Europol culls thousands of Islamic State online accounts in ‘day of action’

Telegram AppThe law enforcement agency of the European Union, in cooperation with the popular online messaging service Telegram, has culled thousands of Islamic State online accounts in what it described as “a day of action”. The operation was coordinated by the European Union Agency for Law Enforcement Cooperation, better known as Europol. The agency coordinated its activities with the popular instant-messaging service Telegram, which the Islamic State has used as its main platform of mass communication since 2014.

In a press release that appeared on its website on Friday, Europol said that it had managed to locate “a significant portion of key actors within the Islamic State network on Telegram” and “push [them] away from the platform”. The messaging app confirmed the joint “day of action” with Europol and said it took down over 5,000 “terrorist accounts and bots” from its network on November 22 and 23. The company said this was nearly 10 times higher than the usual number of user accounts taken down daily for violating its user agreement.

The BBC said that the removal of the accounts appeared to affect heavily the activities of the Nashir News Agency, an Islamic State propaganda outlet that uses the Telegram app to publicize press releases from the Islamic State. Dozens of online channels and community groups that were moderated by Nashir News Agency editors were also impacted, as their moderators had disappeared from the network. On Saturday, some Telegram users began posting information about replacement accounts for Nashir News Agency press releases, but these too were taken down within hours.

This was the second major “day of action” against online terrorist propaganda that Europol coordinated, with the first one being in April of last year. But critics argue that such efforts are unlikely to have a long-term impact on the ability of terrorist groups to spread online propaganda, unless they are constant and systematic. Meanwhile, Islamic State sympathizers criticized the Telegram service on other social media platforms and warned that moves to silence the group would result in its membership going deeper underground.

Author: Joseph Fitsanakis | Date: 26 September 2019 | Permalink

FBI charges Twitter employees with working as spies for Saudi Arabia

TwitterUnited States authorities have charged two employees of the social media firm Twitter and a member of staff of Saudi Arabia’s royal family with spying for Riyadh. The Federal Bureau of Investigation filed a complaint on Wednesday in San Francisco, accusing the three men of “acting as unregistered agents” for Saudi Arabia. The phrase is used in legal settings to refer to espionage.

According to the FBI, the charges stem from an investigation that lasted several years and centered on efforts by the oil kingdom to identify and silence its critics on social media. In 2015, the Saudi government allegedly reached out to Ali Alzabarah, a 35-year-old network engineer working for Twitter, who lived in San Francisco. The complaint alleges that Ahmed Almutairi (also known as Ahmed Aljbreen), who worked as a “social media advisor” for Saudi Arabia’s royal family, arranged for Alzabarah to be flown from San Francisco to Washington to meet with an unidentified member of the Saudi dynasty.

Alzabarah, along with another Twitter employee, 41-year-old Ahmad Abouammo, were given money and gifts by the Saudi government in return for supplying it with private information about specific Twitter users, according to the complaint. The information provided by the two Twitter employees to the Saudi authorities allegedly included the email addresses, IP addresses and dates of birth of up to 6,000 Twitter users, who had posted negative comments about the Saudi royal family on social media.

Special Agents from the FBI’s Settle field office arrested Abouammo at his Seattle home on Tuesday. However, Alzabarah is believed to have fled the United States along with his family before the FBI was able to arrest him. He is currently believed to be in Saudi Arabia and is wanted by the FBI, which has issued a warrant for his arrest. The Saudi government has not commented on the case. Twitter issued a statement on Wednesday, saying it planned to continue to cooperate with the FBI on this investigation.

Author: Joseph Fitsanakis | Date: 07 November 2019 | Permalink

Facebook shuts down suspected state effort to prop up Sudanese military regime

Sudan civil unrestFacebook has shut down a well-funded online campaign to support Sudan’s military regime, which some say is part of wider efforts by Egypt, the United Arab Emirates and Saudi Arabia to stop democratic reforms in Sudan. The northeast African country has experienced civil unrest for more than a year. In February Sudan’s longtime strongman, Omar Hassan al-Bashir, fell from power after 30 years, following prolonged popular protests. But the new military junta that succeeded him launched a violent campaign of suppression against the country’s pro-democracy movement. The junta’s leaders have relied heavily on ample support provided by three close American allies, namely Egypt, Saudi Arabia and the United Arab Emirates. Meanwhile, the student-led pro-democracy movement has taken to the Internet to mobilize the Sudanese population. The regime has at times shut down the Internet in an attempt to stop pro-democracy organizers from spreading their message online.

Now it has emerged that Facebook detected and terminated a systematic misinformation campaign to promote the views of the Sudanese regime while also slamming the pro-democracy movement as reckless and irresponsible. The campaign was reportedly carried out by two self-described “digital marketing” companies: New Waves, headquartered in Egypt, and Newave, which is based in the Emirates. According to Facebook, the two companies worked in parallel to establish hundreds of fake accounts on social media platforms such as Facebook and Instagram. They also spent nearly $170,000 to promote material that was posted online by an army of paid users. The latter were allegedly paid $180 a month to post disinformation and other forms of carefully directed propaganda on social media. A total of 13.7 million Facebook and Instagram users were reached in the course of the disinformation campaign, according to Facebook. Twitter and Telegram were also employed by the two companies to post messages in favor of the Sudanese military. Other messages extoled the Libyan warlord Khalifa Haftar, as well as Muse Bihi Abdi, president of the self-declared state of Somaliland. Egypt, Saudi Arabia and the Emirates are staunch supporters of both Haftar and Abdi.

Facebook said it had been unable to collect evidence of a direct link between the New Waves/Newave disinformation campaign and the governments of Egypt, Saudi Arabia and the United Arab Emirates. But it added that the features of the campaign bore the hallmarks of a state-run operation. The New York Times, which reported on the story last week, said the Emirati company, Newave, did not respond to several requests for a comment. Amr Hussein, an Egyptian former military officer who owns the Cairo-based New Wave, issued a public statement calling Facebook “liars” and denying he had any links to the Emirates.

Author: Joseph Fitsanakis | Date: 11 September 2019 | Permalink

Many countries, not just Russia, are trying to influence US elections, experts warn

TwitterSeveral countries are behind organized efforts to influence electoral politics in the United States, with Russia being one among a growing list of culprits, according to experts. Speaking to The Washington Post last week, cybersecurity experts issued what they described as “a wake-up call” to voters and warned that America’s information space is becoming “a free-for-all for foreign intelligence”. Foreign spy services that are utilizing information operations in order to influence US elections reportedly include —aside from Russia— Israel, Saudi Arabia, the United Arab Emirates, Venezuela and China.

The majority of foreign information operations take place on social-media platforms such as YouTube, Twitter, Instagram and Facebook. But there are also campaigns to influence more traditional American media, for instance by tricking newspapers into publishing letters to the editor that are in fact authored by foreign intelligence operatives. Analysts from FireEye, Graphika and other cybersecurity and network-analysis firms told The Post that some information operations are difficult to detect, because the presence of a state security service is not always apparent. However, the messages that are communicated in tweets, Facebook postings, online videos, etc., tend to echo —often word for word— the rhetoric of foreign governments, and promote their geopolitical objectives. As can be expected, these objectives vary. Thus, Russian, Israeli and Saudi information operations tend to express strong political support for US President Donald Trump, arguably because these governments see his potential re-election as a development that would further their national interest. In contrast, Iranian information operations tend to lambast Trump for his negative stance on the Iranian nuclear deal and for his support for Saudi Arabia’s intervention in the Yemeni Civil War.

The Washington Post article notes that all major social-media companies employ teams of screeners whose mission is to detect and eliminate disinformation campaigns by both state and non-state actors. However, experts remain skeptical about their ability to combat the phenomenon, given that the quantity and sophistication of disinformation campaigns is constantly increasing. Many countries —including Israel and the United States— now maintain advanced information operations targeting national elections on several continents. There are also many governments —such as Qatar, the Philippines and Turkey— that use these techniques on their own voters and could potentially use them in the near future to target foreign populations, including Americans. The 2020 presidential election in the US is expected to be the most hotly contested in many decades, so it is certain that numerous foreign spy agencies will try to influence it in numerous ways, says The Post.

Author: Joseph Fitsanakis | Date: 29 July 2019 | Permalink

Election meddling by foreign powers already underway, says Canadian spy agency

CSE CanadaThe manipulation of social media by foreign governments aiming to sow division in Canada ahead of the country’s federal election in October is growing, according to the country’s signals intelligence agency. In a report published Monday, the Communications Security Establishment (CSE), Canada’s national communications interception agency, warns that election meddling by foreign powers is already taking place. The report, titled “2019 Update: Cyber Threats to Canada’s Democratic Process”, says that voters, as well as specific political figures, have been targeted by foreign powers since 2015 in the North American country.

The foreign intelligence agencies behind the efforts to manipulate Canada’s electoral process have systematically attempted to “polarize Canadians or undermine Canada’s foreign policy goals”, says the report. These efforts will continue and intensify in the run-up to October, claims the report, and concludes by warning that Canadians should expect to “encounter some form of foreign cyber interference ahead of, and during, the 2019 federal election”. However, foreign cyber interference on the scale that was experienced in the months leading up to the 2016 presidential election in the United States is improbable, according to the CSE.

Meanwhile, in an unrelated development, the former director of the Canadian Security Intelligence Service (CSIS), Canada’s primary national intelligence service, said in an interview last week that Ottawa would have to be patient in dealing with Russia and —especially— China. Speaking at a public forum hosted by the Canadian International Council in Vancouver, Richard Fadden noted that neither China nor Russia wish to go to war with the West. What they want instead is to “fragment the West” and thus increase their own influence on the international scene, said Fadden, who directed the CSIS from 2009 to 2013. It would be fair for Canada to “poke back”, he said, but would have to be “careful how [to] do it”, he added. “We need to be realistic. We’re dealing with an emergent superpower and […] we’re going to have to be patient”, Fadden concluded.

Author: Joseph Fitsanakis | Date: 09 April 2019 | Research credit: C.D. | Permalink

Islamic State’s online footprint declines drastically, experts say

Islamic State - IAThe online arm of the Islamic State, which was once one of the organization’s most noticeable trademarks, has declined markedly in 2018, according to expert observers in the United States and elsewhere. This is especially applicable to the militant group’s online propaganda and recruitment campaign, which appears to have effectively ceased, say experts.

According to The Washington Times newspaper, most information warfare experts at the United States Department of Defense believe that very little is left of the Islamic State’s once sizeable Web and social-media presence. The paper said that, according to the US Pentagon, the total media footprint of the group —which is also known as the Islamic State of Iraq and Syria (ISIS)— has diminished by as much as 83 percent since its peak in 2015. Online activity measured by the US Pentagon includes posts on social media by Islamic State members and commanders, as well as professionally produced pro-ISIS images and videos aired on YouTube and other image- and video-based online platforms. It also includes material from the Islamic State’s press bureau, the Amaq News Agency, which in previous years produced hundreds of pro-ISIS videos.

Experts told The Washington Times that the Islamic State’s online footprint has shrunk as a result of the group’s loss of its territory. The loss of ISIS’ physical bases in the Middle East has resulted in the death of many of the group’s online propagandists. Those who survived are currently hiding or fleeing from the authorities, fearing arrest or death. This has “crushed [the militant Sunni group’s] ability to mount a coordinated Web-based strategy”, said The Washington Times. The military attacks against ISIS continue to take place alongside an “aggressive counterstrategy in cyberspace”, said the paper, which is being led by the US Pentagon and its allies. This has included the successful targeting of thousands of social media accounts belonging to ISIS members and supporters, as well as complex hacking operations. The US Pentagon also coordinates the delivery of online content that counters the Islamic State’s narrative and messages.

But some experts warned the paper that the Islamic State continues to recruit members online and that the group’s online recruitment efforts are not completely a thing of the past. In fact, new ISIS-sponsored content continues to appear online regularly, they said. In September of this year alone, the Islamic State released 12 different videos, mostly aimed at recruiting new members. Additionally, the militant group continues to use Facebook, YouTube, and other popular online social media platforms, experts warned.

Author: Ian Allen | Date: 26 October 2018 | Permalink

Facebook says efforts to subvert upcoming US elections resemble ‘new arms race’

FacebookFacebook has said it is involved in an “arms race” against “bad actors” as it announced on Tuesday the removal of accounts that allegedly tried to subvert the upcoming mid-term elections in the United States. The social-media giant said its security division had identified 32 profiles and pages that were set up for the sole purpose of disrupting, subverting or otherwise influencing the American political process. At least seven more accounts were shut down on the Instagram platform –which is also owned by Facebook– for the same reasons. In the past 14 months, the suspect accounts generated nearly 10,000 posts and were liked or followed by over 290,000 users, said Facebook.

In addition to producing memes that aimed to stir existing racial, political and religious tensions in American society, the suspect accounts are also believed to have generated approximately 150 paid advertisements, spending around $11,000 for that purpose. Moreover, close to 30 public events were organized, advertised and hosted by the suspect pages throughout the US in the past 14 months. One such event was subscribed to by 4,700 users, with another 1,400 users stating that they would attend.

In a preliminary report posted on its online newsroom, Facebook said it was too early in the investigation to identify the party or parties behind the alleged effort to influence the US mid-term elections. Its security team had detected “one instance” of a connection between this latest operation and the Russian-based Internet Research Agency (IRA), which Facebook identified as being one of the main sources behind efforts to influence the 2016 US presidential elections. But the report cautioned that the instigators of this latest attempt to influence the US political process had gone to great pains to hide their identities, affiliations and geographical coordinates. For instance, they routinely employed virtual private networks in order to disguise their internet protocol addresses. They also used third parties to purchase advertisements on Facebook and Instagram. These and many other tactics severely limited the ability of security technicians to attribute these efforts to specific countries, governments or companies, said Facebook.

Using unusually strong language to describe its ongoing probe, Facebook said that the exploitation of its platform for sinister political purposes resembled “an arms race” and that constantly changing tactics were needed to combat it. In addition to removing the suspect accounts, Facebook said it was working closer with law enforcement and leading online security firms in order to analyze and eliminate threats from what it described as “bad actors”. It added that it was “investing heavily” in more people and better technology in order to eliminate those who were trying to weaponize its communication platform for sinister goals.

Author: Joseph Fitsanakis | Date: 01 August 2018 | Permalink