Quick 🧵 to wrap up a crazy week in Info Ops land:

I’m confident both Russia, China, and Iran have long-standing, well-formed, multifaceted plans to undermine American democracy, which includes the 2024 election.

What we’re seeing with the alleged funding of Tenet Media and the sanctions against the Doppleganger Disinfo-as-Service groups are simply workstreams in a larger Statement of Work (to McKinsey-fy this).

That’s one reason, perhaps, why DOJ included the translated strategy docs (audience, themes, specific commentators) in their charging documents, to hint at a broader undertaking.

Lots of foreign election influence news/drops this week. Here's one from @CISAgov, @FBI, & @ODNIgov highlighting a few tactics we're seeing from the "usual suspects" (Russia, China, Iran): narrative farming, AI generated images & Audio clips, hack & leaks, paying witting & unwitting cutouts (PR firms!) to spread messages, & flooding social media with content to create illusion of consensus.

So what do we do about this:
1) AI Companies need to monitor & disrupt abuse of platforms (in line w/ the Tech Accord to Combat Deceptive Use of AI)
2) Fed govt needs to ID & intervene in Foreign info ops
3) Election officials need to ramp up communications w/ voters on how elections work & where to get authentic info
4) We (the people) need to become harder targets, take a beat before getting riled up.

Remember, the majority of RU, CN, & IRN efforts target on existing divides, they're playing us against each other. If there's one thing most people hate is getting manipulated, and the Kremlin is trying its damnedest here...

cisa.gov/sites/default/…

Here's one from yesterday on a leaked Russian document detailing strategy & objectives:

- Undermine the west
- Cozy up with other Authoritarian regimes
- Flip the Rest of World against the West

We've seen plenty of this at @LabsSentinel in our analysis of DoppelGanger

washingtonpost.com/world/2024/04/…

Here's @LabsSentinel report on Doppelganger from earlier this year.

https://x.com/LabsSentinel/status/1760680005817041137

Timely piece here by @Lingling_Wei on internal clampdown by Chinese security services on foreign businesses and cascading effects on capital flows.

A few thoughts (w/ a h/t to @KrebsStamos China expert @DakotaInDC for shaping the 🧵).

https://twitter.com/lingling_wei/status/1659276981425303568

No question there’s an acceleration of hostile action against foreign companies. A combination of new laws/regs and actual enforcement (evidenced by Bain/Capvision/Mintz raids) laying the groundwork for more of the same. Question for companies building out in China: You ready?

Concentration of power in Xi allies, “securocrats,” shows a shift in priorities. Courting foreign investment and build out now subordinated to internal control and boosting national champions (even if they’re not ready for prime time).

There’s a subplot in today’s RU/US exchange. Any time you do a deal with the Russians you have to think beyond the headlines. Diplomacy is messy and a bunch of other factors get woven in for more strategic, yet unrelated objectives.

The Kremlin uses prisoner exchanges, among other things, for domestic & Intl narrative shaping & influence ops. Worth noting they’ve long stoked racial divisions here and cracked down on LGTBQ communities at home. Not really breaking news but yeah, BG was a pawn here.

While there’s legit conversation on whether this was a good deal. (IMO not great, but you bring Americans home where you can. Opinions vary on the cost and how Whelan fits). But recognize there’s a game being played by Putin, w/ actions & responses gamed out on both sides.

The Moore County, NC substation incident is just another in a string of attacks on the US grid. In the last 3 weeks, there've been 6 incidents at substations in the Pacific NW per industry experts. 2 involved gunfire (others vandalism & arson). But they had little impact.

We're still trying to figure out what happened in North Carolina (& out west). It could be local rubes taking potshots (happens all the time, actually). But the timing of attacks on 2 substations targeting the *right* equipment, suggests something more coordinated & concerning.

Concerning b/c domestic extremists are targeting the grid to cause chaos (or worse). In fact, in January DHS alerted industry partners to this threat per media reports. The alert indicated there'd likely only be limited damage, absent insider help or technical knowledge.

I'd like to highlight a couple notable election-related alerts from @CISAgov & @FBI this week, put in context some recent news, & frame my main areas of concern for threats to the 2022 election (NB: it's not just "Midterms", as there are statewide elections).

1st, this alert from Monday reinforces prior govt position no cyber activity has prevented voting, affected counting, affected integrity of voter info. It goes further, stating that it's *unlikely* cyber itself would disrupt/prevent an election. cisa.gov/sites/default/…

That's a stronger line than I've seen before, though I've long held this view. Mainly b/c the layered controls in place & the overall resilience of the voting process (hooray for paper!) to spot/stop/prevent. Moreover, affecting the vote at scale undetected is nearly impossible.