Share this page!

Оlga Belogolova Profile picture
Twitter logo
6 Dec 20, 11 tweets, 27 min read
In week 8 of “Lies & Disinformation” @Georgetown, we focused on how state-sponsored espionage operations, hacks and leaks can play a role in influence operations. How does the dissemination of leaked material and forgeries fit into the IO playbook?
@Georgetown To start, students read “Tainted Leaks: Disinformation and Phishing With a Russian Nexus” frm @citizenlab @jsrailton @CyberClues @cmatthewbrooks, Peter Tanchak, Ron Diebert citizenlab.ca/2017/05/tainte… for a case study into stolen and manipulated documents & how they can be used in IO
@Georgetown @citizenlab @jsrailton @CyberClues @cmatthewbrooks For a refresher on the 2016 Russian hack & leak operation, students read “The Perfect Weapon: How Russian Cyberpower Invaded the US” @SangerNYT @ScottShaneNYT @EricLiptonNYT nytimes.com/2016/12/13/us/…. Perhaps next semester, I’ll assign documentary now @HBO hbo.com/documentaries/…
@Georgetown @citizenlab @jsrailton @CyberClues @cmatthewbrooks @SangerNYT @ScottShaneNYT @EricLiptonNYT @HBO For a primary source document, students read the 2018 @TheJusticeDept indictment of 12 Russian nationals for "federal crimes that were intended to interfere with the 2016 U.S. presidential election.” You can’t complete a class on IO w/o reading this: justice.gov/file/1080281/d…
@Georgetown @citizenlab @jsrailton @CyberClues @cmatthewbrooks @SangerNYT @ScottShaneNYT @EricLiptonNYT @HBO @TheJusticeDept In class, we broke down hack-and-leak ops into a kill chain, from phishing and data collection, optional post-hoc fabrication, audience building, dissemination, and amplification. We also talked about whether indictments are an effective deterrent /punishment for a hack-and-leak
@Georgetown @citizenlab @jsrailton @CyberClues @cmatthewbrooks @SangerNYT @ScottShaneNYT @EricLiptonNYT @HBO @TheJusticeDept We also spent a bit of time in class and in our readings focused not only on US 2016, but also on the 2017 MacronLeaks campaign. For an overview of that, students read this great analysis of that operation from @jeangene_vilmer @AtlanticCouncil atlanticcouncil.org/in-depth-resea…
@Georgetown @citizenlab @jsrailton @CyberClues @cmatthewbrooks @SangerNYT @ScottShaneNYT @EricLiptonNYT @HBO @TheJusticeDept @jeangene_vilmer @AtlanticCouncil In class, we discussed how much the media blackout, official media advisories in France, the lessons learned from US 2016, and what Macron campaign “cyber geek” Mahjoubi called “cyber-blurring” played a role in slowing down/ muting the MacronLeaks hack-and-leak operation in 2017
@Georgetown @citizenlab @jsrailton @CyberClues @cmatthewbrooks @SangerNYT @ScottShaneNYT @EricLiptonNYT @HBO @TheJusticeDept @jeangene_vilmer @AtlanticCouncil Another interesting study on this subject students read was “Hacking the discourse: Leaked emails, transparency, and disinformation" @bsorensen96 @Stanford which delves into importance of the response of journalists, politicians, voters to leaked material pacscenter.stanford.edu/publication/ha…
@Georgetown @citizenlab @jsrailton @CyberClues @cmatthewbrooks @SangerNYT @ScottShaneNYT @EricLiptonNYT @HBO @TheJusticeDept @jeangene_vilmer @AtlanticCouncil @bsorensen96 @Stanford In that piece, @bsorensen96 wisely writes that “readers are not accustomed to scrutinizing the contents of a leak for themselves, and may instinctively assume due diligence on the part of whoever is presenting the information,” speaking to the importance of context creation
@Georgetown @citizenlab @jsrailton @CyberClues @cmatthewbrooks @SangerNYT @ScottShaneNYT @EricLiptonNYT @HBO @TheJusticeDept @jeangene_vilmer @AtlanticCouncil @bsorensen96 @Stanford In class we discussed some interesting questions like whether platforms should treat hack and leaks differently from whistleblower leaks and how that might work in practice. And what kind of role government should play in providing cybersecurity assistance to political campaigns
@Georgetown @citizenlab @jsrailton @CyberClues @cmatthewbrooks @SangerNYT @ScottShaneNYT @EricLiptonNYT @HBO @TheJusticeDept @jeangene_vilmer @AtlanticCouncil @bsorensen96 @Stanford Another fun thing that we did in class was an exercise led by one of the students @RiddellSam, now an IO Analyst @FireEye, looking at Op Secondary Infektion, trying to determine what made some of the forgeries and posts look suspicious & the techniques one might use to see that

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Оlga Belogolova

Оlga Belogolova Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @olgs7

Оlga Belogolova Profile picture
26 May 21
1/ Excited to share our 2017-2020 IO Threat Report! It looks back at the last 3+ years of our work at @Facebook to counter influence operations and analyzes the 150+ CIB takedowns we've done since 2017: about.fb.com/wp-content/upl…
2/ Back in 2017, we published our first IO white paper where we described how we conceived of this problem at the time:
about.fb.com/wp-content/upl…

I got to work with @jenrweedon @alexstamos @Will_Nuland on that paper and today feels like a million yrs later
3/ We've come a long way since 2017 - our investigations teams have grown, our knowledge of threat actors has expanded, and our understanding of the influence ops problem has evolved. Today's report is a chance to take a step back, reflect on what we've seen, and to look forward
Read 17 tweets
Оlga Belogolova Profile picture
24 May 21
1/ Every week, I have mentorship sessions w/ students/others interested in getting into the “field” of countering influence operations, disinformation, misinformation. Having all these conversations, I realize it might be helpful to share the advice and tips more broadly: a 🧵
2/ Normally, I break down the “field” into several different categories: investigations, policy development, advocacy, and resilience/literacy. For many of these categories, you can do this work in government, at tech companies, multilateral institutions, or in civil society.
3/ Within government, certain agencies are responsible for technical investigations, some responsible for deterrence and response, and others policy or regulation. Same often goes for tech companies. The question is what folks are most interested in spending their time doing
Read 10 tweets
Оlga Belogolova Profile picture
15 Apr 21
1/ Interesting to see @USTreasury explicitly spell out role of Russian Intel Services, front orgs, outlets in global influence operations. And for those of us tracking this space, it’s helpful to map these to CIB disruptions we’ve done over the yrs, a 🧵 home.treasury.gov/news/press-rel…
@USTreasury 2/ So let’s break this down. In this graphic, @USTreasury links RU intel services (FSB, GRU, SVR) to websites/outlets InfoRos, Newsfront/SouthFront, Strategic Culture Foundation. Respectively, our teams have disrupted networks linked to these in Aug '18, April ’20, Sept '20
@USTreasury 3/ In Aug 2018, our IO team took down a network attributed to "Russian military intelligence services" -- InfoRos was linked to that network about.fb.com/news/2018/08/m…

Based on what FB shared with SSCI, more by @noUpside @shelbygrossman @stanfordio: cyber.fsi.stanford.edu/io/publication…
Read 8 tweets
Оlga Belogolova Profile picture
28 Nov 20
In week 7 of “Lies & Disinformation” @Georgetown, we focused on role of media, state media/overt propaganda in the info ecosystem & toolbox of influence ops. What role can journalism play in inadvertently amplifying IO campaigns or conversely finding them?
@Georgetown One of my favorite pieces of all time on this subject is “Oxygen of Amplification" from @wphillips49 @datasociety which looks at how the coverage choices of editors and reporters play a role in the amount of oxygen supplied to falsehoods and manipulations datasociety.net/wp-content/upl…
@Georgetown @wphillips49 @datasociety A useful visual for our discussion in class was the “trumpet of amplification” from @cward1e @firstdraftnews which shows the journey of disinformation through the information ecosystem
Read 10 tweets
Оlga Belogolova Profile picture
27 Nov 20
After a few months of a hiatus, reviving this tweet thread to cover the remaining material from weeks 6-14. Thanks to everyone for your patience waiting while work and other priorities got in the way.
In week 6 of “Lies & Disinformation” @Georgetown, we focused on Myanmar and the Philippines as case studies into (a) domestically aimed influence operations; and (b) how digital harassment, the silencing of activist voices can play a role in influence activities.
@Georgetown The week’s readings included the fascinating “Architects of Networked Disinformation” from @jonathan_c_ong and Jason Vincent A. Cabañes: newtontechfordev.com/wp-content/upl… and “How Duterte Used Facebook To Fuel the Philippine Drug War” from @daveyalba @BuzzFeed buzzfeednews.com/article/daveya…
Read 12 tweets
Оlga Belogolova Profile picture
16 Aug 20
Thanks for your patience, class! Took a little hiatus for a month. But we're back! In week 5 of “Lies & Disinformation” @Georgetown, we pivoted from Russian influence activities to Chinese and Iranian IO state actors.
@Georgetown Our first reading was from @RANDCorporation's Timothy Heath @WarOnTheRocks on China's influence operations targeting the Chinese diaspora. The article does good job of highlighting distinctions between Russian and Chinese operations and their tactics warontherocks.com/2018/03/beijin…
@Georgetown @RANDCorporation @WarOnTheRocks Students then read this analysis from @RecordedFuture, which also makes distinctions btw Russian and Chinese tactics (disruptive & destabilizing vs. largely positive & coordinated), Chinese tactics targeted domestically vs. abroad go.recordedfuture.com/hubfs/reports/…
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @olgs7 has new unrolls!

Check out other threads from @olgs7!

Read all threads by @olgs7

:(