Since the aftermath of the 2016 American presidential election, when substantial circumstantial evidence accumulated to show that there were definitive Russian attempts to ‘influence’ the outcome, the American government, media, and public have been obsessed with discovering not just how the efforts were made but whether or not they were likely to continue heading into the upcoming 2018 mid-term elections and what will be Trump’s campaign to be reelected in 2020.
The difficulty of this process overall is why the word ‘influence’ was put into quotation marks. While it is frustrating to intelligence analysts and academic experts alike, the reality is that it is nearly impossible to explicitly prove (in the legal sense) misdeeds that would render the 2016 election results invalid.
The shifting sands of how the Americans themselves have described the effort gives weight to the problem: what first started out as ‘direct election interference’ changed to ‘obvious voter manipulation’ which has now evolved to the ambiguous and amorphous ‘probable malign influence.’ The bigger and less emphasized issue, however, is how easily Russian active measures, as they are called in Moscow, could be countered with minimal invasive effort from the American government, rendering so much of this political garment-rending irrelevant.
It demands a more skeptical American public willing to investigate and source the information it reads online. Unfortunately, it seems the American experts have greater faith in governmental technological intrusion than in the intelligence of the American electorate. In the end, that might be the thing that truly leads to a Russian geopolitical cyber victory.
Russia decided very early on that it was in its best interests to utilize pronounced cyber capabilities in areas where it detected America might be particularly weak or vulnerable. While this is not written to justify such strategic thinking, it should be noted that Russia has for over two decades openly considered cyber capability as just another extension of global power influence, somewhat like the way Clausewitz said war was just politics by another means.
For that reason, the intense debates that take place in the West about whether the cyber realm should be considered a new war-fighting domain or if new international norms and rules should be created to govern state cyber behavior are utterly moot in Russia: cyber is simply a tool the state should utilize to gain advantage and protect its national interests. Rightly or wrongly, it clearly made a decision that using a comprehensive social media strategy within the United States was an indicative and normal element of that philosophy.
What were at first rather clumsy maneuvers before the 2016 election to hack Democratic National Committee email streams became much more pervasive and sophisticated incursions into facebook, twitter, Instagram, etc. VPNs were used to acquire real US IP addresses, operations would be engaged during the hours a true American user would likely use the internet, real human beings were employed to at least attempt to mimic the narratives, language style, and behavior of such people writing similar things in the United States, US bank accounts were used to purchase ad time on social media platforms and, last but not least, some actual identity theft occurred as a final layer of ‘authenticity.’
Thus, what were sometimes traceable sources initially became nearly impossible-to-trace operations that would send investigators down countless Alice in Wonderland rabbit holes. Interestingly, the email hacks were unsophisticated efforts that quite frankly stunk of old school Cold War spy tactics.
The problem, which Russia seemed to understand much more quickly than America, was that such brazen attempts at revealing ‘smoking gun’ evidence that would embarrass or damn a political candidate not only proved difficult to obtain but the public reaction understandably went more toward the knee-jerk patriotic nationalism one can expect when a foreign power is found to be purposely trying to tarnish a specific individual. So, learning its lesson faster than its so-called adversary, Russia shifted more toward a plan that has been described in America as the attempt to ‘undermine democracy and sow social discord.’
These efforts are almost too numerous and expansive to fully list here, but standards tended to favor the creation of extremist social media positions and platforms on both sides of the American political spectrum, left and right. Sowing this discord has been considered by Americans as particularly pernicious, devious, and ‘effective’, even though proving that effectiveness has been elusive.
Despite that fact, America has been taking the Russian cyber threat to democracy with extreme, if misguided, seriousness. No less an authority as James Stavridis, the former top military commander of NATO and presently Dean of the influential Fletcher School at Tufts University, has written about four specific ways to counter Russian social media ‘warfare:’
- Better public-private cooperation: social media companies like Facebook and Twitter should have national security liaisons from the NSA, CIA, or FBI assigned to them to help facilitate communication and coordinate counter-tactics when intrusions occur.
- Better technical defenses: America needs to develop superior detection tools to identify bots and other damaging cyber technologies in real time and evolve effective defense strategies to immediately stifle them.
- Better publicity: revealing the identity, nature, and extent of such cyberattacks can still be significantly improved. Doing so would subsequently improve how adept the US can be in minimizing the public impact of such operations.
- Standing up for ourselves: the US needs to be more aggressive and public in its responses when attacked. Part of this idea is the possibility of instilling better deterrence: if the other side has reason to fear the repercussions, then maybe the initial attacks won’t take place at all.
While there is absolutely nothing wrong with these wise cyber-deterrence investments for long-term strategy, it seems clear that old school police thinking is not doing the United States much good when it comes to stopping this threat. As a vivid example, when the Justice Department handed down 13 indictments against members of the Russian intelligence community for election interference last year, all 13 members were safely and happily living and working openly in the Russian Federation and the Kremlin said simply that no extradition would be granted even if the United States asked (the US did not).
Thus, it was largely a symbolic legal gesture meant to help the public feel the American government was getting a handle on the affair when in reality it was a great and mighty PR wind that signified nothing.
What most of the analyses trying to craft counter-strategies to Russian active measures online share in common is a complete and utter white-washing of public accountability and intellectual responsibility. One famous example of a supposed Russian active measure was the publication on Facebook of two diametrically opposed political groups (one vehemently anti-immigration and brazenly Islamophobic, the other pro-immigration and promoting ‘better understanding’ of Islam) intending to march for their respective causes in the same Texas town on the exact same day, time, and specific location.
This understandably erupted into a viciously viral fight amongst actual Facebook users in Texas, causing many to think civil mayhem was about to erupt. The only problem, of course, is that these two groups actually did not even exist and there were no such plans to march anywhere in Texas on that day. While there can be no doubt this constitutes irresponsible and potentially dangerous use of the internet for nefarious purposes, I am always stunned at how no one in America seems to focus on the one solution that could have ended the dilemma instantly: educate and inculcate the American public with a healthy skepticism that demands that you research your information across multiple sources instead of relying on a single solitary source.
This at one time was basic education when teaching junior high schoolers how to think analytically and how to ensure a strong evidence-based argument. Now, apparently, in the United States it is too much to ask of gainfully-employed adults in the real world who are meant to be fully-aware of not just their civil liberties but civic responsibilities. In the above example, a few extra clicks on a computer to type in a new Google search question, “Are there Islamic and anti-Islamic groups marching in Texas today?,” would have revealed the sham this particular active measure was, immediately ending the crisis and stopping dead in its tracks any concern for other nations attempting to sow social discord.
This same simple strategy would have also worked for the most infamous version of a Russian active measure in the build-up to the 2016 election, one that actually became viral and ultimately perpetuated by thousands of American Facebook users: the “Killary list.” These websites supposedly ‘proved’ that as many as four dozen people had suspiciously died or taken their own lives just as they were on the eve of testifying in Washington DC as to the corrupt and illegal practices of Presidential-candidate Hillary Clinton.
The only thing more inexplicably irrational than the initial creation of such a rumor was the incomprehensible manner in which so many supposedly well-meaning conservative Americans bought into it and spread it across their own social media pages. The simplicity involved to discover that Hillary Clinton was not actually under suspicion for being a political serial killer and that the United States government had not brazenly turned a blind eye to the leading Democratic candidate for President possibly being responsible for the deaths of nearly four dozen people literally involves a few simple finger movements over a keyboard.
And yet, to this day, the United States seems more motivated and focused on creating cyber deterrence measures that are likely to become outdated within six months of being launched and/or proposing an uncomfortable alliance between the public and private sector where intelligence professionals will be willingly granted access to once confidential corporate files and information.
The overwhelming concern today, given the current occupant of the White House and his possible dubious connections/dependence on Russian influence, is the debate about a dearth of leadership when it comes to protecting the American public.
While it is not appropriate nor moral for one country to strive to cause social unrest and disorder in another country, it is curious why in these debates on leadership we are not also asking about ‘self-leadership:’ what role do the American people themselves play in the protection of their own minds and belief systems? In the end, malign influence is something innately personal and thus, innately controllable by each individual. I do not wish to see American social media platforms overrun by Russian bots, or bots from any other nation for that matter, including America.
But the only real danger represented by Russian bots is if they are coming in contact with American ‘sheeple:’ human beings easily manipulated because they are not interested in analytical thinking, original research, or evidence-based commentary. If, in the end, the only thing politically-motivated Americans want to be exposed to are resources that affirm their own beliefs and confirm the heinousness of their opponents, then they shall always reap what they lazily sow. The enemy, in that case, will be what Americans see when they look in the mirror. It will not be the bots. It will be the sheeple.