In a flurry of activity on July 9, the Department of Justice announced the seizure of two domains and the search of 968 social media accounts which were “used by Russian actors to create an AI-enhanced social media bot farm that spread disinformation in the United States and abroad.” The DOJ statement noted that the FBI worked closely with the Cyber National Mission Force and the CCCS (Canadian Centre for Cyber Security), and from the Netherlands the General Intelligence and Security Service (AIVD) and the Netherlands Military and Intelligence Security Service (MIVD). The Cybersecurity Infrastructure Security Agency (CISA) issued a joint international statement detailing the technical aspects of the Russian efforts.

Russia’s disinformation manipulation within the social network X

The 968 accounts located on X were identified in the accompanying affidavit in support of the DOJ’s request to search the accounts, which U.S. Magistrate Judge Eileen S. Willett granted, to be executed on or before July 11. The 93-page affidavit, served upon X, show us that many of these accounts were created in mid-2022 through as recently as March 2023, which is collates to the Russian disinformation campaign targeting Ukraine and the West’s efforts to assist. The affidavit also identifies these accounts as being under the control of the Russian federal security service, the FSB. The two domain names which were identified as “MLRTR.COM” and “OTANMAIL.COM” both of which were used for the creation of the supporting email accounts associated with the 968 X accounts.

Deputy Assistant Attorney General Lisa Monaco commented, “Today’s action demonstrates that the Justice Department and our partners will not tolerate Russian government actors and their agents deploying AI to sow disinformation and fuel division among Americans. As malign actors accelerate their criminal misuse of AI, the Justice Department will respond and we will prioritize disruptive actions with our international partners and the private sector. We will not hesitate to shut down bot farms, seize illegally obtained internet domains, and take the fight to our adversaries.”

While FBI Director Christopher Wray noted, “Today’s actions represent a first in disrupting a Russian-sponsored Generative AI-enhanced social media bot farm. Russia intended to use this bot farm to disseminate AI-generated foreign disinformation, scaling their work with the assistance of AI to undermine our partners in Ukraine and influence geopolitical narratives favorable to the Russian government. The FBI is committed to working with our partners and deploying joint, sequenced operations to strategically disrupt our most dangerous adversaries and their use of cutting-edge technology for nefarious purposes.”

France’s VIGINUM issues disinformation report

Meanwhile in France, a fake warning ostensibly from the Central Intelligence Agency was posted via video purporting to warn Americans about travel to the Olympic Games in August and said “not to use the subway.” Inconsistencies to those familiar with U.S. travel warnings would immediately recognize this as a fake, given the CIA does not issue public travel advisories, that is the remit of the U.S. Department of State.  In a public rebuke of this effort, the French government agency created to fight the flood of dissinformation, VIGINUM issued a report, “Matryoshka“(16-pages English) in which the efforts of the pro-Russian campaign targeting media and fact checking community is dissected.

Within these report the method by which disinformation is seeded then distributed, somewhat akin to doubling at each successive level the distribution of the disinformation. The aforementioned fake metro piece was assessed as Russia’s efforts to sow doubt, fear and project to all that the games would be a failure “among both French and international audiences.” They noted a separate piece of false information urging Parisians not to use their air conditioners in August as the units “would emit waves that could interfere with drones securing 2024 games.” Both nonsensical, yet sufficiently plausible to sow doubt.

VIGINUM points out that the Russian efforts, running parallel with those efforts revealed by the DoJ and CISA used X to disseminate fake information in the “reply section of posts by the accounts of media outlets, public figures and fact-checking organizations in more than 60-countries.”

Related News

Christopher Burgess (@burgessct) is an author and speaker on the topic of security strategy. Christopher, served 30+ years within the Central Intelligence Agency. He lived and worked in South Asia, Southeast Asia, the Middle East, Central Europe, and Latin America. Upon his retirement, the CIA awarded him the Career Distinguished Intelligence Medal, the highest level of career recognition. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century” (Syngress, March 2008). He is the founder of securelytravel.com