Advertisements

Seeing Truth through Smoke- Disinformation Is Hazardous to Our Heads!

Thank You For Not Lying!

Dr. Alina Polyakova, the David M. Rubenstein Fellow for Foreign Policy at the Brookings Institution, is one of the world’s foremost experts on fake news and Russian disinformation. She had a brilliant idea the other day.

In the Western world, we’ve been playing catchup with the Russians for years, trying to find a way to counter the pesky disinformation tactics they’ve become famous for.

She came up with something just as simple as it is profound- to look for an analogous solution, based on the American anti-smoking campaign that started in 1964. These two completely unrelated subjects have some amazing similarities.

In the case of whether or not it’s a good idea to let the Russians loose like attic-bound raccoons in our cyber-grid, spreading disinformation and malware around like scat, the why-nots are obvious, just like with smoking. A rational person has no cause to misunderstand why this would be bad.

What we want to examine are the actual techniques used by the Surgeon General and others to paint cigarettes in the light they deserve- as filthy, smelly, cancerous sticks of death you’ve got to pay for.

That’s the way to go here.

First off, disinformation is dangerous. It leads to a gross devaluation of truth and a breakdown in the entire moral order. Though zany Russian hacker disinformation combos of race-baiting and coordinated cyber-lying may seem silly and random one at a time, they add up.

Ladislav Bittman, the former Communist Czechoslovak deputy chief of the disinformation department, compared the effects of disinformation to a slow acting poison, saying “One drop may not be a problem, but together a dose could be fatal.”

The same is true of nicotine, of course. And eventually, America caught on. But for years, the tobacco companies managed to convince Americans that the opposite was true. They did it with a carefully calculated and billion-dollar effort, based on pseudoscience, lies, and big advertising. It was exactly like what the Russians are doing now.

This is a significant concept for a few reasons. First, it’s always elegant when you can fit an old key in a new lock. She went rifling through the old Public Threat or Menace manual, found a campaign in the past that gave her precedent, and voila.

This is conduct to be emulated as much as possible, especially as that particular connection isn’t easy to see. Well done, Doctor!

Returning to our topic, people have been thinking this whole time that these Russian cybercrimes are all really stylish, powerful, interesting things to do. They think Russian hackers, and they picture this:

Thank You For Not Lying!
Thank You For Not Lying!

What they should be picturing, is this:

Mucky! Gives you cancer!
Disinformation gives you brain cancer!

Think back. When your mother first told you not to smoke cigarettes, did she give you any pamphlets on the subject? Did she cite scholarly sources to you? Or did she just do like mine did, and shout “No! Mucky! Gives you cancer!”

I got the point. Looked it up later.

This thing with the Russian disinformation is exactly the same. It is so obviously bad for America that the case cannot be overstated, and yet they are not listening. The whole thing has had to be completely infanticized, and it’s us who’s changing the diapers.

Inside those disinformation diapers are the images we need to show people.

Disinformation is gross. It’s like being smelly. Telling lots of lies is for the kid nobody wants to sit next to. That’s probably why he became a hacker, the poor schmoe- Glad I’m not that guy!

Disinformation is smoggy. It makes it hard to see, hard to breathe.

The people under its influence get bewildered and don’t know what is what anymore. They just know that they are angry and they want to hit out at something, like Trump is provoking his followers into doing to CNN reporters.

That’s why watching Fox News these days make people behave like they’ve been doing bathtub crank. There’s no bathtub-crank chic. Nobody is remaking Trainspotting, over bathtub crank.

Smoggy. Wasteful. Smelly. Stupid. Gross. These are the reasons people quit smoking. Once smokers realized that nobody was looking at them and seeing the Marlboro Man, they got red in the face and cut it out, en masse.

This will be the case with fake news trolls eventually also.

Sitting around inside all day plunking on a keyboard and trolling is not what healthy adults, ones with actual influence in life, tend to want to do. Many studies have shown this to be the case.

Recently researchers at Australia’s Federation University used an online questionnaire to look closely at the psychology of those who engage in online trolling.

Unsurprisingly, the researchers found that trolls tend to show higher levels of trait psychopathy and sadism.

Trolls also tend to be poor, unfit, unkempt, unhappy. This is not what you want to do. You’re acting out all this harm on yourself for a cheap thrill.

You might as well start smoking.

The modern-day, right-wing Cold Warrior.
The modern-day, right-wing Cold Warrior.

Going forward, the message we have got to get across is a very simple one.

Spreading disinformation and sowing dissent around in the form of fake news is a lousy, negative activity.

It isn’t writing, or programming, or art.

It destroys and does not create.

It does everyone in the world a huge disservice by destabilizing their nations and economies.

It’s gross, it’s stupid and it’s unhealthy. There’s nothing good about it. Cut it out.

Advertisements

Cyber-Defense For Democrats! Security Measures For Midterms.

#CyberDefenseForDemocrats

Hello, world!

We have received numerous requests for a focus piece regarding cyber-defense for Democrats, especially right now as we are going into the midterms. In it is an introduction to a number of the techniques we can use to defend ourselves going forward. Knowledge is power. Pass it on.

Regular readers of Millennial Democrats will not require a lot of explanation as to how and why the threat of Russian hacking is real. We have been up against it for years. The time has come to soberly and objectively assess Russia’s cyberwarfare capabilities, and examine how we plan to fight back.

In 2016, America was caught off guard and we got a bloody nose. Guys like Roger Stone’s buddy Guccifer 2.0, or the guys in Fancy Bear pulled a fast one, to be sure.

But it’s important not to overstate the case. It is not accurate to attribute cybernetic omniscience to the Russians and their zany bots and fake news.

They had the element of surprise back then. Most people had no idea what they were doing(and rolled their eyes at those who were trying to warn them, but that’s another subject). These days things are very different.

Regardless of the lies of the great orange malignance, America knows the Russians are out to get us. Trump is sticking his head in the sand on this and will do nothing to help us, so we’re going to have to learn to help ourselves, and each other.

It’s too bad we’ve got no national leadership on this, but it is what it is. We’ll get by on our own.

In starting out, the most important thing to keep in mind is this: Hackers rely on our mistakes, and mistakes are most often made when we don’t know we are making them. They need to catch us off guard, and their job is to find creative ways to use their tools to get us to slip up.

The first place a smart hacker will look is outside the box, so to speak. They’re always looking for ways to burrow in that you wouldn’t think to look for.

Employing a given system, be it a human being or a PC, for a purpose it wasn’t designed for is what hacking means. However, if you’re careful, neither you nor your computer will end up thus employed. It’s all about being careful.

Hackers are clever, be they Russian or from elsewhere, but they are far from invincible. We’ve already stopped a number of Russian cyber-assaults directed at Democrats this year, such as the ones aimed at our Claire McCaskill.

Without the element of surprise, hackers have many limitations. It’s not that easy to brute-force open a website. Just ask these guys:

This is the IP address of a hacker, purportedly from Beijing, who is always doing his best to get in here. Have at it, pal.
This is the IP address of a hacker, purportedly from Beijing, who is always doing his best to get in here. Have at it, pal.

Basic cyber-hygiene techniques would cut down on more than 80 percent of cyber attacks and cyber thefts, according to Herbert Lin, senior research scholar for cyber policy and security at Stanford University’s Hoover Institution. It will benefit us to learn a few.

There is a great deal of white-hat(ethical hacking) work that can be done to defend America in this realm, and most of it has to do with how careful we are.

We repeat- It’s all about being careful. This cannot be repeated too often.

Every technique that hackers use, be they DNS attacks against home routers, phishing emails, malware, botnets, or what have you, is ultimately something we can avoid.

In this piece, we’re going to talk about a few common mistakes made by end-users(that means us, the consumer) and how they are exploited by criminals. We’re also going to talk about some of these cyber-hygiene measures and assign them three rules of thumb.

  1. Don’t open strange emails.
  2. Don’t click on strange links.
  3. Don’t accept chat messages from people you don’t know, particularly on Facebook.

Before we get started, think for a second about all your other social media accounts. Are they just as secure as your Facebook or Twitter? Make sure they are! That’s the first place a hacker will go to collect more data about you. You’re particularly vulnerable to having your account on the ones you don’t often use pried open.

As an aside, this is also why you don’t want to use the same passwords for everything. Passwords are obviously critical, as somebody who’s got them has got all your information at his fingertips. Be careful!!

A great deal of a hacker’s job revolves around getting the passwords of their victims. Their most popular tools are all various ways to apply “spear-phishing” hacks, designed to steal passwords and personal data. The unlucky “phish” who opens one has become a victim and is now open to all kinds of trouble.

There are all kinds of ways to go spear-phishing. A brand new one showed up not long ago when U.S. government agencies recently received letters via snail mail.

They came with CDs inside, and they contained malware, according to cybersecurity researcher Krebs on Security. The infected discs were accompanied by a Chinese-postmarked envelope and a “confusingly-worded” letter.

That is just like what they do on Facebook. Hackers make links that look like YouTube videos and various other innocuous things, and they write you some goofy little messages. They look like some cute little harmless thing. Actually, they’re viruses. And you’re hit.

One example that all readers of this blog will vividly recall took place on March 10, 2016, when the first volley of malicious e-mail messages hit the inboxes of thirty people who were closely associated with the Hillary Clinton campaign. Inside them were links that were actually viruses, like worms on a hook.

Nearly all of them were failures. All but one, actually. But one was enough.

Within nine days, a horrendous amount of critical data had been stolen and passed along to Wikileaks, to be strategically released in a way they figured would hurt us. It did.

Those leaked e-mails, in which Debbie Wasserman-Schultz was seen to be fussing over Bernie’s lack of ability to fill out campaign finance forms correctly, were spun up into a narrative that Bernie(who lost by four million popular votes) had been cheated.

Bernie or Bust bought it, there were riots in the streets of Philadelphia, and a rift was torn in the Democratic Party that still has yet to heal.

All of that was made possible, with just a few phished passwords.

To combat phishing is to make sure everyone knows how common and damaging these attacks can be. Everyone should keep their guard up when checking emails, and they should report any email they find suspicious.

It’s necessary to point out here that Facebook phishing in particular is horrendously easy. They can hack you right through your chat box. We recommend in the strongest possible terms that you put as little of your personal information as possible on Facebook.

They save everything. They’re like a gigantic data collection firm, and they’ll sell your personal information to companies like Cambridge Analytica who will use it to hurt us all.

Why risk it?

Facebook presents about a million added vulnerabilities to all of us that use it. When Edward Snowden was asked what to do to keep your data safe on that platform, his response was, “Delete your account.”

We can’t recommend that, as Facebook gives us access to 2 billion people, but we can recommend this much. If people you don’t know send you strange messages on Facebook, don’t accept them.

Facebook was made to brief congressional aides just last week Tuesday about the newest outbreak of anti-Democratic disinformation, which is already said to be evolving into something more sophisticated. Excerpts from that briefing are shown below.

“We are looking at just some of the malicious material that already may be circulating or will be released before the midterms. It also bears repeating that we know the campaign of Sen. Claire McCaskill (D-Mo.) was targeted.”

Cyber-intelligence experts see this as being major, and with clear reason.

Moving on, it isn’t only Facebook and social media you’ve got to be careful with. Websites too are vulnerable.

Anecdotally, the webmaster of this site has seen hackers from all over the world try to take us down, from Beijing, China to Lviv, Ukraine, from Adelaide, Australia to Beauharnois, Quebec. They use all kinds of tricks, but they’ve never gotten in and they never will.

This is not because I’m a cyber-genius who speaks binary code, but because WordPress is awesome. Sucuri, the plugin that keeps safe all of us Millennial Democrats, is likewise excellent. They care about their clients and they hold the same liberal values sacred that we do.

WordPress users should strongly consider using Sucuri, not least for the reverse IP trace it automatically performs. This has the benefit of letting you know a lot more about who’s trying to hack you. Sometimes it will tell you everything.

Once a flower store owner from Adelaide, Australia tried to hack us. By using a reverse IP trace, Sucuri let us know who she was as soon as she had done so. Then we went to a site called WhatismyIPaddress.com, put it in, and voila.

We were able to get the name of her business by looking at the name of her domain. We then used that to look her up, and jackpot. We found the store’s address, website, and owner. We also found far-right garbage smeared all over her life.

I could put her on blast right here with a screenshot like this one:

My (possibly) Chinese friend, saying hello to me again. Hi, buddy. Change your ways!
My (possibly) Chinese friend, saying hello to me again. Hi, buddy. Change your ways!

Then the hunter would rapidly become the hunted.

Luckily for her, I’m not that mean. But the next guy might be. It’s a dangerous game for newbies (noobs- learn your hacker-ese) to play. It’s easy to run into trouble.

Change your life, would-be hacker flower store owner! Mend your wicked ways, before it’s too late.

Speaking of WordPress, using the two-factor authentication feature they offer as part of their platform is another good idea. This is a highly effective security measure and is available for Facebook, Gmail, WordPress, and many other major platforms.

Using this feature means a second device’s input will be required to access email accounts or websites on new computers, usually by prompting you and sending an SMS code to your phone or whatever. This can prevent scammers from accessing compromised accounts.

In addition to good cyber-hygiene, which amounts to common sense, caution, and our three rules of thumb, there are some tools we can use to make our online experience safer still. You may find this necessary, from time to time.

A VPN, or virtual proxy network service, will allow you to register as being somewhere that you’re nowhere physically near. It allows you to safeguard your IP address. You do not want hackers to have your IP address, as it can be used to hurt you in a bewildering multitude of ways. This is probably the biggest reason to use a VPN.

Guccifer 2.0 recently made a mistake and forgot to turn his VPN on, and we connected him to an IP address connected to Russian intelligence. Now his whole identity is blown because he didn’t use his VPN.

We strongly recommend getting one of these, specifically IVPN. They take protecting their customers super seriously and they are located on the Rock of Gibraltar. That fortress strikes me as a good place to keep anything valuable.

HotspotShield is another good one, and also NordVPN. There’s a lot of them; shop around and find one that’s right for you. We feel it’s worth repeating that they are a very good investment.

Additional tools include TOR(The Onion Router), which offers a former naval encryption system that we can now all use. Tor takes all your internet traffic and routes it through its own network, providing total anonymity.

The DuckDuckGo browser, which Tor employs, is good to know about also. It has a number of different features that keep you safe, including a “Flame” feature that burns up all your cookies in a second. Pretty cool.

We suggest you learn Linux, because it is more secure, and 99% of viruses are designed to attack Microsoft products. 

Russian hackers have been targeting home routers of individual people en masse, using what is called a DNS attack. We suggest you check your home router often, using the website Secure Router.

Secure Router is a great free feature that allows you to check if your router has been compromised with the click of a button. Doing this regularly cannot hurt and takes less than a second.

In closing, it’s important to emphasize that this is an introductory piece, and not meant to be totally comprehensive. These techniques will do a lot to keep you safe, but nothing is a substitute for doing your own research.

So far, this has not been the kind of cyber war imagined in the past, with nations taking out each other’s power grids before a mass invasion, although Russian malware continues to turn up in our power stations.

It’s more like a new type of proxy war. Like it or not, against our will, we have begun a new phase of the Cold War, on digital battlefields where you meet the enemy directly, but behind a screen.

Now, just as then, there is a need for deterrence, to defend the nation and hopefully prevent a further escalation of tensions. There is more at stake than we can even put into words. We need to be ready.

There are bigger dangers here than the usual America vs. Russia, liberal world order vs the new world order that the extremist crazies keep screaming that they want kind of thing. This is different completely.

One superpower actively destroying the democratic process of another is new and very dangerous, especially since Russian destability tactics rely heavily on disinformation and a systematic devaluing of the truth.

If nothing is true, everything is permissible. And then our entire species starts down the road to guns and roving mobs.

Disinformation and a post-truth reality are unacceptable, and so is Russian interference into our election, regardless of how many Fox News devotees will slobberingly say otherwise.

We have only got one party ready to defend our democracy from the foreign agitators’ who are trying to destroy it, and that is the Democratic Party. Accept no substitutes.

Due diligence is the key. Hackers will look for things you might be neglecting. Get in some good habits and keep yourself alert, because it all comes down to one thing.

If you are politically active as a Democrat, you are not paranoid. You are a target. Defend yourself.

Democracy Must Defend- Russia Has Hacked Our Power Grids.

The cyber-war with the Russians may be about to enter a terrifying new phase. A series of highly sophisticated system penetrations at electric companies and nuclear plants this year has been discovered and traced back to a Russian hacking group.

Alternately called “Dragonfly” and “Energetic Bear”, this group has been involved in about 100 such breaches since the start of the year, half of them in the U.S., according to a new report from the system security firm Symantec.

This finding is worrisome in the extreme. Dragonfly is one of very few hacking groups with specific expertise in the power-grid systems that turn off and on circuit breakers.

A separate Russia-linked hacking operation has twice demonstrated the Kremlin’s ability and willingness to use that kind of expertise to cause electrical blackouts—once in December 2015, and a second time a year later, both in Ukraine.

Symantec believes the U.S. breaches may be moving into similar terrain. Simply stated, this means they can shut our power off and attack us, anytime they want.

“The original Dragonfly campaigns now appear to have been a more exploratory phase where the attackers were simply trying to gain access to the networks of targeted organizations,” the Symantec report concludes. Now, “the attackers may be entering into a new phase, with recent campaigns potentially providing them with access to operational systems, access that could be used for more disruptive purposes in future.”

Meanwhile, Russia has been holding a set of “strategic command exercises” called the Zapad war games that are looking an awful lot like a preparation for war this week, due to run until September 20. Moscow says almost 13,000 Russian and Belorussian service personnel are taking part.

NATO officials, however, have said they believe the exercises involve more troops than Moscow has disclosed. Complaints have been made about the lack of transparency regarding the exercise. It has long been feared that Russia has been planning to use virtual assaults on Western power-grids in order to pave the way for a sudden physical assault.

The world has been experiencing virtual assaults from Russia since April 27, 2007, the day known to history as the Estonian 9/11. They called it Web War One. The problem started over an old war soldier statue, like the Robert E. Lee statue that has caused so much trouble in Charlottesville. We have got to be careful when it comes to those old statues.

In the ten years that have followed, we have seen Russian attempts to disrupt and destabilize the affairs of other countries become more and more of a problem, culminating in their hacking of the United States 2016 presidential election. We have got to place a high priority on finding more effective forms of defense. 

In other parts of the world, most notably in Europe, they have been dealing with this problem a long time, and they have developed a number of systems we might look to as models.

The Czech Republic set up a team on Jan. 1. 2017.

The German Interior Ministry has proposed the creation of a “Center of Defense Against Disinformation.”

The Ukrainian organization StopFake.org has accomplished amazing results, tracking down and reverse-engineering Russian propaganda pieces. These have provided us key glimpses into how the Russian disinformation machine operates and what types of methods it uses. Incidents such as Brexit have ensured there will be no shortage of cases to study.

Russia has proven its ability to extend tentacles and roots with terrible speed, and it has done so all over the world in the wake of the massive disruption that has been Donald Trump. Its cyber-warfare apparatus is the digital upgrading of its Dezinformatsiya, or disinformation office, which was formed in 1923. Russia has been experimenting with campaigns of state-sanctioned lying for nearly a hundred years. This is a good thing to keep an eye on.

From the way Russia defines cyberwarfare, to its employment for strategic use, Russia has developed a big edge over its western counterparts. As James Wirtz, Dean of the Naval Postgraduate School in California, has noted, “Russia, more than any other nascent actor on the cyber stage, seems to have devised a way to integrate cyber warfare into a grand strategy capable of achieving political objectives.”

CIA chief Mike Pompeo recently said “It’s tough. You now have not only nation states trying to steal our stuff, but non-state, hostile intelligence services, well-funded. Folks like WikiLeaks, out there trying to steal American secrets, for the sole purpose of undermining the United States and her democracy.”

For all the trouble that Russia manages to cause, and for all its miles and hundreds of millions of citizens, it has an economy about as large as that of Italy. The state of California alone has an economy that is far more robust then Russia’s. In order to make Russia great again, Putin has to find a way to fix that. Redistribution of world wealth underneath his control is what he’s after.

The Russian cyber-warfare apparatus allows him an inexpensive and shockingly effective way to cripple, entangle, and do literal physical harm to the infrastructure of anything that opposes his will. 

To understand why these attacks on the rest of us are being committed by Russia, it helps to understand two factors. First, Russia’s domineering and abusive relationship with its former satellite stakes, most notably Ukraine, its largest neighbor to the west. Second, its need to develop a way to compete with NATO in a manner that doesn’t cripple its economy with excessive military expense. 

Nuclear deterrence is becoming obsolete, as mutually assured destruction is unpalatable even to the Russians, and new ways are being found to fight. The most ancient struggles for power and dominance are being played out in our very newest world. Cyberspace has become a very dangerous place, but it’s a place we all spend a lot of time in. Therein lies the crux of the problem. 

Donald Trump thinks that by not using email, he can protect himself from the dangers of a digital world. But no matter what he would like to think, the solution won’t be found by returning to the golden age of post-It notes and Rolodexes. The computer isn’t going away any more than the firearm.

It is the opinion of Millennial Democrats that going toward the future, U.S. policy should include the immediate and thorough modernizationof the U.S. Cyber Command. After last year, we should take the offensive. An overt, popular, and well- financed American cyber- force would overtake the efforts of the Russians within months.

As soon as our highest office has been vacated by the impeachment of Donald Trump, a man that Putin has been cultivating for five years and is the property of, it will be a top priority to attain world preeminence in this area as well.

America created the Internet, and that makes its governance our responsibility. We consider this a sacred duty, and we will not shirk in its upholding.

%d bloggers like this:
Skip to toolbar