Researchers uncover six-years-worth of Russian attempts to mold international politics using fake news and forged documents. Social media research group Graphika published today a 120-page report [PDF] unmasking a new Russian information operation of which very little has been known so far.
Codenamed Secondary Infektion, the group is different from the Internet Research Agency (IRA), the Sankt Petersburg company (troll farm) that has interfered in the US 2016 presidential election. Graphika says this new and separate group has been operating since 2014 and has been relying on fake news articles, fake leaks, and forged documents to generate political scandals in countries across Europe and North America.
Graphika says that most of this content has been aimed at attacking classic Russian political rivals like Ukraine, the US, Poland, and Germany, but also other countries where Russian influence came under attack, at one point or another. Unlike the IRA, which was primarily focused on creating division at the level of regular citizens, Secondary Infektion's primary role appears to been to influence decisions at the highest level of foreign governments.
This was done by attempting to influence political decisions by creating fake narratives, pitting Western countries against each other, and by embarrassing anti-Russian politicians using fake articles and forged documents.
Secondary Infektion liked blogs more than social media
Furthermore, another way in which Secondary Infektion differed from the more well-known IRA was that while the IRA was mostly active on social media networks, the Secodanry Infektion gang had a broader reach, with a lot of its content being published on blogs and news sites.
Graphika said it found content published on more than 300 platforms, from social media giants such as Facebook, Twitter, YouTube, and Reddit to blogging platforms like WordPress and Medium, but also niche discussion forums in Pakistan and Australia.
New-school security awareness training can ensure your users are able to spot and report suspicious activity on their network.
ZDNet has the full story: https://www.zdnet.com/article/super-secretive-russian-disinfo-operation-discovered-dating-back-to-2014/