Foreign espionage and propaganda campaigns are as old as politics itself. Yet, many Americans were surprised (some are still in disbelief) to learn the extent to which adversarial nations conduct influence operations, like Russia’s influence campaigns during U.S. presidential elections.
Today, the U.S. faces increasingly complex and sophisticated threats from foreign governments exerting malign influence—covert actions to influence public sentiment and public discourse.
As recently as July 2022, the Justice Department unsealed an indictment against an individual working on behalf of Russian intelligence for “allegedly orchestrating a years-long foreign malign influence campaign that used various U.S. political groups to sow discord, spread pro-Russian propaganda, and interfere in elections within the United States.”
Foreign influence operations rose dramatically throughout the COVID-19 pandemic, according to the 2022 Digital Defense Report from Microsoft. The report highlighted that nation states most frequently targeted social media platforms controlled by U.S. technology companies to “distribute propaganda” to “erode trust, increase polarization, and threaten democratic processes.”
The report also explained how think tanks and NGOs, universities and academics, and government officials were the next most frequently targeted.
“These are desirable ‘soft targets’ for espionage to collect intelligence on geopolitical issues,” the report concluded.
On a technical level, many major U.S. technology companies already work together to support U.S. government efforts to counter foreign cyber intrusions. To combat foreign malign influence, the U.S. and its allies could take a page from this cyber strategy.
Cyberattacks in the digital space grew dramatically over the last two decades. Global ransomware costs have ballooned from $325 million in 2015 to $20 billion in 2021, a 57-fold increase in just six years, according to a June 2022 report from Cybersecurity Ventures, the publisher of Cybercrime Magazine.
To meet this threat, the U.S. government evolved and adapted. A key strategy was an early effort to develop institutional capabilities where businesses—which are often competitors—could share near real-time threats in the cyber domain. This development included the creation of Information Sharing and Analysis Centers in 1998. An Executive Order in 2015 expanded this to non-sector-specific Information Sharing and Analysis Organizations.
The success of these information sharing models led to the 2021 creation of the Joint Cyber Defense Collaborative within the Cybersecurity and Infrastructure Agency, which is part of the Department of Homeland Security.
The JCDC leads “integrated public-private sector cyber defense planning” by creating a “cybersecurity information fusion.” The collaborative has become an active information-sharing environment enabling cyber cooperation between the private sector, government (federal, state, local, tribal, and territorial) and international allies.
This cooperative model seemed a logical step because most attacks are against infrastructure created and owned by private companies, and these companies naturally have deeper technical knowledge of their software and systems.
Similarly, foreign influence operations also take place in public spaces that are privately-owned, primarily social media platforms. Despite this reality, however, no information-sharing space exists for private companies and the U.S. government to work together against the spread of disinformation on these networks.
The U.S. government needs a place to share information with the private sector on the tactics and techniques used by malign actors. While tech and social media companies compete against each other to build audience influence, they all suffer the burden of malicious actors trying to hijack that influence.
Efforts by foreign powers to spread disinformation generally occur across platforms simultaneously. A safe space for private companies to cooperate with each other would bolster their ability to collective thwart foreign influence operations and preserve the security of their networks.
Cyberspace Solarium Commission
The Cyberspace Solarium Commission, created by Congress to develop a strategic approach to defend against cyber attacks, published a report in 2020 calling for the formation of a Joint Collaborative Environment. The JCE is described as “a common and interoperable environment for the sharing and fusing of threat information, insight, and other relevant data across the federal government and between the public and private sectors.”
The JCE would create the dynamic environment to help facilitate information-sharing, while a JCDC branch devoted to foreign malign influence could organize stakeholders to respond to the threat.
All too often, analyses of cyberattacks focus strictly on the technical components of what is happening, while ignoring the broader context of why the attack is happening. By integrating foreign malign influence into existing cybersecurity infrastructure, the U.S. government can produce a comprehensive approach to the challenge.
David Rubin is a managing director for Deloitte Transactions and Business Analytics LLP, where he assists clients within the U.S. Intelligence Community, Department of Homeland Security and law enforcement.
Chris Weggeman is a retired U.S. Air Force Lieutenant General, where he led cyber mission forces at the U.S. Cyber Command (USCYBERCOM). He is a managing director for Deloitte & Touche LLP serving government and the public sector in cyber and strategic risk.
Have an opinion?
This article is an Op-Ed and the opinions expressed are those of the author. If you would like to respond, or have an editorial of your own you would like to submit, please email C4ISRNET and Federal Times Senior Managing Editor Cary O’Reilly.