How the internet blew up information warfare
(This is the outline for a talk I gave at SAS19 in Singapore. It isn’t an essay, and is pretty disjointed. I’ll include a link to the video when it is released.)
attacking information processing systems
Information warfare is about attacking information processing systems, for example: nations, organisations, groups, and people. Any of these elements can be the target depending on the campaign objectives. The target is humans, individually, in groups, with formal or informal decision making structures and processes.
Computers are also information processing systems, and I include them, but they are also channels. People trust their computers
- deception → control the target’s actions by shaping their perception of reality
The power of information warfare is that it corrupts the way that the information processing system operates, so that the attacker gets to control how or which states the system transitions to. This is extremely powerful if done right, because obviously if you can control your target’s end state after ingesting information, then you can control what they do. This is deception — using information to cause the target to do something, even if that something is doing nothing. There is a Russian framework for this called Reflexive Control. Don’t let the scary Russian factor get in the way, it is still just deception. Data goes in, and the system does what the attacker wants.
That’s the theory, but in practice…
In theory there is no difference between theory and practice, but in practice there is
Real world, long duration with unclear results, science about humans, documentation, art form
In the real world it is very seldom that simple or concrete. Information operations are usually long duration and of uncertain result. Although there is science (psychology mostly) and extensive material documentation and experience (marketing) covering this domain, it has always been mostly an art form.
The Secret Russian Influence Operation Tradecraft Manual!
> Propaganda by level of attribution: white is powerful because credible, grey because plausible+easier+more resilient, black because most credible (also creative)
The title for this talk, Opaque at Both Ends, captures why there is this art aspect to good info ops. Historically, propaganda was divided into three categories: white propaganda (such as campaign ads, the BBC, or RussiaToday), Grey Propaganda (which has no signature but could be from either side), and the most exciting one — black propaganda: where the information is presented as coming from a source that impersonates the target, that is, a radio station pretending to be a German patriot station run by the British during WWII.
Black propaganda was called “opaque at both ends” because were in the dark about the campaign. The target didn’t know the source, and crucially, the propagandist didn’t know the effect of their campaign. Feedback, called come-backs, was incredibly delayed if they happened at all. A good time was 1–2 months, but more typically it would be 6 or 8 or never. The attacker had no idea if it was working, it was opaque. Good black propaganda took genius.
Information operations, warfare, propaganda, whatever are not about lying. “Never lie by accident.” Goebbels avoided lies as well. An example of propaganda by distorting the truth: “How did the Russian hackers get Podesta’s password? He gave it to them. They asked for it and he just gave it to them!”
Cyber Psycho Social Environment
The Russian term that never quite caught on.
The difference the Internet presents versus all the other channels above, it is the only one that allows the sender to precisely monitor the reception by the target audience. It is the only channel where the feedback is immediate and accurate.
Best attack (e.g. watch ad)
Here is the secret to a good information warfare attack: you take your best message and you put it out over your best channel, and you hope for the best. This has been the formula forever.
humans haven’t changed
Humans haven’t changed since the Greeks left propaganda messages on rocks by freshwater streams for the enemy navy to read. The technology of information has changed, but writing, images, video, these are all old technology. And yet it feels that the Internet has changed something, somehow made information warfare more potent.
info war supercharged
Let’s talk about why the internet has made information warfare operationally more efficient, more accurate, with higher velocity, and better OPTEMPO. A lot of people have commented on this, sometimes quite hyperbolically “threat to liberal democracy”, but no one seems to have said what exactly it is about the Internet that makes it different from say, TV, radio, movies, books, newspapers, or any other information technology medium. Let’s change that now.
Let’s Get Savage
harder better cheaper faster
Here is what makes information operations over the internet significantly better, qualitatively, than previous eras of information warfare, in order of importance:
- Feedback loops — 75% — > removes opacity, provides transparency, improves operational control
- Data Science — 10% —> model targets, tailor msgs by most significant anchors (resonate best), metrics
- Targeted Delivery — 10% — > deliver tailored msg to specific audience, influence each target individually
- Free/Fast/Flexible — 5% — > it is fast and cheap to do, and can be adjusted on the fly; computers, and best for small actors, allows anyone to run a campaign (feedback, data, delivery allows anyone to run a good campaign)
Internet technologies have changed information operation capabilities in crucial ways, but the most important is that they have made one side of black propaganda transparent — now the attacker can tell, in real time, how effective their messaging is; they can even A/B test it, and then send it to similarly vulnerable audiences via Lookalike targeting. This is the real game changer. If you want to improve anything at all, “tighten your feedback loops”
not other factors people have proposed
Anonymity is not new to the internet (pirate radio as one example), impersonation and forgery… that is bread and butter black propaganda (Japanese postcards written in pencil, lines erased and depressing messages added. Particularly cruel because this was from an army group that was wiped out, the last message these families got from their loved ones was black propaganda).
Targeting is important, but unless you have a good message it doesn’t really matter. Feedback ensures that you can measure the effectiveness of your message and correct.
Engagement metrics are critical to how the sender evaluates the efficacy of their messaging with the target audience. The historical problem was that it took too long to measure impact, or proxies had to be used to gather metrics. For example, it is standard practice to trial a PSYOPS campaign’s material with captured members of the opposition (or at least with local allies) to gather feedback and determine which messages will work best. During ww2 one way to measure impact was by monitoring what the POWs said in the camps. This data was called “comebacks” and it could take months to show up, if it did at all.
The Internet has changed the calculus of propaganda, it is no longer necessary to ensure that the message is exactly right before delivering it. It is possible to get the message mostly right and then adjust as the engagement metrics inform the propagandist how to alter the messaging for maximum resonance.
- ULTRA allowed fast feedback, for example proof that the deceptions for D-Day were effective
- Vietnam bad psyops leaflets that had opposite impact
This leaflet angered Vietnamese and rather than make them long for home, it reminded them why they had to expel the corrupting Western imperialists.
This covers a lot, and I really include all of it, from analysis of engagement metrics, to measuring the appeal of an existing narrative in a target audience, to mining personality data to build models of the target audience. Anything that can be done with big data is included here, and it is very important to crafting good messages.
- Variety — lots of different types of data and information
- Velocity — can be analyzed very fast
- Volume — in huge amounts
This allows message creation, crafting, and informs what issues to target and who to target. Absolutely important, but also possible before the Internet… you just needed a genius.
China has a lot of data. The years of hacking hotels, airlines, insurance companies, hotels, not to mention OPM, and on and on. They have Facebook level data on people, particularly the people that interest them, such as people with security clearances.
Precise delivery of tailored messages to the target audience. This is a huge improvement over the more coarse targeting available via, say, dropping leaflets or taking out ads on TV channels. Fine grained targeting with tailored messages informed by data science and measured with real time feedback. This is the ultimate level of information operation currently possible with the Internet (and social media).
Computers: fast, free, flexible
yesterday’s future, which is…today
The flexibility of using computers to generate content is of course better than doing it by hand, but this really just empowers small time actors. Nation states are not cost constrained, and their speed limit is their bureaucracy, not their technical implementation.
The key differences between internet enabled information operations, and all earlier eras, is the ability to have complete transparency on the side of the attacker. The veil has been lifted and it is no longer opaque at both ends — it is only opaque at one. This is because of the real time feedback available from the Internet. Also important is the ability to tailor messages for specific target audiences and deliver the message to exactly those most susceptible targets. This is definitely important, but it is the feedback that tells the attacker how successful the attack was.
Defense: censorship, denying the opposition a channel to send messages does increase safety. Culture beats strategy — gatekeepers who are credible and authorative spending time to ensure objective fair accuracy. TV beats Facebook, for example in France where TV is dominant and facebook less important for news it was harder to conduct information operations. Germany is similarly resilient because they like actual print newspapers. When there is a gatekeeper that controls access to the audience, that makes it harder to do info ops.
The best defense is a good offense. There are a lot of ways to actively engage with the info warriors, for example: elves.
Regulation to minimize the effectiveness of info ops by blunting the power of operators. Top priority is microtargeting. The pointy end of the stick. Block targeted delivery of tailored ads and the rest is significantly less useful.
The worst offense is defense. Fact checking doesn’t work. People don’t want facts, they want affirmation, appeal to their inner schweinhund.
Attacking the civilian media company conducting the campaigns on the day of the election. That horse bolted long ago.
It is worth noting that no active campaign in the past few years, that I am aware of, has taken advantage of all three critical improvements offered by the internet. The good news is, then, that a far more effective information operation than we have seen is entirely possible. On that happy note, I leave you.
If you’d like a consultant for information operations, feel free to reach out — firstname.lastname@example.org