We want to make sure you get the best viewing experience for the content you are viewing.  Our goal is to improve each visit with data that creates this experience for you and those you share it with. We appreciate your continued readership.     

In-Depth: Russian Active Measures, Information Warfare, and Big Data in the 2016 Presidential Election

Russian Information Warfare and Active Measures in the 2016 U.S. Presidential Election

“Part of the misinformation, disinformation campaign that was launched was launched in three key states, Wisconsin, Michigan, and Pennsylvania, and it was launched…not to reinforce Trump voters to go out but actually targeted at potential Clinton voters, with misinformation in the last week where they were…suddenly reading, if they got their news from Facebook and Twitter…stories about Clinton being sick and other things…the Russians, they’re very good at this technology piece, they might not have been so good at being able to target to a precinct level American political turnout. That would mean they might be actually receiving some…information or alliance from some American political expertise to be able to figure out where to focus these efforts.”

U.S. Senator Mark Warner

Social media and the access it provides to voter data give Russian active measures the ability to influence the outcome of an election.

As made clear by Senator Warner during a Senate Intelligence Committee hearing on Russia’s involvement in the 2016 U.S. Presidential Election, social media, the content published on it, and the access it provides to voters can have the power to influence the outcome of an election. In the case of the 2016 elections, both Russia and the Trump campaign relied heavily on social media.

It is necessary to consider Donald Trump’s role, complicit or otherwise, in propagating Russia’s ‘active measures’ on social media. It is also imperative to scrutinize the campaign’s use of the data analysis company, Cambridge Analytica, whose exploitation of social media enables “micro-targeted” political messaging to reach individual voters with unprecedented precision. It’s increasingly clear that both Russia and the Trump campaign harnessed social media to influence public opinion, suppress voter segments, and arguably steer the outcome of an election.

What is Information Warfare?

Russian Information Warfare (informatsionaya voyna) is rooted in Soviet thinking, dating back to the beginning of the Cold War in the form of spetspropaganda (special propaganda). Information warfare is a “holistic concept that includes computer network operations, electronic warfare, psychological operations, and information operations.”

The 2010 Military Doctrine of the Russian Federation says that these measures are implemented “to achieve political objectives without the utilization of military force.” In contrast to Soviet propaganda—which the regime went to great lengths to proclaim as the truth—modern Russian information warfare does not prioritize this; modern information warfare seeks to plant seeds of doubt and distrust; to confuse, distract, polarize and demoralize.

Accordingly, the creation and dissemination of misinformation, disinformation; what has commonly become known as ‘fake news,’ is a vital component of the Russian information warfare offensive strategy.

This approach is often referred to by the Soviet term, ‘active measures,’ which “refers to the manipulative use of slogans, arguments, disinformation, and carefully selected accurate information, which the Soviets used to try to influence the attitudes and actions of foreign publics and governments.”

The Cyber Component of Active Measures

There is much disagreement over the definition of ‘cyber.’ For this report, ‘cyber’ will be defined as “involving the ‘command and control of computers’… cyber attacks can be described as ‘all efforts to disrupt, deny, degrade, distort, the information that they [computers] rely upon, store, process, and generate.’”

A crucial distinction to grasp is that Russia views cyber operations differently than the West. Russia generally does not use the terms ‘cyber’ or ‘cyber warfare’ and instead incorporates cyber into their broader conceptualization of information warfare. In short, ‘cyber’ operations are a means to an end in a more significant campaign.

For Russia, the Cold War never really ended, and the distinction between war and peacetime is blurred; “Moscow perceives the struggle within the ‘information space’ to be more or less constant and unending.” This perception runs parallel with the Kremlin’s belief that while matching the conventional military power of the U.S. is out of the question; they can conduct efficient operations in the information domain. In doing so, they can achieve political and military objectives using far fewer resources: “As far as the Kremlin is concerned, geeks and hackers now rank alongside soldiers and spies as weapons of the state.”

In sum, Russia views cyber as an essential component of information warfare, which is a vital element of their overarching military strategy. Furthermore, as the Kremlin sees itself as being in an eternal struggle with the West, and desires to increase its sphere of influence, they have been pouring considerable resources into building up their information warfare capabilities.

The Security Gap

There is a vital discrepancy between the Russian definition of ‘Information War’ – “all-encompassing, and not limited to wartime – and the Western one – limited, tactical information operations carried out during hostilities.” The most critical elements of the Russian definition are: information warfare is ‘all-encompassing,’ and there is no distinction between war and peacetime, creating a security gap. While the West is on guard to combat information warfare during hostilities, Russia is perpetually mounting an information warfare offensive.

Furthermore, Russia views propaganda and disinformation as “at least as important as the traditional…notion of crippling cyber attacks on critical national infrastructure. By contrast, the Western approach to cyber threats has typically focused on technical responses to technical threats, mostly disregarding the interface with information warfare in the broad sense.”

This revelation ties into the 2016 US Presidential election: once the US was alerted to the threat of cyber intrusion from a foreign adversary, they focused their efforts on protecting the hardware: the voting machines, when in fact Russia was focusing its efforts on manipulating the voters (facilitated by social media). The outcome is the manifestation of the diverging understandings of information warfare between Russia and the West.


Facebook, Compromised: How Russia Manipulated U.S. Voters

Conceptually, Information warfare is by no means a new concept. However, the broad reach of social media has created an entirely new and highly effective avenue for Russian ‘active measures’ to penetrate into and influence the minds of the American public.  Active measures “employ a three-pronged approach that attempts to shape foreign policy…state-to-people, People-To-People, and state-to-state…The Russian government today uses the state-to-people and people-to-people approaches on social media and the internet.”

According to researchers who conducted a post-mortem of social media activity during the election using internet analytics tools, Russian Information Warfare content on social media attempts to subvert Western democracies in five ways: undermine public confidence in democratic government, exacerbate internal political divisions, erode trust in government, push the Russian agenda in foreign populations, and create confusion and distrust by blurring fact and fiction. Russian propaganda on social media can be divided into four themes: political messages intended to foster distrust in government (e.g., allegations of voter fraud, corruption), financial propaganda (i.e., create distrust in Western financial institutions), social issues (e.g., ethnic tensions, police brutality), and doomsday-style conspiracy theories.

Russian Information Warfare Operations & Active Measures

Information warfare content is generated and disseminated through channels that fall into three attribution categories: white (overt), grey (less-overt), and black (covert) channels. They propagate a blend of authentic, manipulated, and fake stories and they feed off of and reinforce each other.

White or overt channels include state-sponsored pro-Russian news outlets such as Sputnik and RT, the grey less-overt outlets include data dump sites, such as Wikileaks, and more sinister black channels involve covert operations such as hacking. The agents disseminating the information include bots (automated web robots), and real people, often presenting themselves as innocuous news aggregators. These agents form the critical engine for distributing misinformation and disinformation.

Black or covert measures—once highly risky and dangerous to carry out—are now quickly and efficiently carried out through social media. Russia is now able to remotely coordinate an army of hackers, honeypots (in this instance, social media profiles used to bait other users into giving compromising or embarrassing information), and hecklers or internet trolls (individuals who purposely create discord or provoke).

The Role of Non-State Cyber Hackers: Advanced Persistent Threat (APT) Groups

Cyber hacking groups—or advanced persistent threat (APT) groups—are a critical component of the Kremlin’s information operations. The fact that it is challenging to definitively prove ties to the Russian government is what endears them to the Kremlin. However, while there isn’t necessarily a ‘smoking gun,’ evidence gleaned from previous cyber attacks has allowed the top US intelligence agencies to reach conclusions, with a substantial degree of confidence, that the Kremlin was involved.

For example,  “the facts that the hackers’ work hours aligned with Moscow’s time zone, operations ceased on Russian holidays, their techniques carried signatures common to other Russian hacks, and their targets were of clear interest to Moscow.” In the social media realm, hackers provide the fodder for the narratives of disinformation/misinformation generated. “The most notorious Russian-linked hacker…Guccifer 2.0, targets current and former U.S. government officials, American security experts, and media personalities by seeking access to their private communications and records,” and whatever information may come to light then presents itself in the propaganda created and disseminated.

What are Honeypots?

Honeypots are fake social media profiles which are designed to lure in real people to engage with them online: “today’s honeypots may include a component of sexual appeal or attraction, but they just as often appear to be people who share a target’s political views, obscure personal hobbies, or issues related to family history.”

The objective of the honeypot accounts is to earn the trust of unsuspecting users in order to conduct a range of activities including disseminating content from white and gray propaganda channels, attempting to entrap users with compromising propositions such as offers of sexual exchanges, or trying to persuade targets to click on malicious links or deceive people into downloading malware (software intended to damage a computer).

If the target exposed to a malicious link or malware is a person of interest, such as a politician or public figure, this enables APT groups to access personal information and post it on grey channels such as data dump sites. The information revealed in turn helps construct the narrative of misinformation posted on white channels, such as RT or Sputnik, and eventually trickling down to conservative news sites such as Breitbart, before being picked up by the mainstream media.

Hecklers: Trolls & Troll Farms

Hecklers, or trolls, give life to Russia’s influence operations. There have been reports of “troll farms,” employing hundreds of people, formed to actively disseminate pro-Kremlin propaganda. It is important to note, “the information contained in the comments and posts by the trolls ranges from misleading to verifiably fraudulent.” The objective of trolls is not necessarily to defend or validate the pro-Russian propaganda posted, but rather to flood the social media space with such a high volume of misinformation, as to create a state of confusion and calamity.

Senator Mark Warner, the ranking Democrat on the Senate Intelligence Committee, has said that “there were upwards of a thousand paid internet trolls working out of a facility in Russia, in effect taking over a series of computers which are then called a botnet, that can then generate news down to specific areas.” The implication here: a sophisticated and coordinated social media disinformation campaign was able to micro-target vulnerable voter populations. The reason they were vulnerable is that they received their news from social media, which had been powerfully harnessed to manipulate voters in the critical weeks leading up to Election Day.

The Ramifications of a Compromised Social Media Space

Social media, a Western innovation, at a glance seems like an ideal manifestation of a free and open society. Social media platforms enable users to share information, freely express opinions, and connect with other individuals. However, these same platforms were harnessed to wage a full-scale coordinated Information warfare offensive. False articles—“fake news” content—that favored Trump were four times as likely to be shared on social media platforms when compared with false stories endorsing Secretary Clinton.

“Fabricated pro-Trump stories were shared four times as often as fabricated pro-Clinton stories…researchers also found that roughly half the readers of a fake news story believed it…automated Twitter accounts, known as “bots,” generated four tweets in favor of Trump for everyone in favor of Clinton…a substantial number of these bots were aligned with individuals and organizations supported, and sometimes funded, by the Kremlin.”

Russia utilized generations’ worth of acquired expertise in the art of Information warfare and adapted it to social media in a way that was agile, penetrating and efficient. There is evidence suggesting there were efforts to suppress voters in key precincts in Pennsylvania, Michigan, and Wisconsin.

These states, which were crucial in determining the winner of the Presidential election, were flooded with disinformation in the week leading up to the election. While it is difficult to conclusively demonstrate a causal relationship between the election results and Russian active measures targeted at these populations, it is highly likely, given that all three states voted Democrat in the past 5 Presidential elections.

Donald Trump, a fringe candidate with a radical platform, emerging victorious in these historically moderate voting districts, begs the question of what was the variable that impacted the election? The penetration of Russian Information warfare efforts, so effective due to the successful harnessing of social media, increasingly seems to be the culprit. However, the social media-facilitated assault on the democratic process had another devastating angle: the Trump campaign.


How the Trump Campaign Exploited Social Media

Through analyzing Donald Trump’s role in legitimizing Russia’s propaganda, and the separate—though arguably related—issue of the Trump campaign’s manipulation of voters via social media, it becomes apparent that, when all elements are considered together, there is a substantial argument to be made that social media was used to manipulate voters and swing an election. The precision with which voters were targeted was unprecedented.

The Trump campaign’s message was amplified by Twitter bots, trolls, and precision-targeted Facebook advertisements.

Presently, Trump’s controversial Twitter activity is under scrutiny as part of the ongoing Senate Intelligence Committee investigation and hearings.

“Today, ‘gray outlets,’ Soviet-pushing accounts, tweet at President Trump during high volumes, when they know he’s online, and they push conspiracy theories’…Watts flatly stated that the president himself has become a cog in such Russian measures… why, if Russians have long used these methods, they finally worked in this election cycle, Watts’ answer… ‘I think this answer is very simple and is one no one is really saying in this room…the commander in chief has used Russian active measures at times against his opponents.’”

Former FBI Special Agent Clint Watts

Regardless of whether or not the Trump campaign’s alleged coordination with Russian government-directed misinformation/disinformation campaigns was intentional, the result was nevertheless devastating. Donald Trump wields immense influence in the social media sphere: an article published in January 2017 reveals his combined following on popular social media platforms Twitter, Facebook, and Instagram allows him to reach an audience of over 46 Million people.

Exploiting the Platform of the Presidency

Furthermore, Trump’s elevated status as the Republican Presidential candidate, and subsequently as Commander-in-Chief, arguably provides him with the discursive power necessary to validate the authenticity of his claims in cyberspace (and the real world). The audience exposed to information shared by Trump is primed to believe in its authenticity. During his testimony, Watts substantiates the claim above with the following evidence:

Trump’s citation of an apparently false Sputnik story at an October 2016 campaign appearance; his ongoing denial before and after the campaign of U.S. intelligence of Russian interference in the election; his claims of voter fraud and election rigging, which Watts said was pushed by RT and Sputnik; and Trump’s questioning of the citizenship of former President Barack Obama and even his primary rival Ted Cruz.

Echoing the aforementioned themes of Russian propaganda, the examples Watts provides elucidate the relationship between the Russian Information warfare operation and the Trump campaign’s (intentional or otherwise) complicity in the spread of fake news. Trump and his associates’ repeated claims from fake news sites, implicitly sanctioning their authenticity, then feeding it back into the social media sphere, where it was then widely disseminated by real people and automated bots.

Watts explains that “the disinformation is kept alive and gradually becomes more real and plausible.” If this social media platform-mediated sabotage of the truth was not enough, the Trump campaign also employed other social media manipulation maneuvers, made possible with Big Data analytics.


Cambridge Analytica: The Darker Side Of Big Data

Before closer scrutiny of the implications of the Trump campaign’s use of Cambridge Analytica’s services, it is imperative to grasp the methodology behind Cambridge Analytica’s services fully. The two fundamental concepts underlying the ‘election management’ company is Big Data and psychometrics: “Big Data means, in essence, that everything we do, both on and offline, leave digital traces…every movement we make…every “like” is stored.” While psychometrics “focuses on measuring psychological traits, such as personality.”

The “election management” company uses big data and psychometric profiling in operations designed to suppress voter segments.

How these two concepts intertwine is crucial to an understanding of what Cambridge Analytica claims to do. Using the OCEAN model, an acronym for personality traits considered the “‘Big Five’…openness (how open you are to new experiences?), conscientiousness (how much of a perfectionist are you?), extroversion (how sociable are you?), agreeableness (how considerate and cooperative you are?) and neuroticism (are you easily upset?),” relatively accurate assessments can be made about a person. The Big Data facet came into play with the work of Cambridge Ph.D. student Michal Kosinski.

According to reports, Kosinski helped build an app called MyPersonality, which was designed to create “personality profiles” for users filling out psychometric questionnaires. Millions of people participated in the survey and had the option to share their Facebook profile data with the researchers.

Kosinski and his partner were reportedly in possession of “the largest dataset combining psychometric scores with Facebook profiles ever to be collected…Kosinski proved that by an average of 68 Facebook ‘likes’ by a user, it was possible to predict their skin color (with 95 percent accuracy), their sexual orientation (88 percent accuracy), and their affiliation with the Democratic or Republican party (85 percent).”

Not only does the data create a psychological profile, but the methodology can also be used as a ‘people search engine,’ or mechanism for microtargeting: narrowing down results based on desired personality characteristics.

Kosinski’s findings supposedly paved the way for the technology that is currently a significant selling point for Cambridge Analytica, and this was not a coincidence. Aleksandr Kogan, a lecturer at Cambridge University, approached Kosinski in early 2014. Kogan, who was contracted by Cambridge Analytica’s parent company SCL, took an interest in Kasinski’s work and as reported by The Guardian, introduced SCL to Kasinski’s methodology. While Kasinski refused to do business with SCL, it appears that Kogan mimicked his methods:

“Kogan had arranged for more than 100,000 people to complete the Facebook survey and download an app… obtained data from 185,000 survey participants as well as their Facebook friends… and that it yielded 30 million available profiles… No one in this larger group of 30 million knew that “likes” and demographic data from their Facebook profiles were being harvested by political operatives hired to influence American voters.”

SCL—and Cambridge Analytica, by extension—were given an immense amount of usable personal data, obtained without the knowledge or consent of the vast majority of harvested user profiles. According to political communications expert Emma Briant, this ethically dubious behavior exploits users’ dependence on social media and can be used to manipulate the public. Currently, Cambridge Analytica claims to have “a database of 230 million American adults, with up to 5,000 pieces of demographic, consumer and lifestyle information about each.” The company markets its services based on claims of being able to influence voter behavior with “microtargeting.”

The Trump campaign paid Cambridge Analytica millions of dollars during the election process, and interestingly, Stephen K. Bannon, Trump’s Chief Strategist and former head of Breitbart News (which was mentioned earlier as an active participant in spreading Russian-generated misinformation/disinformation), used to sit on Cambridge Analytica’s board.

The Implications of “Microtargeting”

According to a recent scientific analysis by Kosinski, individually tailored Facebook advertising based on personality targeting can attract up to 63 percent more clicks and up to 1,400 more conversions. These statistics reveal the implications of any campaigning politician possessing social media microtargeting capabilities. Social media enabled the delivery of strategic information, without knowledge or consent, to a company whose objective is to exploit users’ data to influence voter behavior.

Crucially as well, social media provided the access Cambridge Analytica needed for their microtargeting campaigns to reach the intended audience. In the words of Professor and data scientist Jonathan Albright, “This is a propaganda machine. It’s targeting people individually to recruit them to an idea. It’s a level of social engineering that I’ve never seen before. They’re capturing people and then keeping them on an emotional leash.”

The way in which Cambridge Analytica operates is insidious and often invisible, “leveraging automated emotional manipulation alongside swarms of bots, Facebook dark posts [a tool for tailoring sponsored Facebook posts to specific audiences], A/B testing, and fake news networks.”

Senator Mark Warner’s statement once again comes to mind: reports presented to the Senate Intelligence Committee alleged that voter suppression campaigns on social media were targeted with precision down to the precinct level in crucial battleground states. Aiding in voter suppression efforts is nothing new for SCL (Cambridge Analytica’s parent company), which reportedly provided its services to support a voter suppression campaign in Nigeria.

The ramifications of these revelations are highly significant. Social media and Big Data analytics are changing the way in which political candidates conduct their campaigns. The personal information and preferences shared on social media leave voters vulnerable to influence, and Big Data allows politicians to know exactly which buttons to push.

The West Has Critical Vulnerabilities to Information Warfare Operations

While it is beyond the scope of this work to definitively prove intentional collusion between the Russian government and the Trump campaign (although evidence continues to emerge at the time of publication), there is ample information to substantiate that there were unsavory influence campaigns conducted on both sides. To better understand the Russian angle, this analysis outlined the concept of Russian Information Warfare and elucidated the critical difference in its conceptualization between Russia and the West.

It emerges that this contrast has led to a security gap in Western cyber strategy: there has been too much of a focus on the technical aspects of cyber threats. While the US was trying to protect voting machines from getting hacked, the actual voters were the ones left most vulnerable. It becomes evident that social media not only made activities for generating disinformation/misinformation easier, but it facilitated its dissemination with penetrating precision and efficacy.

Based on the evidence put forth in this article, it can be assumed that the Trump campaign harnessed social media in two ways. Firstly, Trump exploited his status and power to legitimize Russian active measures; social media was vital in providing an avenue of communication with a direct audience of over 46 million.

Secondly, the Trump campaign used the big data ‘election management’ company Cambridge Analytica, which uses a database of stolen personal details to micro-target voters, and has a history of running voter suppression campaigns. If the insinuation in Senator Warner’s quote (from the beginning of this paper) is true, according to the panel of experts he asked at the hearing, it is possible that Russian-hacked voter database rolls could have been used in coordination with.

Social media personal data gives context to the voter registration database information, and microtargeting tools such as Facebook dark posts allow voter suppression campaigns to be executed with razor precision down to the voting precinct. Cambridge Analytica is only one of some similar companies that are emerging.

Social media and big data analytics are changing the way political campaigns are run, and the sinister side of it is: they know how to pull the right emotional strings to elicit the exact desired response. This is a perversion of the democratic process, especially if fake news, generated by a foreign adversary with the explicit purpose of subverting Western institutions, is used as a tool to influence public opinion.

It should be noted that these implications don’t apply to the US alone. Cambridge Analytica has provided its services to the Leave.eu (Brexit) campaign, two US Presidential election candidates, countries in Africa and the Caribbean, and their client list is only growing in light of their runaway success. In parallel to these revelations, Russia has also poured resources into Brexit, the US election, as well as French, Dutch, German, and Austrian far-right political parties.

Russia is aggressively pursuing a political agenda, and the Kremlin’s expertise in the cyber domain is just a facet of a sophisticated political and military strategy—a demonstrable threat to liberal democracy.

The West needs to adapt to the changing cyber landscape and begin to perceive threats differently. Cyber is much more than just the technical or the hardware. The exploitation of social media in the 2016 US Presidential election proved to be the perfect example of how information can be weaponized to swing an outcome and achieve a desired strategic objective.