobile chip: It's the Snapdragon 8 Gen 1

Do you want a smartphone to know you that well?

Qualcomm today will unveil its latest flagship chip, the Snapdragon 8 Gen 1, a greatest-hits compilation of the US giant's fastest CPU, GPU, camera, and modem technology.

The company is claiming a 20 per cent performance improvement and 30 per cent power savings from its predecessor, the Snapdragon 888, which was announced last year.

Smartphones with the Snapdragon chip – which is now a standalone brand – will be announced by the end of the year, said Ziad Asghar, vice president of product management at Qualcomm.

Continue reading

If at first Amazon doesn't let you succeed, try, try again: Warehouse workers given second chance at union vote

US watchdog tosses previous result in the trash after election fairness slammed

America's labor watchdog has given workers at Amazon’s warehouse in Bessemer, Alabama, another crack at voting for unionization after their first attempt failed earlier this year.

“It is ordered that the election that commenced on February 8 is set aside, and a new election shall be conducted,” Lisa Henderson, regional director at the National Labor Relations Board, ruled [PDF] on Tuesday.

“The National Labor Relations Board will conduct a second secret ballot election among the unit employees. Employees will vote whether they wish to be represented for purposes of collective bargaining by the Retail, Wholesale and Department Store Union.”

Continue reading

It's the flu season – FluBot, that is: Surge of info-stealing Android malware detected

And a bunch of bank-account-raiding trojans also identified

FluBot, a family of Android malware, is circulating again via SMS messaging, according to authorities in Finland.

The Nordic country's National Cyber Security Center (NCSC-FI) lately warned that scam messages written in Finnish are being sent in the hope that recipients will click the included link to a website that requests permission to install an application that's malicious.

"The messages are written in Finnish," the NCSC-FI explained. "They are written without Scandinavian letters (å, ä and ö) and include, for example, the characters +, /, &, % and @ in illogical places in the text to make it more difficult for telecommunications operators to filter the messages. The theme of the text may be that the recipient has received a voicemail message or a message from their mobile operator."

Continue reading

AsmREPL: Wing your way through x86-64 assembly language

Assemblers unite

Ruby developer and internet japester Aaron Patterson has published a REPL for 64-bit x86 assembly language, enabling interactive coding in the lowest-level language of all.

REPL stands for "read-evaluate-print loop", and REPLs were first seen in Lisp development environments such as Lisp Machines. They allow incremental development: programmers can write code on the fly, entering expressions or blocks of code, having them evaluated – executed – immediately, and the results printed out. This was viable because of the way Lisp blurred the lines between interpreted and compiled languages; these days, they're a standard feature of most scripting languages.

Patterson has previously offered ground-breaking developer productivity enhancements such as an analogue terminal bell and performance-enhancing firmware for the Stack Overflow keyboard. This only has Ctrl, C, and V keys for extra-easy copy-pasting, but Patterson's firmware removes the tedious need to hold control.

Continue reading

Microsoft adds Buy Now, Pay Later financing option to Edge – and everyone hates it

There's always Use Another Browser

As the festive season approaches, Microsoft has decided to add "Buy Now, Pay Later" financing options to its Edge browser in the US.

The feature turned up in recent weeks, first in beta and canary before it was made available "by default" to all users of Microsoft Edge version 96.

The Buy Now Pay Later (BNPL) option pops up at the browser level (rather than on checkout at an ecommerce site) and permits users to split any purchase between $35 and $1,000 made via Edge into four instalments spread over six weeks.

Continue reading

Visiting a booby-trapped webpage could give attackers code execution privileges on HP network printers

Patches available for 150 affected products

Tricking users into visiting a malicious webpage could allow malicious people to compromise 150 models of HP multi-function printers, according to F-Secure researchers.

The Finland-headquartered infosec firm said it had found "exploitable" flaws in the HP printers that allowed attackers to "seize control of vulnerable devices, steal information, and further infiltrate networks in pursuit of other objectives such as stealing or changing other data" – and, inevitably, "spreading ransomware."

"In all likelihood, a lot of companies are using these vulnerable devices," said F-Secure researchers Alexander Bolshev and Timo Hirvonen.

Continue reading

Leaked footage shows British F-35B falling off HMS Queen Elizabeth and pilot's death-defying ejection

Parachute snagged on ship's bows

Video Video footage has emerged of a British F-35B fighter jet falling off the front of aircraft carrier HMS Queen Elizabeth after a botched takeoff.

The leaked clip, seemingly from a CCTV camera on the carrier's bridge, shows the Lockheed Martin-made stealth aircraft slowly trundling down the deck before tipping over the ski-jump ramp on her bows.

As the £100m RAF jet nosed over, the pilot ejected – only for his parachute to snag on the carrier's bows as he descended back towards the ship.

Continue reading

Lloyd's of London suggests insurers should not cover 'retaliatory cyber operations' between nation states

And they might attribute cyber attacks if governments won't

Lloyd’s of London may no longer extend insurance cover to companies affected by acts of war, and new clauses drafted for providers of so-called "cyber" insurance are raising the spectre of organisations caught in tit-for-tat nation state-backed attacks being left high and dry.

The insurer's "Cyber War and Cyber Operation Exclusion Clauses", published late last week, include an alarming line suggesting policies should not cover "retaliatory cyber operations between any specified states" or cyber attacks that have "a major detrimental impact on… the functioning of a state."

"The insurer shall have the burden of proving that this exclusion applies," warn the exclusion policies published by the Lloyd's Market Association.

Continue reading

UK competition regulator to Meta's Facebook: Sell Giphy, we will not approve the purchase

CMA finds that deal would be bad for consumers and tighten Zuck's grip on almost half of £7bn digital ad spend

The UK competition watchdog has ordered Meta, the owner of Facebook, to sell Giphy after deciding purchase of the animated GIF creator platform will damage rivals, consumers and advertisers.

Today's directive is effectively the same as that handed down in August, when the Competition Markets Authority voiced concerns that could only be resolved if Facebook was to offload the $400m acquisition it made in May 2020.

The panel that ran their finger over the merger concluded the buy would only tighten Facebook's already vice-like grip on the social media landscape by:

Continue reading