With news this past week from the Department of Justice that pro-Russian accounts utilized materials from special counsel Robert Mueller’s investigation to try to discredit the investigation, we have officially gone through the looking glass. What is up is down, and down is up, and truth and fiction cross into parallel continuums. Sowing this chaos is once again the Internet Research Agency, a Russian social media spin-meets-spy agency, the firm at the center of the special counsel’s ongoing Russia collusion investigation. The IRA is intimately familiar with the investigation: 12 of its employees and its funder were indicted by the special counsel, and its accountant was indicted by the Department of Justice in a related investigation.
In October, as the criminal justice process was proceeding and the 2018 U.S. midterm elections were approaching, a Twitter account, @HackingRedstone (subsequently suspended), began publishing documents and other materials related to the ongoing law enforcement work, claiming that it had hacked the investigation and was releasing materials from the investigation’s own database. At first blush, the materials looked real, and included labels and numbers that the DOJ had used related to the evidence filed with the court. However, an FBI investigation concluded that the DOJ had not been hacked. Mueller’s team noted that the FBI found “no evidence” that federal government servers or Mueller’s servers “fell victim to any computer intrusion.” Rather, the troll behind the @HackingRedstone account was posting altered and doctored versions of materials most likely obtained from the Russian defendants.
The implications of disinformation being used to undermine an investigation into disinformation are sure to make your head spin. The goal of this latest campaign is clear: to cast aspersions on both the credibility and underlying claims of the special counsel’s investigation. The Internet Research Agency has made a point of attempting to discredit United States investigators for years; the trolls targeted James Comey in 2016 as he was overseeing the FBI’s investigation of Hillary Clinton for her handling of emails while secretary of state, and both Comey and Mueller in social media posts throughout 2017. It is also clear now that the IRA’s disinformation campaigns have expanded beyond targeting elections and exacerbating social division.
They have extended into meta-trolling their target audiences, casting doubt on the investigation and attempting to call into question the very existence of their operation. This too began in 2017: As journalists and researchers first began to expose their operation, the trolls posted “Liberals blame the Russians!” memes to their right-leaning Facebook pages and Instagram accounts. They used disinformation not to divide but to discredit, politicizing information and eroding Americans’ ability to have a shared base of facts. Fortunately, in the case of @HackingRedstone, the sloppy effort to discredit the investigation failed to garner much traction as the contents were quickly identified to be fabricated. However, regardless of the success of the attempt, this old tactic applied to a new target changes the game in several respects.
For this disinformation campaign, discovery material shared with foreign defendants led to the doctoring of real materials and the publishing of those doctored versions. This happened because Russia, which has zero motivation to send the indicted individuals to the United States for trial, has discovered that having U.S. representation may have huge benefits. Here, Reed Smith, the U.S.-based law firm representing Concord Management and Consulting, acquired more than 1,000 nonsensitive files related to the pending prosecution. These documents were subsequently shared with the defendant in the case, Yevgeny Prigozhin. Prigozhin, known as “Putin’s chef,” is an oligarch close to Putin who is charged alongside Concord as the company’s controller. He allegedly runs the Internet Research Agency and also has ties to the Wagner Group, a private military mercenary group. Part of the special counsel’s filing Wednesday was intended to restrict further access to information pertinent to the case from the man who has said, “The Americans are very impressionable people, and they see what they want to see.” As the case expands in size and scope, the national security implications of such materials finding their way into the hands of foreign dissemblers will likely expand. With this filing, Muller and team are making it clear that they believe that future discovery documents containing sensitive evidence being shared with Prigozhin and other Russian defendants “unreasonably risks the national security interests of the United States.”
Ultimately, it’s become apparent that the minimal methods currently in place to deter Russia from targeting the United States’ information ecosystem are not working. Admittedly, at this point, Russia has little to lose by continuing to pursue active measures in an attempt to discredit this investigation and trial. It may have thought, despite all that has been uncovered about Russian activities in 2016, that it wouldn’t get caught, believing that its ability to influence the court of public opinion again was within its grasp. Or perhaps Russia didn’t care if it got caught, because it would still influence some and undermine the very notion of truth. Regardless, Russia does not appear to be materially reining in any of its disinformation activities. While the @HackingRedstone disinformation campaign happened in October, the Russians may feel even more emboldened now, as U.S. sanctions against one of Russia’s most influential oligarchs, Oleg V. Deripaska, were lifted on Jan. 27. The Deripaska sanctions were among those initiated by the Treasury Department in April, as retaliation for Russia’s global activities to subvert liberal democracies.
Given all of this, it is time to for America to re-examine its deterrence strategy, as it is proving patently insufficient. Russia’s continuing campaigns, and those of other state actors (such as the Iranian attempt to target the U.S. 2018 midterms), suggest that an updated cyber doctrine is in order—one that clearly addresses influence operations. This may include expanding cyber countermeasures, further empowering U.S. Cyber Command (which has begun targeting Russian operatives), expanding sanctions, and collaborating with global partners to present a united front. Additional ideas are further developed in an insightful report by Council on Foreign Relations senior fellows Robert D. Blackwill and Philip H. Gordon, which says, “A wide range of additional measures is therefore needed in order to better protect U.S. society and political and electoral systems from further [Russia] intervention.” Sen. Mark Warner made a similar call in a recent speech at the Center for a New American Security, saying, “It’s not enough to simply improve the security of our infrastructure, computer systems, and data. We must also deal with adversaries who are using American technologies to exploit our freedom, our openness, and basically attack our most important asset—our democracy.”
The filings Wednesday highlight that the Mueller investigation may continue to be the target of ongoing active measures. The focus has evolved from driving chaos and political and social unrest from 2014 through 2017 toward undermining the U.S. government’s leading investigation into the original influence operation itself. This escalation into attacking the very facts of a situation of Russia’s own making is designed to increase confusion, to make it feel too difficult to know what’s true and what isn’t, and to undermine our confidence in our own intelligence and law enforcement teams. As Mueller begins to wrap up his investigation, there will be pressure to release a report of at least his key findings. Unless the United States is able to establish deterrence sufficient to dissuade future attacks, the special counsel’s findings and credibility will be attacked through additional disinformation campaigns. That adds urgency to establishing credible deterrence and thus preventing us from finding ourselves in a situation where “nothing would be what it is, because everything would be what it isn’t.”