In this episode of The Gate 15 Interview, Andy Jabbour talks with Michael Klein, a K-12 IT Director and a leader for CTI League’s Disinformation Team, and Lee Foster, Senior Manager, Information Operations Analysis, with FireEye Intelligence. The group discusses:
- What we mean by the terms “misinformation” and “disinformation;”
- Information operations with regard to the COVID-19 pandemic;
- Geopolitical and domestic political interests and issue manipulation;
- Election disinformation, past, present and future;
- Ideas on deepfakes and the use of Synthetic Media;
- And Andy manages to work in another musical reference…
Please enjoy this episode of The Gate 15 Interview on Anchor, Apple, Spotify, as well as other locations.
Mike Klein leads process and training work for the CTI League’s Disinformation Team. The Disinformation Team focuses on neutralizing and preventing disinformation operations related to COVID-19 or targeted at the healthcare sector. In his day job, Mike is the IT Director for a rural K-12 school district in New England. Previously, he led coaching and capacity building for a team of 12 educational consultants focused on change management and technology integration. Mike started his career as an elementary school teacher in Brooklyn and Harlem and was a founding teacher at a High Tech High school just south of San Diego.
Lee Foster is Senior Manager of Information Operations Analysis at FireEye Mandiant. Lee and his team specialize in identifying cyber-driven nation-state influence campaigns and non-state actor hacktivism. He holds Master’s degrees in Political Science and Intelligence & International Security, and is currently pursuing a third Master’s degree in analytics. Prior to FireEye, Lee previously worked in the field of political risk intelligence. Find Lee on Twitter: @LeeFosterIntel.
Find out more about FireEye and CTI League as well as a few initial links that were mentioned in our recording:
- CTI League.
- CTI League Inaugural Report (March 2020).
- FireEye Threat Research blog.
- FireEye: “Ghostwriter” influence campaign blog and report (PDF).
- Synthetic Media (deepfakes) and IO blog (released in conjunction with Lee’s talk at this year’s Black Hat).
- Gate 15’s Jorhena Thomas, Disinformation 2020: From Awareness to Action, 12 Aug.
- DHS CISA COVID-19 Disinformation Toolkit.
- DHS CISA: Disinformation Stops With You; You have the power to stop foreign influence operations (PDF).
- FBI’s Protected Voices Initiative.
- See below for more links to references mentioned in this podcast.
Additional FireEye reporting on Iranian influence operations, including the first public exposure of Iranian activity in this space:
- Suspected Iranian Influence Operation: Leveraging Inauthentic News Sites and Social Media Aimed at U.S., U.K., Other Audiences (PDF), 13 Jul 2018
- Suspected Iranian Influence Operation Leverages Network of Inauthentic News Sites & Social Media Targeting Audiences in U.S., UK, Latin America, Middle East, 21 Aug 2018
- Network of Social Media Accounts Impersonates U.S. Political Candidates, Leverages U.S. and Israeli Media in Support of Iranian Interests, 28 May 2019
- “Distinguished Impersonator” Information Operation That Previously Impersonated U.S. Politicians and Journalists on Social Media Leverages Fabricated U.S. Liberal Personas to Promote Iranian Interests, 12 Feb 2020
“Ahead of the 2020 U.S. elections, foreign states will continue to use covert and overt influence measures in their attempts to sway U.S. voters’ preferences and perspectives, shift U.S. policies, increase discord in the United States, and undermine the American people’s confidence in our democratic process. HE continues and specifically calls out China, Russia, and Iran.”– from “Election Threat Update for the American Public,” a statement from William Evanina, the Director of ODNI’s National Counterintelligence and Security Center, 07 Aug.
This Gate 15 Interview is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues. Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Anchor, Apple, Spotify, as well as other locations accessible from the Anchor link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:
- The Risk Roundtable, is a recurring monthly discussion among our team and occasional guests as we explore the all-hazards threats and risks impacting the United States and internationally.
- The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests.
- Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
- The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Twitter, LinkedIn or via email at: firstname.lastname@example.org.
Additional references for more information:
- On 06 July, Bleeping Computer, reporting on the Q2 2020 bulletin from Google, wrote, “Google banned 2500+ Chinese YouTube channels for disinformation” citing work from Google’s Threat Analysis Group (TAG), which was assisted in part by Lee’s colleagues at FireEye, they add “Google says that it took down multiple coordinated influence operation campaigns linked to China, Russia, Iran, and Tunisia.”
- NATO on Twitter: “Disinformation is sneaky and not always obvious. Know the facts, and think before sharing.” 22 Jul.
- In August, DHS published an FOUO product regarding Russian and Chinese COVID-19 Disinformation efforts.
- On 05 Aug, The Washington Post wrote “Facebook and Twitter on Wednesday took extraordinary action against President Trump for spreading coronavirus misinformation after his official and campaign accounts broke their rules, respectively. Facebook removed from Trump’s official account the post of a video clip from a Fox News interview in which he said children are “almost immune” from covid-19. Twitter required his Team Trump campaign account to delete a tweet with the same video, blocking it from tweeting in the interim.”
- On 06 Aug, the President signed the TikTok executive order, which cites, among other concerns, “this mobile application may also be used for disinformation campaigns that benefit the Chinese Communist Party, such as when TikTok videos spread debunked conspiracy theories about the origins of the 2019 Novel Coronavirus.”
- 07 Aug Forbes published, “From Russia With Lure: Why We’re Still Beset By Bots And Trolls Pushing Disinformation,” and discuss a keynote presentation at the Black Hat security conference from Renee DiResta, research manager at the Stanford Internet Observatory, who, Forbes writes, “offered a disinformation dissection that broke down how (Russia and China) have worked to exploit social media and what to watch for as the election nears.” Also relating to Russia, in July Graphika published Secondary Infection, which is a fascinating exploration into “a series of operations run by a large-scale, persistent threat actor from Russia that worked in parallel to the Internet Research Agency and the GRU…”
- Following the massive explosion in Beirut this month, Al Arabiya wrote, “Twitter has flagged a fake video showing doctored footage alleging that a missile struck the Port of Beirut moments before an explosion… caused mass destruction throughout the Lebanese capital city… A “manipulated media” label citing the Associated Press appears under the video that has been widely shared on Twitter and other social media platforms such as Facebook and WhatsApp.” 07 Aug.
- BleepingComputer: Reddit hit by coordinated hack promoting Trump’s reelection, 07 Aug.
- CyberScoop: 2020 is misinformation’s tipping point, 10 Aug.
- New York Times: A Bible Burning, a Russian News Agency and a Story Too Good to Check Out, 11 Aug.
- HS Today: Continued Transparency on Election Threats Critical for Defense, Says CISA’s Krebs, 11 Aug.
- Engadget: Facebook has removed 7 million posts for coronavirus misinformation, 11 Aug.
- Microsoft on Twitter: In a tweet on 12 Aug, Microsoft shared “Today @Microsoft and other technology companies participated in regular meetings with the U.S. government to coordinate on election security…”
- RiskIQ: ScamNation: Monetizing the Pandemic Through Partisan Content Farms and Subscription Traps, 12 ug.
- Avast: An elections security progress report: Black Hat edition, 12 Aug.