Lots of foreign election influence news/drops this week. Here's one from @CISAgov, @FBI, & @ODNIgov highlighting a few tactics we're seeing from the "usual suspects" (Russia, China, Iran): narrative farming, AI generated images & Audio clips, hack & leaks, paying witting & unwitting cutouts (PR firms!) to spread messages, & flooding social media with content to create illusion of consensus.

So what do we do about this:
1) AI Companies need to monitor & disrupt abuse of platforms (in line w/ the Tech Accord to Combat Deceptive Use of AI)
2) Fed govt needs to ID & intervene in Foreign info ops
3) Election officials need to ramp up communications w/ voters on how elections work & where to get authentic info
4) We (the people) need to become harder targets, take a beat before getting riled up.

Remember, the majority of RU, CN, & IRN efforts target on existing divides, they're playing us against each other. If there's one thing most people hate is getting manipulated, and the Kremlin is trying its damnedest here...

cisa.gov/sites/default/…

Here's one from yesterday on a leaked Russian document detailing strategy & objectives:

- Undermine the west
- Cozy up with other Authoritarian regimes
- Flip the Rest of World against the West

We've seen plenty of this at @LabsSentinel in our analysis of DoppelGanger

washingtonpost.com/world/2024/04/…

Here's @LabsSentinel report on Doppelganger from earlier this year.

https://x.com/LabsSentinel/status/1760680005817041137

Timely piece here by @Lingling_Wei on internal clampdown by Chinese security services on foreign businesses and cascading effects on capital flows.

A few thoughts (w/ a h/t to @KrebsStamos China expert @DakotaInDC for shaping the 🧵).

https://twitter.com/lingling_wei/status/1659276981425303568

No question there’s an acceleration of hostile action against foreign companies. A combination of new laws/regs and actual enforcement (evidenced by Bain/Capvision/Mintz raids) laying the groundwork for more of the same. Question for companies building out in China: You ready?

Concentration of power in Xi allies, “securocrats,” shows a shift in priorities. Courting foreign investment and build out now subordinated to internal control and boosting national champions (even if they’re not ready for prime time).

There’s a subplot in today’s RU/US exchange. Any time you do a deal with the Russians you have to think beyond the headlines. Diplomacy is messy and a bunch of other factors get woven in for more strategic, yet unrelated objectives.

The Kremlin uses prisoner exchanges, among other things, for domestic & Intl narrative shaping & influence ops. Worth noting they’ve long stoked racial divisions here and cracked down on LGTBQ communities at home. Not really breaking news but yeah, BG was a pawn here.

While there’s legit conversation on whether this was a good deal. (IMO not great, but you bring Americans home where you can. Opinions vary on the cost and how Whelan fits). But recognize there’s a game being played by Putin, w/ actions & responses gamed out on both sides.

The Moore County, NC substation incident is just another in a string of attacks on the US grid. In the last 3 weeks, there've been 6 incidents at substations in the Pacific NW per industry experts. 2 involved gunfire (others vandalism & arson). But they had little impact.

We're still trying to figure out what happened in North Carolina (& out west). It could be local rubes taking potshots (happens all the time, actually). But the timing of attacks on 2 substations targeting the *right* equipment, suggests something more coordinated & concerning.

Concerning b/c domestic extremists are targeting the grid to cause chaos (or worse). In fact, in January DHS alerted industry partners to this threat per media reports. The alert indicated there'd likely only be limited damage, absent insider help or technical knowledge.

I'd like to highlight a couple notable election-related alerts from @CISAgov & @FBI this week, put in context some recent news, & frame my main areas of concern for threats to the 2022 election (NB: it's not just "Midterms", as there are statewide elections).

1st, this alert from Monday reinforces prior govt position no cyber activity has prevented voting, affected counting, affected integrity of voter info. It goes further, stating that it's *unlikely* cyber itself would disrupt/prevent an election. cisa.gov/sites/default/…

That's a stronger line than I've seen before, though I've long held this view. Mainly b/c the layered controls in place & the overall resilience of the voting process (hooray for paper!) to spot/stop/prevent. Moreover, affecting the vote at scale undetected is nearly impossible.

Really loving this alert from USG as it's a timely reminder China security services are still incredibly active against targets in their core areas of interest (intelligence, economic espionage, influence, & positioning for disruptive operations).

https://twitter.com/CISAJen/status/1578091226242650112

It's timely from where I sit because as @alexstamos & I have briefed a bunch of Boards & execs lately, (where most are interested in Russian threats), we're seeing an increasing interest at the Board/C-level in risks posed by China BECAUSE of Russia's invasion of Ukraine.

My line of late has been: "You know your product, your TAM, your competitors, but do you know how the rest of the world, including the Chinese security services, see you? How you might fit into their agenda or help advance their objectives." Sometimes their response is why us?