A federal grand jury has indicted 13 Russian nationals and three Russian entities for a massive operation intended to interfere with the 2016 US presidential election. US Special Counsel Robert Mueller has accused the defendants of posing as Americans to sway election results.
The Internet Research Agency, a Russian organization, and the 13 actors reportedly began targeting the United States back in 2014. Mueller's indictment claims they "had a strategic goal to sow discord in the U.S. political system, including the 2016 U.S. presidential election."
To do this, they launched an operation to support the Trump campaign and denigrate Hillary Clinton. In April 2014 the agency formed a department focused on the US population and operated on social platforms including Facebook, Instagram, Twitter, and YouTube. By 2014, its strategy included fomenting distrust in US presidential candidates and the US political system.
Activity included buying political advertisements on social media with the identities of US citizens and businesses. The defendants concealed their Russian identities and affiliation with the Internet Research Agency by using stolen data like Social Security numbers and birthdates of real American people. They also recruited Americans to aid efforts to spread promotional and derogatory information.
The actors posed as US citizens and groups to create and control social media accounts. An example is the Twitter account "Tennessee GOP" under the handle @TEN_GOP, which falsely claimed to be operated by a US political party and amassed more than 100,000 followers. On other sites, particularly Facebook and Instagram, they posted content about political issues.
Around June 2016, the defendants began posing as American citizens and communicating with Americans to gather intelligence and learn where they should focus their efforts. Some traveled to the US to collect info for their operations and stage political rallies.
To further conceal their identities, the defendants and their co-conspirators bought space on servers based in the US to set up VPNs. They used these VPNs to connect from Russia to the US and access online social media accounts, open new accounts, and talk with US citizens.
The first time the United States indicted nation-state threat actors was in 2014, when the DoJ indicted five members of the Chinese military for allegedly hacking major American manufacturing companies and stealing trade secrets. In 2016 it indicted seven Iranian hackers for distributed denial-of-service (DDoS) attacks against US financial companies.
It's worth noting these indictments are rare and don't usually end with an arrest. This week two Russian hackers were sent to US federal prison for payment card breaches at Heartland Payment Systems, NASDAQ, and other companies; however, these attackers were cybercriminals and not connected to a nation-state group.
- Cybercrime Gang Ramps up Ransomware Campaign
- 8 Nation-State Hacking Groups to Watch in 2018
- White House: Russian Military Behind NotPetya Attacks
- North Korea-Linked Cyberattacks Spread Out of Control: Report
- Cognitive Mindhacks: How Attackers Spread Disinformation Campaigns
Black Hat Asia returns to Singapore with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier solutions and service providers in the Business Hall. Click for information on the conference and to register.