Digital Threat Digest - 15 September 2022
PGI’s Digital Investigations Team brings you the Digital Threat Digest, SOCMINT and OSINT insights into disinformation, influence operations, and online harms.
Russian Trolls, American Texts
Previously, when we thought about digital threats to democracy our minds instantly sparked toward Russian bot and troll activity. Or, perhaps, you'd think about the Cambridge Analytica data scandal. Another instant culprit may be alt-tech sites like Rumble, TRUTH, or Gab, or we could point fingers at group chat hosts like Telegram… However, this article by NBC News claims that threat actors seeded political disinformation more successfully, and at a larger scale, during the midterm primaries via text messages than on social media.
The article discusses how during the Kansas abortion rights referendum, a chain-mail text went viral (or whatever the text version of going viral would be) claiming that they needed to tick ‘yes’ on the ballot to protect abortion however the question was worded so as a ‘yes’ vote would have cut those protections. An employee of Twilio, a “programmable communication” company, was suspended after internal investigations. Weirdly enough, I recently had a conversation with a colleague about how they had been receiving political chainmail emails full of disinformation memes and edgy jokes.
It seems backwards, all things considered, to be discussing traditional chainmail as a tactic in 2022. However, it tracks how the digital environment has changed in the last two to five years. Back in 2016, 2018, and even 2020 the manipulation of social media to influence voting patterns was novel and the research around all of it was niche. However, in 2022, disinformation is a hot topic buzzword and every social media platform worth being on has a significant team of employees and contractors dedicated to identifying, tracking, and removing these kinds of narratives. The spaghetti just isn’t sticking to the social media wall quite as much anymore. So, how can threat actors continue to mainstream and spread these narratives in a way that looks authentic, doesn’t ring too many bells, and reaches as large an audience as they had on social media? Texts and emails.
So, does this mean social media is becoming obsolete in the spread of disinformation? Absolutely not. What I’m talking about here is the initial seed, those first few memes and lines of a narrative that then take off and expand into something viral and, usually, dangerous. A good IO, nowadays, only needs to send out a couple of hundred texts to the right people and then those people will take that to social media naturally, organically, in a way that is extremely difficult to track the origins of whatever narrative stuck. Then, those everyday people will take it to their friends in real life and on social media (double points) and so on until the narrative has spread just as far, if not further, than one seeded by troll accounts on Twitter. The only downside is the manual text approach probably has a longer seed time than the bots, but that’s a small price to pay for how hard these kinds of IOs are to attribute or shut down.
Time and time again, this newsletter asks its readers to be cautious of what they are sharing online, to fact-check everything, and check themselves when they find themselves believing something ‘unbelievable’. In today’s world, digital resiliency and information safety doesn't stop when you click ‘log out’. In fact, you may be at a far higher risk of disinformation when listening to your favourite radio station, overhearing a conversation in Starbucks, watching the TV, or checking your latest text message.
More about Protection Group International's Digital Investigations
PGI’s Social Media Intelligence Analysts combine modern exploitative technology with deep human analytical expertise that covers the social media platforms themselves and the behaviours and the intents of those who use them. Our experienced analyst team have a deep understanding of how various threat groups use social media and follow a three-pronged approach focused on content, behaviour and infrastructure to assess and substantiate threat landscapes.
Disclaimer: Protection Group International does not endorse any of the linked content.