Special Counsel Mueller’s redacted report highlights the Russian government’s “sweeping and systematic interference” in the 2016 U.S. presidential election, through disinformation and hacking operations. Details of that effort were already known – thanks in large part to Special Counsel Mueller, the Department of Justice, the U.S. Intelligence Community, the Senate Select Committee on Intelligence, and the investigative reporting of numerous journalists.
There are four key things to know, about which the report deepened our understanding:
First, using its infamous troll farm, the Internet Research Agency (IRA), the Russian government also sought to turn online influence into offline action. Russian operatives sought to draw real Americans into the streets. By impersonating American citizens and infiltrating activist communities, IRA operatives engaged with real Americans to organize numerous protests and rallies ahead of the 2016 election – and crucially, after it. As Mueller’s report reveals, IRA operatives used their substantial social media following to build credibility – sending direct messages to followers encouraging them to attend events. They also solicited the help of unwitting U.S. citizens to organize and manage the events, later promoting the events on social media with pictures and videos. We now know that the rallies numbered in the dozens, and that they began as early as 2015 – earlier than previously thought. Some events drew hundreds of supporters. A series of rallies in Florida caught the attention of the Trump campaign, which promoted one of them on social media, unaware that it had been organized by troll farm operatives thousands of miles away in Moscow. What begins online does not stay there.
Second, as part of its hacking operations, Russia’s military intelligence agency (GRU) aimed to penetrate U.S. state election systems, in addition to targeting political campaigns. Mueller’s report confirms earlier claims that Russian hackers “compromised” a computer network run by the Illinois State Board of Elections by exploiting a vulnerability in its website. It also provides new evidence that, through spearphishing, the GRU infiltrated the computer system of at least one Florida county government. Florida’s Department of State issued a statement that it had “no knowledge or evidence of any successful hacking attempt at the county level during the 2016 elections,” and that when it contacted the FBI to learn more about the episode, the FBI declined to share details. The episode illustrates persistent gaps in information sharing and coordination between levels of government. Special Counsel Mueller’s report also revealed that Russian intelligence targeted U.S. technology companies that manufacture and administer election-related software and hardware, including voter registration software and electronic polling stations – a more extensive effort than previously made public. (That Russia targeted a specific vendor that created software for verifying voter registration information was previously known). These revelations speak to the need for adopting cybersecurity standards for electoral infrastructure, upgrading outdated infrastructure, ensuring that pertinent information is declassified quickly and appropriately so that it can be shared with relevant parties, and building a national classified cyber information-sharing network that is accessible to cleared personnel of private companies, among other measures.
Third, the Russian government understood journalists and the media could play a role in amplifying weaponized information. Special Counsel Mueller’s report includes several examples of efforts by GRU-personas Guccifer 2.0 and DCLeaks to provide reporters exclusive access to emails stolen by Russian intelligence. Journalists facilitated the spread of weaponized information by reporting on the contents of those leaks without adequately contextualizing them. News outlets inadvertently amplified Russian disinformation by citing IRA tweets as sources of public opinion. All but one of 33 major American news outlets used information from Twitter accounts later revealed to be controlled by the IRA. To avoid playing an unintentional role in information warfare, media organizations can establish simple procedures for verifying which social media posts to feature, and when data dumps occur, consider covering the dump as a story itself.
Fourth, the Russian effort targeted U.S. audiences on both sides of the political spectrum, often in key swing states, with tailored content designed to divide. As we know from previous revelations, the IRA specifically tailored its narratives to reach key American audiences on both the political left and right, including Black Lives Matter activists and Second Amendment advocates. The IRA purchased social media advertisements containing divisive content and used micro-targeting to market them to these communities. IRA employees were instructed to frame their posts to elicit emotional responses from American citizens and timed their activity to facilitate maximum engagement from particular groups. We already knew that as part of this targeting effort, the IRA focused on key swing states ahead of the election in organizing rallies and events. We now know that Russian military intelligence organized its leaks, too, around “specific states (e.g., Florida and Pennsylvania) that were perceived as competitive” in the 2016 election. Overall, Russian government targeting of U.S. citizens was sophisticated, focused on reaching particular demographic groups with divisive narratives tailored to harden beliefs.
Special Counsel Mueller’s investigation contributed significantly to the American public’s understanding of Russia’s ongoing interference efforts. As our colleagues have written “acknowledging and understanding the threat is important, but only half the battle.” It is long past time for our elected officials – on both sides of the aisle and at all levels of government – to take meaningful steps to deter future attacks and build resilience against them.