Share this page!

David Agranovich Profile picture
Twitter logo
26 May, 16 tweets, 5 min read
1/ Today we shared our IO Threat Report, an analytical paper that dives into the 150+ CIB takedowns across 50+ countries that FB’s Threat Intel team discovered over the past 3 years. The report IDs adversary TTPs, trends, and provides recs for tackling IO: about.fb.com/wp-content/upl…
2/ We also released a summary dataset of all of our takedowns since 2017 alongside the report itself. Check that out here (at the end of the report) about.fb.com/wp-content/upl…
3/ We’ve reported on every CIB takedown since the advent of the CIB policy in 2017, but those reports tend to focus on the individual operations’ behavior and attribution. We felt it was important to also provide a strategic look at the ecosystem of IO uncovered between 2017-2020
4/ Some key statistics during that period:
- 150+ CIB takedowns from 2017-2020
- 50+ countries
- 30+ languages
- 45% domestic-targeted
- 38% foreign-targeted
- 17% mixed targeting
5/ Where did those operations come from?
Russia (27): mainly IRA/Prigozhin or Russian intel
Iran (23): gov-linked broadcasters and media
Myanmar (9): primarily linked to the Burmese military
USA (9): mix of fringe political groups and PR agencies
Ukraine (8): PR agencies and pols
6/ Key trends we observed over those 3 years:
1: Shift to IO actors targeting smaller communities
2: Blurring of authentic and inauthentic activity
3: Perception hacking
4: IO-for-hire
5: Increased operational security
6: Platform diversification
7/ So how did these trends play out in the 2020 US elections? We saw more than a dozen ops targeting public debate in the US around the election, including 5 ops from Russia, 5 from Iran, and 5 from the US. We didn’t see much CIB from China focused on the US ahead of the election
8/ Russia’s campaigns targeting the US in 2020 were largely ineffective. We saw ops from the GRU + IRA, which focused on the US and other countries. These ops often used unwitting authentic intermediaries, incl journos + activists, to write their content. theguardian.com/technology/202…
9/ Iran’s activity was more varied, employing tactics we’d previously seen from Iran in ops linked to the IRIB while also deploying “perception hacking” tactics off-social-media by posing as the Proud Boys to threaten voters in the US reuters.com/article/us-usa…
10/ Domestic operations targeting the US election were as common as those from Russia or Iran - an important data point in the seriousness of domestic IO. These networks were mainly run by conspiracy or fringe political groups, PR agencies/consulting firms, and media websites.
11/ So what’s next? We expect IO actors to move into grayer spaces, blending foreign and domestic and authentic and inauthentic voices. The growth of non-state actors in the IO arena further complicates this.
12/ Financially-motivated ops (IO-for-hire) will continue to adopt the TTPs of sophisticated IO. It's even important to avoid overstating the influence and impact of state actors because it plays directly into the hands of those seeking to erode trust in democratic institutions.
13/ And we’ll continue to see IO actors weaponize moments of uncertainty, like we saw with critical elections, and key civic moments. Countering those efforts will require collaboration btwn platforms, governments, industry, media, and civil society.
14/ In the past few years an incredible community grew to detect, disrupt, and deter these ops. Investigative journos, academics, gov analysts, and TI teams in industry fight tooth and nail to counter IO, We hope this report can help inform that community and inspire new research
15/ The fight is not over - but in these last few years the defenders have improved considerably and the playing field is turning. And for everyone out there researching, investigating, disrupting, and innovating - thank you for fighting to make the information ecosystem safer.
And from my colleague @benimmo -

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with David Agranovich

David Agranovich Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @DavidAgranovich

David Agranovich Profile picture
15 Mar
My favorite thing here by far is the spherical one. #thiscorgidoesnotexist
I stand corrected, the two that are 90% boopable snoots and the one extremely long boy are better:
#MondayMood Image
Read 4 tweets
David Agranovich Profile picture
26 Jan
These are some great suggestions for much-needed reform to the tech pipeline in government. I’d add just a few more from my 6 yrs in civil service -> reform the background check process, find ways to incentivize & compete for talent, abandon outdated performance models
We lose tons of candidates with vital tech and language proficiency in the multi-year wait for clearances. It suppresses diverse talent born overseas, people who have lived abroad, and weakens the federal talent pool. You won’t hire away from tech with 2yr waits for jobs
Gov is also unlikely to ever compete directly w/ private sctr on comp, but makes up for it with mission impact. That said: folks need to eat. Decouple tech from the GS scale or scale comp to enable new tech talent to pay rent, car payment, student loans, and save for retirement
Read 6 tweets
David Agranovich Profile picture
27 Jun 20
I asked @KembaWalden, who is an expert in election security legal issues, about some of the projects she's championing at @Microsoft - read on below #ShareTheMicInCyber #Election2020 👇
@KembaWalden created and lead The Law of Election Security, a roundtable of cyber and elections lawyers from the private sector, and state and federal governments to think creatively on how to improve laws around elections - most recently focused on legislating digital forgeries.
Right now, @KembaWalden is supporting Microsoft’s efforts in campaign security, election integrity, and disinformation defense. Recently, we expanded our offering for #AccountGuard. blogs.microsoft.com/on-the-issues/….
Read 6 tweets
David Agranovich Profile picture
18 Feb 20
I was an intelligence analyst before I left government. After the intelligence failures that led to Iraq, the IC restructured its analytic tradecraft to emphasize standard evidentiary requirements, confidence language, peer review and alternative analysis 1/
This was especially important because it let the community adapt into new areas of study - without a systemic way to identify bias and groupthink, any analytic community is bound to make bad conclusions when faced with new data 2/
As the disinfo research space grows, we need to think about ways to build industry-wide analytic standards before our Iraq War moment hits. 3/
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @DavidAgranovich has new unrolls!

Check out other threads from @DavidAgranovich!

Read all threads by @DavidAgranovich

:(