Report: US Cyber Command took Russian trolls offline during midterms
Enlarge / US Cyber Command, co-located with the NSA at Fort Meade, reportedly launched attacks against members of a Russian disinformation operation ahead of last November's mid-term primaries, according to a Washington Post report. (credit: SAUL LOEB/AFP/Getty Images)
In October of 2018, US Cyber Command (USCYBERCOM) undertook a campaign to defuse information operations by a Russian operation identified in Justice Department filings as "Project Lakhta" seeking to influence or disrupt elections in the US. As Ars reported at the time, the measures being taken by USCYBERCOM-the military's joint network-defense command, based at Fort Meade, Maryland-included identifying, tracking the activities of, and directly messaging individuals in Russia involved in disinformation operations. But a February 26 report by The Washington Post's Ellen Nakashima indicates that USCYBERCOM's efforts went even further-including an attack on the Internet Research Agency, the organization at the heart of alleged Russian disinformation operations that "basically took the IRA offline," according to an unnamed US official.
The operation was authorized under new guidelines set by President Donald Trump in September in a classified version of his executive order on cybersecurity. That policy move was crafted under the guidance of National Security Advisor John Bolton-who took over direct responsibility for White House cyber policy after the departure of former Cybersecurity Coordinator Rob Joyce and the elimination of that position from the National Security Council. Under Bolton's direction, as Bolton himself said in a press call Ars attended in September 2018, previous restrictions placed on the use of offensive network and computer operations set by the Obama administration were lifted. "Our presidential directive effectively reversed those restraints, effectively enabling offensive cyber operations through the relevant departments," Bolton said at the time.
It all depends what the definition of "attack" isIf the information shared with The Washington Post is true, this would indicate October's operations were a significant escalation in US operations against Russia-targeting a private organization that, while operating allegedly in concert with Russian government goals, is not directly connected to the Russian federal government itself. It's not clear whether the attack targeted the IRA's infrastructure in St. Petersburg or if it targeted the devices of individuals within the organization.
Read 4 remaining paragraphs | Comments