s******r
发帖数: 5309 | 1 狗屁党中期惨败和这个有关系?
U.S. Cyber Command operation disrupted Internet access of Russian troll
factory on day of 2018 midterms
The building that housed the Internet Research Agency in St. Petersburg,
shown in 2018. (Dmitri Lovetsky/AP)
By Ellen Nakashima February 26 at 11:44 AM
The U.S. military blocked Internet access to an infamous Russian entity
seeking to sow discord among Americans during the 2018 midterms, several U.S
. officials said, a warning that the group’s operations against the United
States are not cost-free.
The strike on the Internet Research Agency in St. Petersburg, a company
underwritten by an oligarch close to President Vladi-mir Putin, was part of
the first offensive cyber campaign against Russia designed to thwart
attempts to interfere with a U.S. election, the officials said.
“They basically took the IRA offline,” according to one individual
familiar with the matter who, like others, spoke on the condition of
anonymity to discuss classified information. “They shut ‘em down.”
The operation marked the first muscle-flexing by U.S. Cyber Command, with
intelligence from the National Security Agency, under new authorities it was
granted by President Trump and Congress last year to bolster offensive
capabilities.
Whether the impact of the St. Petersburg action will be long-lasting remains
to be seen. Russia’s tactics are evolving, and some analysts were
skeptical of the deterrent value on either the Russian troll factory or on
Putin, who, according to U.S. intelligence officials, ordered an “influence
” campaign in 2016 to undermine faith in U.S. democracy. U.S. officials
have also assessed that the Internet Research Agency works on behalf of the
Kremlin.
“Such an operation would be more of a pinprick that is more annoying than
deterring in the long run,” said Thomas Rid, a strategic studies professor
at Johns Hopkins University, who was not briefed on the details.
Inside Obama’s secret struggle to punish Russia for Putin’s attack on
American democracy
But some U.S. officials argued that “grand strategic deterrence” is not
always the goal. “Part of our objective is to throw a little curve ball,
inject a little friction, sow confusion,” said one defense official. “
There’s value in that. We showed what’s in the realm of the possible. It’
s not the old way of doing business anymore.”
The action has been hailed as a success by Pentagon officials, and some U.S.
senators credited CyberCom with averting Russian interference in the
midterms.
“The fact that the 2018 election process moved forward without successful
Russian intervention was not a coincidence,” said Sen. Mike Rounds (R-S.D.)
, who did not discuss the specific details of the operation targeting the St
. Petersburg group. Without CyberCom’s efforts, there “would have been
some very serious cyber incursions.”
[US CyberCom credited with helping avert midterm election interference]
Cyber Command and the NSA declined to comment.
The disruption to the Internet Research Agency’s networks took place as
Americans went to the polls and a day or so afterward — as the votes were
tallied, to prevent the Russians from mounting a disinformation campaign
that casts doubt on the results, according to officials.
The blockage was so frustrating to the trolls that they complained to their
system administrators about the disruption, the officials said.
The Internet Research Agency as early as 2014 and continuing through the
2016 presidential election sought to undermine the U.S. political system,
according to the Justice Department. Posing as Americans and operating
social media pages and groups, Russian trolls sought to exacerbate tensions
over issues such as race, sexual identity and guns.
The agency, according to federal prosecutors, is financed by Yevgeniy
Prigozhin, a tycoon from St. Petersburg and an ally of Putin. Prigozhin, the
Internet Research Agency and a company Prigozhin runs called Concord
Management and Consulting, were among 16 Russian individuals and companies
that a grand jury indicted a year ago as part of special counsel Robert S.
Mueller III’s investigation into Russian interference in the 2016 election.
In a response to questions from The Washington Post, Prigozhin said in a
statement on the Russian version of Facebook, “I cannot comment on the work
of the Internet Research Agency in any way because I have no relation to it
.” Concord Management declined to comment, citing the ongoing litigation in
the United States.
Another element of the Cyber Command campaign, first reported by the New
York Times, involved “direct messaging” that targeted the trolls and as
well as hackers who work for the Russian military intelligence agency, the
GRU. Using emails, pop-ups, text or direct messages, U.S. operatives
beginning last October let the Russians know that their real names and
online handles were known and they should not interfere in other nations’
affairs, defense officials said.
Some Internet Research Agency officials were so perturbed by the messaging
that they launched an internal investigation to root out what they thought
were insiders leaking personnel information, according to two individuals.
The operation was part of a broader government effort to safeguard the 2018
elections, involving the departments of Homeland Security, State and Justice
, as well as the FBI. It was led by Gen. Paul Nakasone, who in July formed
the Russia Small Group, made up of 75 to 80 personnel from CyberCom and NSA,
which are part of the Defense Department.
When Nakasone took up the helm at the NSA and CyberCom in May, the White
House and Defense Secretary Jim Mattis told him his priority needed to be
the defense of the midterm elections, officials said. No one wanted a repeat
of the 2016 campaign, when the GRU hacked Democratic Party computers and
released troves of emails and the Internet Research Agency mounted its
social media campaign to exploit social divisions.
In August, Director of National Intelligence Daniel Coats said Russia was
continuing “a pervasive messaging campaign” to try to weaken and divide
the United States, though officials also concluded it was not as aggressive
as the 2016 operation by Russia.
Two new U.S. authorities facilitated the move against the Internet Research
Agency. A presidential order last August gave CyberCom greater latitude to
undertake offensive operations below the level of armed conflict — actions
that don’t result in death, significant damage or destruction. And a
provision in this year’s National Defense Authorization Act also cleared
the way for clandestine cyber operations that fall below that same threshold
, categorizing them as “traditional military activity.”
“The calculus for us here was that you’re just pushing back in the same
way that the adversary has for years,” a second defense official said. “It
’s not escalatory. In fact, we’re finally in the game.”
But other officials are more circumspect.
“Causing consternation or throwing sand in the gears may raise the cost of
engaging in nefarious activities, but it is not going to cause a nation
state to just drop their election interference or their malign influence in
general,” said a third official. “It’s not going to convince the decision
-maker at the top.”
The operation also was the first real test of CyberCom’s new strategy of “
persistent engagement” issued in April, which involved continually
confronting the adversary and information sharing with partners. CyberCom in
fall 2018 sent troops to Monte-negro, Macedonia and Ukraine to help shore
up their network defenses, and the Americans were able to obtain unfamiliar
malware samples that private security researchers traced to the GRU,
according to officials
The Cyber Command campaign also was part of what Nakasone has described in
an interview with Joint Force Quarterly as “acting outside our borders,
being outside our networks, to ensure that we understand what our
adversaries are doing.”
Joseph Marks contributed to this report. |
|
