In our recent Global Situational Awareness and Threat Vector Survey, we endeavored to send out an early warning signal regarding this unique time period  – marked by a saturation of information warfare, social engineering, and ransomware activity, arguably propelled by the threat surface that is the information ecosystem driving the U.S. presidential election.  One item in the survey pointed to Iranian and Russian outlets paying U.S. individuals to contribute content creation and distribution efforts to government-directed foreign malign influence campaigns, underscoring “concern that the spread of falsehoods and propaganda online is entering a more complicated stage as the November election draws closer” and  “a sign of how widening geopolitical alliances are making it harder to identify and trace foreign influence operations.” 

The Department of Justice (DOJ) does not appear to be struggling, however, as the DOJ Election Threats Task Force, along with the State and Treasury Departments, yesterday announced sweeping sanctions, indictments, and the seizure of web domains “to push back on Russian influence campaigns in the 2024 election.”

NOTE:  To track related issues on an ongoing basis, the OODA Loop News Brief team will continue to provide prescient briefs on U.S. election security and integrity issues, as well as the impact of misinformation and government-directed foreign malign influence campaigns as we head into election day in the U.S. in November.

DOJ Election Threats Task Force Unseals Russian Election Interference Indictment and Seizes Cybersquatting Domains

Justice Department Hosts Election Threats Task Force Meeting

Attorney General Merrick B. Garland hosted a meeting of the Justice Department’s Election Threats Task Force. Attorney General Garland, Deputy Attorney General Lisa Monaco, FBI Director Christopher Wray, Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division, and Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division delivered remarks.

U.S. Announces Plan to Counter Russian Influence Ahead of 2024 Election

As reported by the NYT:

• The United States on Wednesday announced a broad effort to push back on Russian influence campaigns in the 2024 election as it tries to curb the Kremlin’s use of state-run media and fake news sites to sway American voters.  Attorney General Merrick B. Garland detailed the actions taken by the Justice Department. They include the indictment of two Russian employees of RT, the state-owned broadcaster, who used a company in Tennessee to spread content, and the takedown of a Russian malign influence campaign known as Doppelgänger.
• The Treasury Department imposed sanctions on ANO Dialog, a Russian nonprofit that helps run the Doppelgänger network, as well as RT’s editor-in-chief, Margarita S. Simonyan, and her deputies.
• The State Department has offered a $10 million reward for information pertaining to foreign interference in an American election. The department specifically said it was seeking information on a group known as Russian Angry Hackers Did It, or RaHDit.  The State Department also said it would designate five Russian state-funded news outlets, including RT, Ruptly, and Sputnik, as foreign government missions and restrict the issuance of visas to people working for Kremlin-supported media institutions.
• The indictments on Wednesday charged two Russian employees of RT, Kostiantyn Kalashnikov and Elena Afanasyeva, with conspiracy to violate the Foreign Agents Registration Act. They are accused of spending $10 million to secretly pay the unnamed Tennessee company to spread nearly 2,000 English-language videos on YouTube, TikTok, Instagram, and X.

USG Official Press Releases:  Sanctions, Indictments, and Seizing of Web Domains

Two RT Employees Indicted for Covertly Funding and Directing U.S. Company that Published Thousands of Videos in Furtherance of Russian Interests:  An indictment charging Russian nationals Kostiantyn Kalashnikov, 31, also known as Kostya, and Elena Afanasyeva, 27, also known as Lena, with conspiracy to violate the Foreign Agents Registration Act (FARA) and conspiracy to commit money laundering was unsealed today in the Southern District of New York. Kalashnikov and Afanasyeva are at large.  View the indictment here.

Justice Department Disrupts Covert Russian Government-Sponsored Foreign Malign Influence Operation Targeting Audiences in the United States and Elsewhere:  The Justice Department today announced the ongoing seizure of 32 internet domains used in Russian government-directed foreign malign influence campaigns colloquially referred to as “Doppelganger,” in violation of U.S. money laundering and criminal trademark laws. As alleged in an unsealed affidavit, the Russian companies Social Design Agency (SDA), Structura National Technology (Structura), and ANO Dialog, operating under the direction and control of the Russian Presidential Administration, and in particular First Deputy Chief of Staff of the Presidential Executive Office Sergei Vladilenovich.  View the affidavit here.

State Department Actions to Counter Russia’s Election Interference and Foreign Malign Influence Operations:   As part of a series of coordinated actions across the U.S. Government, the Department of State is taking three steps today to counter Kremlin-backed media outlets’ malicious operations seeking to influence or interfere in the 2024 U.S. elections.  Moscow’s methods of targeting those it identifies as adversaries are well known – from its illegal and unwarranted invasion of sovereign nations to the unjust imprisonment of innocent persons, to cyberattacks and meddling in foreign elections, to conducting sham elections in Russian-controlled territories of Ukraine.  In addition, we now know that RT, formerly known as Russia Today, has moved beyond being simply a media organization. RT has contracted with a private company to pay unwitting Americans millions of dollars to carry the Kremlin’s message to influence the U.S. elections and undermine democracy. Moreover, RT’s leadership has direct, witting knowledge of this enterprise.

Treasury Takes Action as Part of a U.S. Government Response to Russia’s Foreign Malign Influence Operations | U.S. Department of the Treasury:   The Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated 10 individuals and two entities as part of a coordinated U.S. government response to Moscow’s malign influence efforts targeting the 2024 U.S. presidential election. Russian state-sponsored actors have long used a variety of tools, such as generative artificial intelligence (AI) deep fakes and disinformation, in an attempt to undermine confidence in the United States’ election processes and institutions. Beginning in early 2024, executives at RT—Russia’s state-funded news media outlet—began an even more nefarious effort to covertly recruit unwitting American influencers in support of their malign influence campaign. RT used a front company to disguise its own involvement or the involvement of the Russian government in content meant to influence U.S. audiences.

Additional OODA Loop Resources

For our News Briefs and Original Analysis research efforts to date on this topic, go to:

• OODA Loop | Elections
• OODA Loop | CISA
• OODA Loop | Volt Typhoon
• OODA Loop | APT
• OODA Loop | Secure by Design

Dr. Bilyana Lilly on Russian Information Warfare and Navigating Future Risks:  In this OODAcast, Matt interviews Dr. Bilyana Lilly, who is an expert on Russian information warfare and geo-political risk. Bilyana is also the author of the book Russian Information Warfare and the novel Digital Mindhunters.

Information Warfare, Social Engineering, and Ransomware: A Global Situational Awareness and Threat Vector Survey:  As we slide into the end of summer, we take a “bird’s eye” view of the high-threat level created by the 2024 U.S. Presidential Election.  In this post: a situational awareness and threat vector survey of information warfare, social engineering, and ransomware incidents and activities worldwide as of Friday, August 30, 2024 – including a very recent joint Cybersecurity advisory from the Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC), and Department of Health and Human Services (HHS) and context on the recent arrest of the Telegram CEO.

Cyber Risks

Corporate Board Accountability for Cyber Risks: With a combination of market forces, regulatory changes, and strategic shifts, corporate boards and directors are now accountable for cyber risks in their firms. See: Corporate Directors and Risk

Geopolitical-Cyber Risk Nexus: The interconnectivity brought by the Internet has caused regional issues that affect global cyberspace. Now, every significant event has cyber implications, making it imperative for leaders to recognize and act upon the symbiosis between geopolitical and cyber risks. See The Cyber Threat

Ransomware’s Rapid Evolution: Ransomware technology and its associated criminal business models have seen significant advancements. This has culminated in a heightened threat level, resembling a pandemic’s reach and impact. Yet, there are strategies available for threat mitigation. See: Ransomware, and update.

Challenges in Cyber “Net Assessment”: While leaders have long tried to gauge both cyber risk and security, actionable metrics remain elusive. Current metrics mainly determine if a system can be compromised without guaranteeing its invulnerability. It’s imperative not just to develop action plans against risks but to contextualize the state of cybersecurity concerning cyber threats. Despite its importance, achieving a reliable net assessment is increasingly challenging due to the pervasive nature of modern technology. See: Cyber Threat

Recommendations for Action

Decision Intelligence for Optimal Choices: Numerous disruptions complicate situational awareness and can inhibit effective decision-making. Every enterprise should evaluate its data collection methods, assessment, and decision-making processes for more insights: Decision Intelligence.

Proactive Mitigation of Cyber Threats: The relentless nature of cyber adversaries, whether they are criminals or nation-states, necessitates proactive measures. It’s crucial to remember that cybersecurity isn’t solely the IT department’s or the CISO’s responsibility – it’s a collective effort involving the entire leadership. Relying solely on governmental actions isn’t advised given its inconsistent approach towards aiding industries in risk reduction. See: Cyber Defenses

The Necessity of Continuous Vigilance in Cybersecurity: The consistent warnings from the FBI and CISA concerning cybersecurity signal potential large-scale threats. Cybersecurity demands 24/7 attention, even on holidays. Ensuring team endurance and preventing burnout by allocating rest periods are imperative. See: Continuous Vigilance

Embracing Corporate Intelligence and Scenario Planning in an Uncertain Age: Apart from traditional competitive challenges, businesses also confront unpredictable external threats. This environment amplifies the significance of Scenario Planning. It enables leaders to envision varied futures, thereby identifying potential risks and opportunities. Regardless of their size, all organizations should allocate time to refine their understanding of the current risk landscape and adapt their strategies. See: Scenario Planning