The mechanisms of cyber-enabled information campaigning

Effective information campaigns in cyberspace require three key steps: identifying divisive issues and communities that can be polarised; imitating and spreading that content within these specific groups; and amplifying these messages across social media platforms
Main Top Image
Image created with the assistance of Dall-E 2

Western interest in cyber-enabled influence operations (CEIOs) initially surged in the aftermath of Russian election meddling in the US presidential election in 2016 and has only gained momentum with the upcoming election megacycle in 2024. Revelations about the Russian Foreign Ministry’s plans to weaken Western adversaries, emphasising ‘offensive information campaigns’, highlight the importance of looking beyond specific operations to cyber-enabled influence campaigns (CEICs) for achieving strategic objectives. Campaigns are a series of linked sustained operations tied to a broader objective.

We recently discussed an analytical framework for understanding these cyber activities in Intelligence and National Security. An improved understanding of CEIOs and CEICs can help guide better policy and strategy design to counter them.

Exploiting division

The first step in countering ‘fake news’ or disinformation is understanding the mechanisms by which this information propagates. Much focus has been on remedies such as fact-checking and clarifying ‘truth’ vs. ‘lies’. These efforts neglect the fact that CEIOs may use information that is reasonably accurate but salient to opposing groups. This kind of divisive information requires a different counterstrategy.

From a national security perspective, the focus must be on CEICs (linked, sustained operations) that seek strategic-level impact, for example by undermining trust in the democratic institutions of a target country. Here, the veracity of a single information claim is much less important than the way a series of claims are circulated and weaponised in specific communities over an extended period.

The ubiquitous and fluid nature of cyberspace creates an environment ripe for technical and informational exploitation. The structure of the cyber strategic environment and the strategic choices that states are making, however, opens the door for a counterstrategy aimed both at weakening single operations and limiting, frustrating, and disrupting the capacity of adversaries to cumulatively link information operations into campaigns that can have a national security impact.

Russia’s leaked foreign policy concept lays out a campaigning orientation focused not on any single group or event but instead on sowing divisiveness. As part of the Washington Post’s analysis of these classified documents, Russia proposed to “continue to facilitate the coming to power of isolationist right-wing forces in America” and “enable the destabilization of Latin American countries and the rise to power of extremist forces on the far left and far right there”. Here, the goal is not to achieve direct ideological alignment with Russia—an element core to Soviet-era influence campaigns—but to create a concerted and sustained campaign to inflame extremes at both ends of the political spectrum.

This seems consistent with other published Russian documents calling for targeting a “coalition of unfriendly countries” by “finding the vulnerable points of their external and internal policies with the aim of developing practical steps to weaken Russia’s opponents.”

Russia’s greatest concern is the cohesion of effort across Western democracies. In military terms, a coherent West might mean heavy losses in Ukraine and expansion of the NATO alliance. In terms of economic coercion, a strong West might be able to sustain and weather sanctions despite negative spillover impact, tipping the cost-benefit balance against the Russian economy over time.

With Moscow’s limited and diminishing capability to use direct military or economic levers for strategic gain, cyberspace has become an increasingly vital environment for competition and contestation. If Russia is to level the playing field, the country will need to exploit any fissures that exist in Western cohesion.

Identify, imitate, amplify

We argue that cyber-enabled information campaigns follow a core pattern comprising three steps, what we refer to as the Identification-Imitation-Amplification (IIA) loop. In the first step, a foreign adversary identifies divisive issues and communities that can be exploited and polarised. Second, facilitated by the anonymity achievable in cyberspace, the CEIC initiator hides their identity, poses as a member of the target community, and shares divisive messaging. In the final step, these messages are shared within and across social media platforms.

Cyber-enabled divisive campaigns are most powerful in Western societies when they capitalise on core democratic ideals of freedom of speech and trust. These campaigns can exploit the differing opinions inherent in an open society and use them to undermine overall trust in the institutions and mechanisms built to allow those differences to coexist.

The House divided

We can use a recent case study from US politics to illustrate the power of CEICs: congressional support for supplying arms to Ukraine. In February 2022, when the Russian invasion commenced, Congress voted almost unanimously to provide aid. Two years later, in April 2024, most Republicans opposed the funding.

Two things are instructive about this shift. One is that the Republican Chairman of the US House of Representatives Intelligence Committee and the Chairman of the House Armed Services Committee explicitly accused other Republicans of spreading Russian propaganda on the floor of Congress.

Even more significant is that opposition to Ukrainian funding is framed not in simple fiscal terms but in trust terms—that the Biden administration is selling out American security. The divisiveness rests on questioning the loyalty of the president and those “RINOs” (Republicans in name only) selling out the country rather than on any specific policy disagreement. Funding Ukraine is now a question of internal institutional trust rather than military spending or external alliance-building.

However, this may not be such a clear-cut case of disinformation as implied by the Republican chairman. Our IIA framework concludes that the key to a successful divisive campaign is to identify information that is salient to the target audience, imitate it to ground the salience and then amplify the message. CEICs circulate information already present within a specific community rather than relying on planting and spreading new information. This is what makes it so effective as a source of divisiveness. For example, a recent article in Foreign Affairs shows that Russian disinformation actually “echoes talking points by the American far right, and not the other way around.”

Protecting trust

We are entering a strategic competition in which the battle is over divisiveness versus democratic cohesion of effort, both internally at the national level and internationally among allies and partners.

Scholars and policymakers need to better understand the imitation and amplification mechanisms used to sow division, beginning by addressing the role of information technology platforms. Through well-orchestrated campaigns, platforms can create or reinforce beliefs, which can then be leveraged to further widen schisms in Western society.

The recent US action against TikTok is an example of what happens when countries play catch-up in countering the potential of divisive cyber campaigns. This legislation is an important attempt to reduce opportunities for CEICs at the platform level. However, such action will fall short if better counter-campaigning against the IIA loop of CEICs does not emerge. Private sector companies will need to reexamine their roles and responsibilities in democratic societies. Simultaneously, governments will need to facilitate more direct engagement with citizens to renew and rebuild institutional trust.

The power to influence is not ultimately in spreading (dis-) information per se but in queuing specific individuals to receive the information one wants to spread. Acknowledging and correctly understanding what we are up against is a necessary first step to any effective counterstrategy to maintain democratic resilience in a dynamic cyber-enabled information space.

Terms & Conditions

Terms and Conditions for the AI-Cybersecurity Essay Prize Competition

  1. Introduction

The AI-Cybersecurity Essay Prize Competition (the “Competition”) is organized by the European Cyber Conflict Research Incubator (“ECCRI CIC”) in partnership with the Munich Security Conference (“MSC”). It is sponsored by Google (the “Sponsor”). By entering the Competition, participants agree to these Terms and Conditions (T&Cs).

  1. Eligibility

The Competition is open to individuals worldwide who are experts in the fields of cybersecurity and artificial intelligence (“AI”). Participants must ensure that their participation complies with local laws and regulations.

  1. Submission Guidelines

Essays must address the question: “How will Artificial Intelligence change cybersecurity, and what are the implications for Europe? Discuss potential strategies that policymakers can adopt to navigate these changes.”

Submissions must be original, unpublished works between 800-1200 words, excluding footnotes but including hyperlinks for references.

Essays must be submitted by 15 December 2024, 00:00 am CET., through the official submission portal provided by ECCRI CIC.

Only single-authored essays are accepted. Co-authored submissions will not be considered.

Participants are responsible for ensuring their submissions do not infringe upon the intellectual property rights of third parties.

  1. Judging and Awards

Essays will be judged based on insightfulness, relevance, originality, clarity, and evidence by a review board comprising distinguished figures from academia, industry, and government.

The decision of the review board is final and binding in all matters related to the Competition.

Prizes are as follows: 1st Place: €10,000; Runner-Up: €5,000; 3rd Place: €2,500; 4th-5th Places: €1,000 each. The winner will also be invited to attend The Munich Security Conference

  1. Intellectual Property Rights

The author retains ownership of the submitted essay.

By submitting the essay, the author grants ECCRI CIC exclusive, royalty-free rights to use, reproduce, publish, distribute, and display the essay for purposes related to the Competition, including but not limited to educational, promotional, and research-related activities. 

The author represents, warrants, and agrees that no essay submitted as part of the essay prize competition violates or infringes upon the rights of any third party, including copyright, trademark, privacy, publicity, or other personal or proprietary rights, breaches, or conflicts with any obligation, such as a confidentiality obligation, or contains libellous, defamatory, or otherwise unlawful material.

The author agrees that the organizers can use your name (or your pseudonym) and an image of you in association with your essay for purposes of publicity, promotion and any other activity related to the exercise of its rights under these Terms.

The organizers may remove any essay-related content from its platforms at any time and without explanation.

The organizers may block contributions from particular email or IP addresses without notice or explanation.

The organizers may enable advertising on its platforms and associated social media accounts, including in connection with the display of your essay. The organizers may also use your Material to promote its products and services.

The organizers may, at its sole discretion, categorise Material, whether by means of ranking according to popularity or by any other criteria.

  1. Data Protection

Personal information collected in connection with the Competition will be processed in accordance with Virtual Routes’ Privacy Policy. Participants agree to the collection, processing, and storage of their personal data for the purposes of the Competition.

  1. Liability and Indemnity

ECCRI CIC, MSC, and the Sponsor will not be liable for any damages arising from participation in the Competition, except where prohibited by law.

Participants agree to indemnify ECCRI CIC, MSC, and the Sponsor against any claims, damages, or losses resulting from a breach of these T&Cs.

  1. General Conditions

ECCRI CIC reserves the right to cancel, suspend, or modify the Competition or these T&Cs if fraud, technical failures, or any other factor beyond ECCRI CIC’s reasonable control impairs the integrity or proper functioning of the Competition, as determined by ECCRI CIC in its sole discretion.

Any attempt by any person to deliberately undermine the legitimate operation of the Competition may be a violation of criminal and civil law, and, should such an attempt be made, ECCRI CIC reserves the right to seek damages from any such person to the fullest extent permitted by law.

  1. Governing Law

These Terms and Conditions are governed by the laws of the United Kingdom, without regard to its conflict of law principles. Any dispute arising out of or in connection with these Terms and Conditions, including any question regarding its existence, validity, or termination, shall be referred to and finally resolved by the courts of the United Kingdom. The participants agree to submit to the exclusive jurisdiction of the courts located in the United Kingdom for the resolution of all disputes arising from or related to these Terms and Conditions or the Competition.