#BHUSA: How Nation States Hack Public Opinion

Nation state threat actors, including Russia and China, are using multiple techniques to effectively ‘hack’ public opinion around the world, according to Renée DiResta. DiResta expressed her views in a keynote session at the Black Hat USA 2020 virtual conference.

DiResta works at the Stanford Internet Observatory and has been actively researching how different nation states have attempted to influence policies and individuals. She explained how, over the last decade, state actors have recognized that they can advance their geopolitical goals with different types of misinformation, propaganda and influence campaigns that make use of social media platforms.

“As we move from just the idea of influence to the idea of information operations specifically, what you start to see is it goes from shaping public opinion to what we’re going to call hacking public opinion – using manipulative, misleading tactics,” DiResta said.

Distract, Persuade, Entrench and Divide

There are four primary approaches that nation state threat actors typically take to hack public opinion efforts including distraction, persuasion, entrenchment and division.

DiResta said a common goal is to have a distraction campaign, which is trying to make a target audience pay attention to something else. Another model is a persuasion campaign, which is trying to convince people to believe a certain fact, or feel a certain way. Entrenchment is another approach, and it is where the attackers create groups dedicated to particular types of identities in an attempt to advance a given position. Nation states are also often trying to highlight divisions between different groups of people, amplifying existing social fissures.

The process by which nation states achieve their public opinion influencing goals is relatively well-understood. DiResta explained that the first step is often just the creation of personas; that is fake social media profiles for different types of individuals. Those fake personas then create content, designed to achieve a particular goal. The content is then posted to various social media platforms and promoted to a target audience, via different means. The most successful efforts end up being shared organically by real users that unknowingly share messages created by the fake personas.

China and COVID-19

DiResta specifically outlined how China has attempted to hack public opinion, on a number of issues, including the democracy protests in Hong Kong as well as the COVID-19 pandemic. In August 2019, Twitter and Facebook suspended nearly 1000 user accounts that were associated with nation state sponsored disinformation campaigns.

“The Hong Kong protests attracted worldwide attention, and what you began to see was as Western media and others began to talk about them, these Twitter accounts would kind of come out of the woodwork to respond to the journalists to tell them they had it wrong,” DiResta said.

She noted that the same type of activities have now been happening in 2020 with China attempting to influence global opinion on its role in the COVID-19 pandemic. DiResta said that it’s clear that China has a committed strategy to influencing opinion online and it will continue to evolve its tactics.

Russia and the Hack and Leak Model

Russia has also been particularly effective in its attempts to hack public opinion, according to DiResta. One of the approaches that has worked well for Russia is a hack and leak approach, that makes use of network intrusion techniques as well social media influencing tactics.

“The hack and leak operations provide extraordinary collateral for driving the influence operations,” DiResta said.

Agents working on behalf of the Russian government hack into a site with confidential information and then transmit the collateral to one of their fake personas. The fake persona in turn pitches the leak to journalists, who then are used to help spread the information. That’s what happened in the Guccifer case back in 2016 that was tied to emails connected to the Democratic and Republican political parties in the US.

DiResta suggested that there are a variety of actions that can be taken to help mitigate the risk of nation state public opinion hacking. For one, she said that security professionals should be proactively thinking about the social medial ecosystem to identify what types of manipulation is possible.

“We need to increase communication between infosec professionals and information operations researchers with the goal of developing better understanding of how social network manipulation intersects with network infiltration,” she concluded.

What’s Hot on Infosecurity Magazine?