Skip to content
Search

Latest Stories

Welcome! Log in to stay connected and make the most of your experience.

Input clean

Exposing Russian Interference - The Value of Real-Time Forensics

Russian President Vladimir Putin has sought to exploit open and free U.S. cyberspace, which serves as a force multiplier for commerce and freedom of expression, with hacking and discoverable influence operations. Conducting all-source forensics following these Russian attacks on our democratic process, U.S. social media networking sites are in the incident response phase — “to the right of boom.” Google, Facebook and Twitter were subjected to highly aggressive questioning during recent Senate hearings, which focused on the results of their forensics as well as technical countermeasures designed to deny Russia’s nefarious use of their sites.

The hearings were a positive step forward in warning fellow Americans about Russia’s efforts to degrade trust in the modern cyber infrastructure. We are, however, still building an effective strategy for countering Russia’s intrusions into our cyberspace, which so threaten the critical infrastructure of our democratic process.


We should not expect Twitter, Google and Facebook to solve this challenge independently, without outside assistance. Our cyberspace is under siege. Beyond Congress ringing alarm bells about Russian election meddling during open hearings, the U.S. government should join the private sector in assisting our social networking and media sites with improved warning, forensics and countermeasures.

First, social networking and media sites should rely on the intelligence community for indicators and warning of nefarious state and non-state actors’ intentions to target our cyberspace. While intelligence reporting on individual tactical incursions into our cyberspace is not a realistic expectation, the community could steal the secrets that would reveal an adversary’s strategic plans and share the threat intelligence, while protecting source identities along the same model we use for counterterrorism.

Second, we need incident response dashboards to track Russian-backed disinformation and propaganda on our social networking and media sites. Security teams for Google, Facebook and Twitter would benefit from private sector websites that produce accurate and close to real-time reporting on social networking posts, videos and tweets that are assessed to spread Russian propaganda from Russia Today, Sputnik and other users that promote the government of Russia.

Speed is critical.  Our social networking and media sites should assume they will continue to be exploited and hacked. In incident response, forensics should take seconds or minutes, not months. Countermeasures should begin immediately after the threat is detected.

While our social networking and media sites rightly focus on reducing their vulnerability with technical countermeasures, the most elegant response is to use the benefit of free speech to provide education and information — the best defense against false narratives in any case. This critical arrow in our quiver can counter Putin’s efforts to drive a wedge between the U.S. and its allies in the European Union and NATO as well as the Russian regime’s attempts to degrade the democratic process in the U.S. and the West.

Bringing transparency to Russia’s efforts to soil our democratic process would inoculate the American public against Russian influence not by censoring or blocking Kremlin-linked accounts, but rather by disseminating the truth. The Kremlin has been focused on not only sowing divisions within American society, but also acquiring followers on social media and networking sites and, by extension, gaining a position of influence to more effectively spread their views on geopolitical issues such as Ukraine and Syria.

Russia and other cyber-sovereignty advocates like China are seeking to limit the kind of free flow of ideas that sparked the end of totalitarian regimes in the past. We should be prepared for Russian and other hackers to target websites that do this important forensic work and disseminate evidence of Russia’s efforts to influence our society.

The U.S. and its allies seeking to apply the same freedom of speech their citizens enjoy domestically to global cyberspace would do well to consider the value of doubling down on supporting web sites that disseminate the truth about Russia’s nefarious activities. Such an approach could strengthen our social media and network sites in the process.

Related Articles

Arctic Worries: Melting Ice, and a Russia-China Partnership

Arctic Worries: Melting Ice, and a Russia-China Partnership

DEEP DIVE – As more Arctic ice melts and more avenues for navigation and commerce open up at the top of the world, there’s a geopolitical competition [...] More

Expert Q&A: The U.S. Takes On the Mexican Cartels

EXPERT INTERVIEW — The Trump administration is prioritizing going after Mexican drug cartels as a key national security objective. It has designated [...] More

The National Security Rationale for U.S.-Funded Academic Research 

OPINION — Since World War II, the federal government and American universities have developed a deep, symbiotic relationship. That relationship is [...] More

Can the CIA and U.S. military stop the Mexican cartels? 

Can the CIA and U.S. military stop the Mexican cartels? 

CIPHER BRIEF REPORTING — On January 20, the first day of his second term, President Donald Trump formally labeled Mexico’s crime cartels as [...] More

20 Years Later, Assessing the Value of the ODNI

20 Years Later, Assessing the Value of the ODNI

EXPERT INTERVIEWS — The Office of the Director of National Intelligence (ODNI) marks an anniversary today — 20 years since its creation as the top [...] More

Expert Q&A: Winning the Recruiting and Retention Battle in the U.S. Military

EXPERT Q&A — Discussions about the future of war and whether the U.S. is ready for the next conflict often center on the adoption of advanced [...] More