Connect with us

Intelligence

Telegram: the Mighty Application that ISIS Loves

Ahmet S. Yayla, Ph.D.

Published

on

Authors: Ahmet S. Yayla & Anne Speckhard

[yt_dropcap type=”square” font=”” size=”14″ color=”#000″ background=”#fff” ] I [/yt_dropcap]SIS has been the most successful terrorist organization in history using social media and the Internet for distributing its propaganda, dissemination of its news and more importantly to communicate. There is no doubt that the frequency and quality of ISIS posts on the Internet, including their videos, memes and online journals are of a quality to make many professional editors and producers envious and they also receive much attention[1].

ISIS usually does not host its posts on dedicated servers but uses several free and open mediums including Google drive, Cloud.mail.ru, Yandesk, YouTube, Sendvid.com, Dailymotion.com, Drive.ms, Archive.org, Justpaste.it, Bitly.com and some other recent platforms. Of course, hosting is not enough; hosted posts need to be distributed to followers, the target audience and the public. At this point, several social media platforms including Facebook, Twitter, Telegram, WhatsApp, Google+, Instagram, Pinterest, Tumblr, Viber, and WeChat are utilized by ISIS to circulate their posts so that the target audience and public are made aware and can watch or read them by clicking on the web addresses posted to those mediums.

Among these social media platforms Twitter, YouTube, Facebook, Tumblr and Instagram were previously heavily utilized by ISIS, but since takedowns on these sites, ISIS currently favors Telegram where ISIS users maintain a presence in several different languages. ISIS has assigned administrators in several languages who are in charge of ISIS social media accounts including Telegram. When interviewing ISIS defectors[2], we also learned that female foreign fighters are specifically tasked for the administration of social media accounts, and they have special offices in Raqqa to carry out their tasks under the control of their emirs. A Belgian female defector recently recounted being recruited upon her arrival to ISIS to serve as an Internet seductress, a role she declined[3]. Indian police also told us that most of their ISIS recruitment occurs via the Internet and consists of female seducing males into the group[4]. Indeed, American Mohamad Khweis appears to have been seduced in this way, marrying his ISIS bride when he arrived to Istanbul and then traveling into ISIS territory with her[5].

At ICSVE, our researchers closely follow ISIS’s Telegram posts on a daily basis and download any relevant videos, journals, memes, pictures or anything else useful for our research. While the terrorist organization utilizes several different platforms to distribute their posts, the most reliable medium of late for their purposes has been the Telegram social media application. This is because other platforms usually quickly take down posts or shut down the accounts posting the links to these hosts. Hosting mediums also delete posts as soon as they realize they are ISIS content. As a result, Telegram has become the main social media platform for ISIS members and followers primarily because, so far, Telegram administrators do not usually shut down ISIS accounts, and when they do, the frequency is far less when compared to other social media accounts. For example, Twitter or Facebook take down ISIS accounts in a day or most two in many cases, and when the same account owners open new accounts, they block them even sooner. However, there are Telegram accounts opened or used by ISIS members that stay active for months or basically never get closed.

Telegram was launched in 2013 by two brothers, Nikolai and Pavel Durov, who also founded Russia’s largest social network Russian VK. The Telegram Messenger LLP is registered as an independent nonprofit company in Berlin, Germany. The founders claim that Telegram is “faster and safer” than other apps and more importantly the “messages sent through Telegram cannot be bugged by third parties.” [6] Indeed, Telegram is an encrypted social media application that is very difficult for law enforcement to penetrate or eavesdrop.

Apart from accounts not being closed as often as other ISIS social media accounts, there are two other advantages to ISIS for using Telegram. The first is that while in most cases the links to hosts are distributed in Telegram groups where there are several members or directly sent to individual accounts, they become useless as soon as the hosting companies realize they are ISIS posts and take them down, making them dead links. However, Telegram’s large file-hosting feature becomes very handy in this case because almost all files pushed through Telegram with links are also uploaded to the Telegram channels, and those files remain as long as the channels are open or the user who posts does not delete them. Therefore, even if a file is not available as a link, if it is uploaded to Telegram, it will exist there unless it is deleted or the channel is closed. Furthermore, Telegram allows uploading large files simultaneously consequently allowing the ISIS social media accounts to simultaneously upload videos with four or five different resolutions and sizes beginning from the largest to the smallest, such as a video in full HD from which would be 1.5 gigabytes to smaller resolution versions such as 800 megabytes, 500 megabytes, 200 megabytes and 50 megabytes. The smallest size versions would be for mobile devices.

The other advantage of Telegram is providing users a forum to be able to communicate in a secure way through a secure algorithm. While Telegram chat rooms are usually open to all members, one-to-one communications are secret and cannot be seen by others. There have been several attacks where it was later established that ISIS members communicated internationally about the attacks before they took place. For example, the Istanbul Reina club attacker got his orders from his Emir in Raqqa, Syria through Telegram and communicated over Telegram with his Emir both before and after the attack[7]. The same was true of the Paris attacks[8]. Telegram has thus become one of the main communication apparatus of ISIS, particularly with foreign fighters deployed outside of ISIS territories.

In addition to all these advantages, like all other applications, Telegram is convenient and mobile as it can be installed on cell phones, Windows PCs, and IOS computers, therefore, making it available on many different devices.

Joining Telegram is easy. The only requirement on the side of Telegram, to sign up, is having a cell phone number and verifying that number after the registration through a text message verification step. In some cases, some Internet proxy phones (phone accounts created over the Internet) work as well, omitting the requirement of a cell phone number as long as the Telegram system does not recognize the number provided as a proxy Internet number. Telegram, therefore, only requires a cell phone number to verify the user and once a user is verified, the user does not need to maintain the phone number, enabling users to use a number once to verify an account without the necessity to keep that number. In fact, the one of the cell phones ICSVE staff use to track ISIS telegram accounts was registered through a cell phone number and that number has been inactive since 2015, but the account has still been in use without any problems. This feature becomes a great tool for ISIS terrorists as they do not need to reveal their real identities or provide anything to be traced other than a phone number which they don’t need to maintain.

On the side of ISIS, in most cases, there is no vetting to join their public channels or groups, but private ones do vet potential members with a range of questions, sometimes having to do with the basics of Islam such as cleansing before prayer (wudu) etc. If ISIS members need to connect over the Telegram without physically being in touch, they either use other known members to reach and connect to the desired members or for their foreign fighters, they pre-arrange known passwords and indicators to vet the people they are communicating with to ensure the authenticity of the parties.

As a user interface, Telegram is no different than many other similar mediums such as WhatsApp and Twitter. When it comes to peer-to-peer communication, it is more like WhatsApp where users can message each other, share documents, links, videos and voice messages similar to the chat features of many social media platforms. There are even time stamps indicating when the messages were sent and if they were read or not. Telegram channels are a different from common social media groups as followers are not allowed to interact with the others in the channel openly unless authorized by the administrator. Members are only able to read and download posts shared in the channel unless they have permission for greater access. Posts flow on the timeline chronologically and with time stamps and an indicator “eye” acting as a counter showing how many times a post was downloaded by the channel members. Telegram groups, as opposed to channels, are just like other social media groups where members can interact with each other and their individual posts, therefore, making it possible to communicate with sometimes thousands of people at once. Based on our experience at ICSVE, several channels and individual accounts in the same languages are usually run by the same administrators, or there are a handful of administrators who appear to share the same posts simultaneously.

Reaching out on to ISIS members via Telegram channels is a significant challenge for beginners. First of all, as the Telegram application is installed, the application copies all the contact numbers on one’s cell phone and connects the users with any of his contacts who are already registered with Telegram. However, to connect with ISIS members, channels, or groups, the key is knowing what channels are ISIS channels and what their names or addresses are. ISIS usually does not require verification for its public channels, therefore if one knows the name or address of an ISIS channel, joining those channels is simple—locate the channel and click the join button. As soon as one joins a channel all that channel’s posts are available to the new user. For peer-to-peer communication, however, the users must know each other’s registered phone numbers or user names. If a user is not originally recorded in one’s downloaded phone connections, in order to connect with that user over Telegram, one of the users has to provide the other his registered cell phone number. This process is useful for ISIS foreign fighters operating abroad as they often switch phones and need to reconnect with their emirs or middlemen and can easily do so even with a new burner phone, using their original login credentials. ISIS members may also open accounts before traveling and exchange those accounts beforehand so when they need to use them they can easily install Telegram on whatever device they are currently using and log into Telegram with their credentials to communicate with their ISIS peers.

ISIS frequently posts on new and backup channels with different names for different purposes including: media and video sharing, book and journal sharing, news and daily updates, hisbah (morality police) office, accounts of personal well-known ISIS members, pamphlets and meme accounts, ISIS Amaq News Agency and several other channels or groups with different names. These lists are frequently shared on different social media platforms alerting users to subscribe to new or backup accounts in the case an account is closed or expected to be closed. While being banned and dropped in other social media mediums occurs to ISIS endorsers, supporters and distributors quite often, Telegram, as mentioned previously, does not frequently close ISIS accounts. However, the backup or spare ISIS channels usually function as a mirror of the original channel or simply are ready to be facilitated if an original channel is closed. ISIS cross shares the lists of their Telegram channels as they appear and reappear via different social media accounts. For example, they post their new or existing Telegram channel addresses on Twitter or Facebook, and then in their Telegram channels, they provide their Twitter, Facebook or Instagram account names and encourage their members to follow those accounts as well to be updated of any changes when channels are taken down. In that manner, they efficiently migrate their followers from Telegram channel to channel. ISIS social media administrators also often share bulk ISIS Telegram account lists both in regular social media and also in their Telegram channels, by which users are alerted to join channels or follow individuals simply clicking the links of those accounts. If someone starts to follow an ISIS Telegram account, it is thus very easy to update and enrich their ISIS network of account collections and lists by simply subscribing to the post lists or by following the users who post to the groups and simply by looking at the forwarded posts and reaching to the original post owners with a few clicks. Therefore, following or communicating with ISIS Telegram accounts is an easy task as long as one understands how they work and basically keeps following the posts to update their related contact lists. Even if one completely loses ISIS Telegram channels on Telegram, it is still easy to reach out to those channels again by simply following ISIS related Twitter and Facebook accounts.

ISIS users or administrators are not shy about their posts, and they are usually aware of the fact that many of their followers in the channels are not ISIS members, but are intelligence members or researchers. In fact, it happened several times with our ICSVE Twitter posts sharing some important incidents or updates from the ISIS Telegram channels we follow, that they would then openly post into the same channels saying “We know you are here and you are sharing our posts on your Twitter account. You are an infidel, and we don’t care if you are following us.” Strangely enough, ISIS administrators have never banned or blocked us from their channels thus far, perhaps enjoying the attention and being a threatening presence. Of course, there are strategies behind that as well. Simply put, the terrorist organization is using its Telegram channels to disseminate its propaganda and the narratives they would like to share, and they are aware of the fact that outsiders may be the ones who also become conduits for their shares to the outer world.

There are countless channels and groups on Telegram, not only related to ISIS but also to other Salafist-jihadi terrorist organizations as well. If one does not know the specifics of different terrorist organizations, one would very easily confuse other Salafist terrorist organization’s channels with ISIS channels as they promote very similar thinking. While ISIS dominates the Telegram terrorism cyber-space, other groups use the same medium as well and just like ISIS, maintain groups and channels in different languages, probably more than twenty.

One may witness a variety of things in ISIS channels. First of all, regular known ISIS channels or groups maintained by well-known recognized ISIS members such as Khilafah News, the Strangers, Mr. State, al-Firdaws English or Mr. Killer, share ISIS related breaking news, videos, memes, propaganda campaigns, brochures, new ISIS journals including Rumiyah and others, nasheeds, pictures or stories, or anything they would like to push. However, theme specific channels or groups only share related posts. For example, ISIS video channels would periodically post new or old ISIS videos in different resolutions or sizes, book channels would only post books or booklets mostly in pdf forms, news channels would only post news or news articles and so on. Therefore, based on the type of the channel or group, it is possible to reach and follow groups in different categories.

Another important feature of Telegram is being able to search the channels posts, group messages, individual messages or any kind of communications or posts in one’s account. This feature is available for both cell phone applications and the Web-based Telegram interface making it possible to reach any content by simply searching. This basically makes Telegram one of the largest free ISIS databases available to the public especially considering the fact that many other mediums including Google, YouTube, Twitter and Facebook are continuously taking down ISIS posts.

Telegram has enabled ISIS to create, without much effort, its grand propaganda machine to further its reach beyond it’s so-called “Caliphate” to the whole world with only the click of a button, pushing its new media content constantly and reaching to its targets momentarily, and most importantly communicating with its fighters abroad to direct them for new attacks or facilitate their operations in different countries[9]. The nature of the Telegram application with a secure algorithm providing protection from the outside world and making it almost impossible, or very difficult, for law enforcement to trace back to the original users, also has become a magnificent advantage for the terrorist organization in terms of the anonymity of its users and for carrying out terrorist operations via secure communications. These two qualities are the most valuable qualifications, or gifts, for a terrorist organization like ISIS. Thanks to Telegram, ISIS has now been using their application very heavily almost without any interruptions with great success when compared to other social media applications.

While other social media platforms have since 2014 taken strong stances to institute takedown policies when it comes to ISIS, the stand of the Telegram application when it comes to allowing ISIS to use its platform without interference is quite different and difficult to understand. Recently, Rob Wainwright, the director of Europol, European Union’s policing body, condemned Telegram owners for failing to join the fight against terrorism. Wainwright said that Telegram’s reluctance to work with anti-terrorist authorities was causing major problems[10] considering the fact that the application is in widespread use among the target population of ISIS.

Telegram has become the choice of the ISIS due to its specifications—providing secure encrypted communications and allowing users to share large files and act with their accounts operating with impunity. While Telegram administrators claim, they favor speech free of interference; it is time for the owners of Telegram to thoroughly consider the existence of ISIS presence and activities on their digital platform. Telegram has become the ultimate tool for the bloodiest terrorist organization in history, carrying and spreading its terrorist ideology around the world, recruiting and even directing cadres to carry out attacks globally. Recently, the families of the San Bernardino shooting sued Facebook, Google, and Twitter, claiming that these social media companies permitted ISIS to flourish on these social media platforms[11]. It may soon happen that Telegram will also have to deal with several legal actions as ISIS cadres continue to utilize their application for their terror operations and communications.

Reference for this Article: Yayla, Ahmet S. & Speckhard, Anne (May 5, 2017) Telegram: the Mighty Application that ISIS Loves, ICSVE Research Reports, http://www.icsve.org/brief-reports/telegram-the-mighty-application-that-isis-loves/

References

[1] Speckhard, Ph.D., Anne; Shajkovci, Ph.D., Ardian; and Yayla, Ph.D., Ahmet S.. “Defeating ISIS on the Battle Ground as well as in the Online Battle Space: Considerations of the “New Normal” and Available Online Weapons in the Struggle Ahead.” Journal of Strategic Security 9, no. 4 (2016): 1-10.

[2] Speckhard, A., & Yayla, A. S. (2016). ISIS Defectors: Inside Stories of the Terrorist Caliphate: Advances Press, LLC.

[3] Speckhard, Anne research interview Brussels, Belgium January 2017

[4] Speckhard, Anne research interview New Delhi, India March 8th, 2017

[5] Speckhard, Anne & Yayla, Ahmet S. (March 20, 2016) American ISIS Defector – Mohamad Jamal Khweis & the Threat Posed by “Clean-Skin” Terrorists: Unanswered Questions and Confirmations. ICSVE Brief Report http://www.icsve.org/american-isis-defector—mohamad-jamal-khweis-and-the-threat-of-clean-skin-terrorists-.html

[6] Editorial, “Russia’s Zuckerberg launches Telegram, a new instant messenger service,” Reuters, August 30, 2013, http://www.reuters.com/article/idUS74722569420130830

[7] Yayla, A.S., “The Reina Nightclub Attack and the Islamic State Threat to Turkey” CTC Sentinel, Combating Terrorism Center at West Point, Vol 10, Issue 3, pp. 9-16, March 2017.

[8] Evan Perez & Shimon Prokupecz, “First on CNN: Paris attackers likely used encrypted apps, officials say,” December 17, 2015, http://www.cnn.com/2015/12/17/politics/paris-attacks-terrorists-encryption/

[9] Speckhard, A., & Yayla, A. S. (2017). The ISIS Emni: The Origins and Inner Workings of ISIS’s Intelligence Apparatus. Perspectives on Terrorism, 11(1). Retrieved from http://www.terrorismanalysts.com/pt/index.php/pot/article/view/573

[10] Dominic Kennedy, “Message app used by Isis refuses to fight jihadists,” May 4, 2017, https://www.thetimes.co.uk/article/message-app-used-by-isis-refuses-to-fight-jihadists-jrddv7c93?utm_content=buffer2b755&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

[11] Dan Whitcomb, “Families of San Bernardino shooting sue Facebook, Google, Twitter,” May 4, 2017, http://www.reuters.com/article/us-sanbernardino-attack-lawsuit-idUSKBN1802SL

Ahmet S. Yayla is an assistant professor at the DeSales University Homeland Security Department and faculty member at Georgetown University School of Continuing Studies. He is also a research fellow at the Program on Extremism at the George Washington University. Dr. Yayla previously served as a full professor and the chair of the Department of Sociology at Harran University in Turkey. Dr. Yayla is a 20-year veteran of the counterterrorism and operations department in the Turkish National Police and served as the chief of counterterrorism in Sanliurfa, Turkey between 2010 and 2013.

Continue Reading
Comments

Intelligence

Strategy of Cyber Defense Structure in Political Theories

Sajad Abedi

Published

on

Since the principle of defense addresses a wide range of threats, it applies both in the field of justice and in the field of military and strategic affairs. But implementing cyber-defense is only recommended if the risks that can be identified have a direct impact on the security and even survival of a state, so each government is obliged to address any challenges that may arise. To eliminate it. Challenges of identifying the author or authors of an attack, estimating the likely impacts and reconstructions of the attack and setting targets, within the context of public networks and actors, distinguish cyberspace from other spaces in which defense is formed. Defense in cyberspace, while feasible, may not only be limited to existing actions, but unique concepts must be developed and presented.

In fact, some of the challenges in cyber defense are similar to those in other forms of defense. For example, the problem of identifying cyberattacks is reminiscent of the challenge of defending nuclear terrorism. Identifying the effects of a cyber-attack is very similar to identifying the effects of biological weapons. Also, the invisibility of computer weapons is, in many cases, very similar to the challenge posed by biological weapons.

Defensive methodological approaches can therefore be used to define some elements of cyber defense: against the threats of terrorism the concepts of “defense through denial” and “indirect defense” can be conceptualized against biological threats. Applied “symmetrical defense”.

In practice, however, we find that, although governments appear to be heavily dependent on computer systems for their deployment, they are not the same as those charged with using malicious equipment against computer systems. . For this reason, the impact of using cyber defense equipment against them is questionable. In fact, hacker groups that sell or lease knowledge or networks of infected machines to others, often to attack, plan malware or spyware or even to detect security flaws in systems, often the only things they need are a few (powerful) computers and an internet connection. So the question arises whether they can be prevented from doing so only by threatening to respond exclusively to cyber.

The need to establish a balance between action and response and the necessity of influencing the answer itself presents another challenge that must be met with the ability to ensure that the response is repeated and repeated as needed. Some experts believe that cyber defense can disrupt or temporarily disrupt a competitor’s activities, or temporarily disrupt the competitor’s activities, despite the physical (physical) measures that more or less neutralize the competitor; but none of the cyber solutions. It cannot lead to definitive neutralization of the threat.

In such a situation, the impact of the Aztemeric countermeasures point-by-point action cannot be ignored. Therefore, better enforcement of cyber defense against criminal groups – whose realization of financial interests is their top priority – can be resorted to by law enforcement (including actions aimed at the financial interests of the actors). Military responses can also be used if confronted with actors with little reliance on information technology.

Continue Reading

Intelligence

Achieving safety and security in an age of disruption and distrust

MD Staff

Published

on

The ability of citizens and businesses to go about their daily lives with a sense of safety and security is vital to prosperity, but citizens in many countries feel unsafe. Whether it’s because of inadequate responses to natural disasters, terrorist attacks, massive data breaches or the spread of disinformation, trust in governments’ ability to protect society is declining.

To address this requires a new, systemic approach to security that broadens its definition beyond defence and policing. Governments, local authorities and the private sector need to work closely together across all areas that contribute to security. PwC identifies four overlapping domains – physical, economic, digital and social — underpinned by trust, that form the foundation of a secure and prosperous society.

That’s the conclusion of PwC’s new report, Achieving safety and security in an age of disruption and distrust.Itchallenges the traditionally narrow view of physical safety and security, expanding the concept of what security means to include citizens’ basic needs; including food, water and utilities; and the organisations that deliver them.

The report draws on academic research* and case studies to show the necessity and benefits of a collaborative approach to security. It identifies the different elements that cause citizens and businesses to feel unsafe and the players, from private sector communications firms and infrastructure companies to security forces and non-governmental organisations, who need to work together to deliver security in all the domains.

Tony Peake, PwC Global Leader, Government and Public Services, says:“Unless you create a safe and secure environment in which people can go about their daily lives without fear, they won’t be able to work and sustain their families or carve out a decent standard of living.

The breadth of the challenge of delivering security has never been greater, requiring agility in response and innovation in prevention. And while security is a core task of governments, it can’t be achieved in isolation. It needs to be viewed holistically, with governments taking the lead in facilitating collaboration across organisations, sectors and territorial divides to deliver the security that is vital to a functioning society.”

The building blocks of security: physical, digital, social and economic

The report explains how these domains overlap and impact each other, adding to the complexity of delivering security. For example, economic security is closely tied to cyber security and thwarting data theft. Critical infrastructure services like telecommunications, power and transportation systems that rely on technology to operate must be secured both physically and digitally. Border control systems such as passport readers and iris scanning machines rely on digital interfaces that require cyber security.

Peter van Uhm, former Chief of Defence of the Armed Forces of the Netherlands, summarises in his foreword to the report:“It has become increasingly clear that delivering the safety and security that citizens and businesses need to prosper requires ever closer collaborations across borders, sectors and institutions. I learned that (re)building a failed state means realising that everything in a nation is interlinked and that it is all about the hearts and minds of the people. If you want the people to have trust in their society and faith in their future, safety and security in the broadest terms are the prerequisite.”

How governments can safeguard and protect citizens

PwC has identified six key actions that government leaders can take to develop a collaborative, systemic approach to delivering safety and security to their citizens:

1)    Take stock: look at the interplay of the different physical, digital, economic and social domains and spot any weak links across sectors.

2)    Identify and engage the right stakeholders and collaborate to develop a joint agenda and a national and/or local safety and security policy.

3)    Identify what each stakeholder needs to provide in the process and assess their level of interconnectedness to deliver safety and security, e.g. back-up systems for telecommunications failures.

4)    Work with leadership in the different overlapping domains and empower people in the right places to make decisions.

5)    Invest in leaders so that they are skilled in engaging the public and instilling a sense of trust.

6)    Manage carefully the trade-off of security with safeguarding personal data and citizens’ rights.

The recommendations for private sector firms and non-profit organisations include these steps:

1)    Work more closely with trusted governments to improve engagement and collaboration.

2)    Align organisational purpose with the broader societal safety and security agenda.

3)    Develop the capacity and capability to improve safety and security for stakeholders.

Examples of how this works in practice

Crisis readiness and response to a terrorist attack in Sweden

The 2017 Stockholm terrorist attack illustrates the need for collaboration between governments and non-profit partners. This attack was perpetrated by one individual who drove at high speed down a pedestrian street, killing five people and injuring 10 more. A scenario planning exercise between government and security agencies had been carried out several months before the attack and is credited with limiting the number of casualties and the swift arrest of the attacker.

Government authorities and the private sector collaborate to thwart cyber threat

A major cyber attack in Australia, dubbed Cloud Hopper, was identified and mitigated through close collaboration between cyber security experts in both the public and private sectors.

Continue Reading

Intelligence

War of shadows: The psychological and media dimension of future clashes

Giancarlo Elia Valori

Published

on

The Soviets called it “the shadow theatre”, i.e. the set of  psychological warfare techniques of the time, in the Cold War world.

Maskirovka, in particular, e.g. everything is camouflage, deception, real psychological warfare, disinformation.

 In fact, if we analyze the psywar techniques currently used, we realize that we are still at the Cretaceous period.

 No sectoral influence operations, no action on subjects or public targets, little knowledge of the new discoveries of social psychology and biopsychic evolution.

 The scenario of Western psywar operations is still not very brilliant.

 Obviously, explaining to the Defense Ministers of Western countries what these operation are about is a very difficult mission that few people would be able to accomplish successfully.

Actually, nowadays the old maskirovka is not the cover, the shell of real operations, but its true essence.

 Just as today’s industrial production is, above all, communication, induction of a certain behaviour, identification of a target of customers, development of a product that meets their psychological and symbolic needs, currently also war is above all maskirovka well before being military and destructive struggle.

 Nobody cares where engines are produced, which are now all the same, but certainly the market is interested in the symbolism of goods, in its evocative potential and in the ability to define the status of those who buy them.

Furthermore, in an old CIA manual, the Soviet “active measures” were defined and classified as follows: a) the Center gives the green light for a strategic disinformation campaign; b) the news, which is never entirely true or entirely false, is prepared and packed; c) the dezinformatsja news is disseminated abroad so as to later check the results.

The results are eminently practical: the “Euromissile battle” narrated by Michel Tatu, the long end of the Vietnam war, the management of Soviet foreign policy after the Helsinki Treaty.

 But that is not all: currently, the intelligence mainly consists of economic effects, which are continuous and complex. The shift from the Soviet “active measures” and from the political-military clash to the industrial one marks a large part of the post-Cold War period.

All true psychological warfare is active and proactive, but  the whole Western warfare doctrine is defensive and passive,  which means it does not exist.

Hence it is not necessary to wage war manumilitari, for the additional reason that the enemy’s enterprises and infrastructure will be good also for us. At a time when the value chains are now fully global, when cars are manufactured in Spain for the German market and in China for the Indian one – not to mention drugs, the active ingredients of which are produced in India for the French market and even in Mexico, but for the Canadian one.

 All contemporary intelligence, however, is targeted to the economic and technological resources of the possible enemy and operates – 24 hours a day – on the Web and also in the traditional media machinery.

Hence, those who win are not those who have the best weapons or the best products, but those who creates the best and most convincing storytelling around them.

 It is therefore useful to see how the old “shadow theatre” is being changed and perfected.

 This is what is needed in a situation of actual integration of all large companies, not only global but also national ones.

 In the field of social media, for example, the most widespread tactics are those of “selective censorship”, or the hacking of sensitive information, which becomes hegemonic in the common discourse, or even the manipulation of the Internet search algorithms, with a view to linking some content to other one, in a completely unreasonable way.

30-40% of the news that can be found online is designed to deceive at least some of the readers.

 Deception: not to mention something and tell the truth about everything else or, instead, to create a storytelling in which real things appear surrounded by completely fake data.

How so?

By changing the perception of facts, or the news about the facts, with strong or weak adjectives and nouns, or with universal symbols, and even with references to people or things of great fame, either negative or positive.

 15% is the average quota of experts taken out by the automated texts that can be found on the World Wide Web, while about 60% of all readers are usually put on the spot by the texts and news available on the Web.

 The Canadian Services have provided this statistics.

The operating techniques are now known to everybody: a) the Bot, a software that automatically operates on the Web, by selecting the content; b) the countermessage, indeed a message that offers the “true” or “fake” version of what has been said previously; 3) the Denial of Service (DOS), the temporary disruption of the Web for a certain user, and the  old Disinformation; 4) the Noise that covers the relevance of the data sequence useful for understanding a certain message; 5) the Search Engine Optimization (SEO), the optimization of the number of visitors to any website.

On the technical and ideological levels, there are other online practices that are used daily by the authors of Disinformation: a) the BOTs coordinated with each other, which create a series of cross-references that reinforce the (fake) news that is to be spread; b) the use of false Internet “domains” in which websites and content similar to those of the “enemy” are created; c) the use of e-mails or websites that are pirated and disseminate news opposite to those that the primary user would like to spread.

 Contradiction, lie, defamation.

  We are still at the old theme of the aria “La Calunnia” (“slander is a little breeze”) of the Barber of Seville, as well as the “flower duet” of Madama Butterfly, but all with a firepower that Rossini or Puccini could not even imagine.

There are two profound and conceptual limits to these operations. The first is that, in spite of all possible technological refinement, the basic psychological mechanisms are always the same: personal defamation by sexual or other means- just think of the “Tangentopoli” operation in Italy (the judiciary probe known as Bribesville)  at the end of the Cold War and, finally, of the elites’ structural inability to separate wheat from chaff,  news from disinformation.

 If we do something to help a government and then it falls into the trap of dezinformatsja, everything is useless. And this has often happened.

Ministers who tell you that they read it in the newspaper  “Corriere della Sera” (bravo!) or that it was whispered to them by some intelligence agents without any qualification – and hence you need to check whether, as Harlequin, they are Servants of two Masters. It has often happened.

Hence, in many cases, currently the maskirovka strikes back and negatively changes the decision-making of those who have carried it out.  The ruling classes that know it can save themselves, while the others and their countries are bound to become “servant of two masters” and, in any case, irrelevant.

 There are also the undesired effects.

For example, it happened that the reputation of a ruling class was tarnished by convincing citizens that all politicians were “dishonest and thieving” and later we needed to stabilize a country in disarray and adrift without a guide, possibly recovering some of those who had been dismissed as “thieves”, thus creating a cognitive dissonance with the previous message conveyed.

 However, how can we optimally develop the possibility of an IT attack (but not necessarily this type of attack only) on the decision-making system and on the public of a target country?

 The attack will be successful if, for example, there are no useful sources of good information.

 Without a reserve of serious, objective and truthful news and interpretations, the whole public and private system of security and education will fail in the long run.

 Another excellent condition to launch an attack is uncertainty: in a phase of financial, geopolitical, technological and even military insecurity, with terrorism any news – regardless of its importance -can generate  innumerable domino effects.

Probably those who maintain uncertainty have a return –  in this case mainly and economic and industrial one.

 Nor should we neglect the fact that, if there is a lack of  effective information available, the media channels can be bought and sold, infected by adverse agents and induced to acquire information only from certain sources, which are already compromised.

 If the commercial goal is the target and above all the audience, everything becomes possible for a foreign operator with bad intentions.

 No country, not even those which control the Web at best, is protected from similar operations.

With a view to keeping the situation under control – and this applies above all to those who deal with State Security – we need, at first,  to ascertain who makes disinformation.

Very often an individual or a private organisation.

 Then, obviously, the exact opposite must be done, but  preferably using different mechanisms of action: a similar  and possibly “fake” website in case of a Bot, or a personal attack if we are faced with a press campaign.

Hence never use the same usual means and mechanisms.

Generally, abstract and political motivations should not be overlooked: there are NGOs, States, political parties, and companies that usually keep on misinforming.

 And often they are not even traced by the intelligence Services.

 Obviously, there are also terrorists – but in this case we are talking about another communication system.

 Who can say, for example, that German cars are better than Italian ones? Yet it is common sense, albeit wrong.

Nowadays all the environmental propaganda consists of behaviours that favour some countries and companies instead of others. But no one tells you so.

Indeed, this is the real news.

 Fake news to be spread, of course, but also generic discontent and uncertainty.

 A mass perception that a great Portuguese poet, Pessoa, would have defined as desassosego (disquiet and restlessness).

 Obviously, it is even better to let all disinformation go on, with its parallel and unexpected processes, so as to see who makes it and what goals are pursued.

Usually such operations end quickly, but neither the perpetrator nor the victim knows their effects or duration.

Hence the primary goal of all dezinformacja techniques is  the partial or complete alteration of the perception of reality.

It is therefore essential to understand the divisions within the opponent’s field.

 Popular or elitist.

 If we believe that all enemies are the same, we operate for their propaganda and any operation of “psychological warfare” is always inhibited to us.

 An essential resource in this field is the conspiracy theory.

  The field of others is segmented, but the absolute uniqueness of those who generated the content we do not like or that harm us is assumed.

 A well-managed conspiracy manages to work well where few other maskirovka techniques do so.

Perfect for simplifying all matters, it immediately identifies the aim of each psywar: to find the enemy, either true or false.

 Another procedure is usually to use entities that everybody deems “third parties” to spread messages against the enemy (once again the current ecologism is full of examples in this regard) and then reinforce their message through other information sources: truth comes from repetition and the mind learns not from a single fact or event, or from a single person, but always from what Fritj of Capra called the mental ecosystem.

 The human brain is made in such a way that it tends to believe both in repetition, but also in similarity and homogeneity.

Our brain has evolved only among human groups already formed. It is not by chance that, unlike what happens to animals, our brain maturation must take place in a post-natal social, family and group context.

Otherwise – as Nietzsche said – to live alone, one must be either a beastor a god.

 Another factor not to be overlooked is that, as in all  Gestalt psychologies, what counts is not only what you see, but also what you do not see.

 As in the Rorschach test, the inkblots can be perceived either as a glass or two butterflies, but it is the outline, not the inside of the image that can suggest one answer or the other.

However, how can we counteract such an operation? Denial is always the best answer.

 But it is simple and repetitive, always prone to others’ psyops.

We can simply deny having received funding from a certain country.

Mere denial stops the game of cross-references and shadows that would develop if the victim of the operation were to dwell and go into explanations that 87% of the audience – on the Webor even in the old media, never follow. Those who justify themselves are always wrong.

Denial is used to make a quick fix, but it is certainly not a stable and definitive answer.

 Another technique is to defame and attack those who make  disinformation.

It works well, but once again it is a mechanism that does not last long.

 A disinformation campaign is never opposed with  temporary and limited makeshift interventions and stopgap  measures.

Dezinformatsja is always a potentially endless flow, to which we must respond by creating a state of mind (not  “news”, but a stable and possibly ungrounded mental state) that is always potentially and equally endless.

 It should also be added that our intelligence Services know nothing about these things. We are still focused on the  protection of redundant critical infrastructure and possibly even of selected military and information networks. Everything is even too obvious.

Nevertheless, how can we avoid the defamation of one of our most famous chocolate creams in China?

  Furthermore no one will be able to tell you what happens when there is defamation against our production system, as well as against our political system, which is, in fact, also a critical infrastructure.

 Goodness knows what happened to our rubber before Pirelli’s deal with ChemChina. And it was not China that took the first step.

 If we also study the issue of the F-35 fighter that was not acquired by the German Armed Forces, you will also understand the resulting weakness of Chancellor Merkel and her “heir”, as well as the short-lived successes of the Right, which always remains under the threat of being dismissed as neo-Nazi.

The neo-Nazis, however, were still pasture land mainly for the  Eastern and Russian intelligence Services.

Hence using the professional ignorance of our politicians to defame our intelligence Services –  as is currently happening – is certainly a perfectly orchestrated defamation operation.

 A cheap politician who uses the intelligence Services to protect himself is like the main character of the “Manuscript Found in Saragossa”, who files the silver ball he will put into the gun to commit suicide.

 In a different way and with different effects, Italy is drifting to a condition very similar to Great Britain’s in the  Brexit phase.

 A slow and subtle Italian destabilization, with a terrible and useless fragmentation of the voters and the political classes.

Nowadays in Italy there is a sort of geopolitical strike: the country is on the sidelines and reluctant to understand the reality of power relations and national interests.

In the case of the operations carried out by China, however, we have a completely different picture.

It should be recalled that, as early as 2014, China established the Central Leading Group for Internet Security and Informatization, chaired directly by Xi Jinping, in  addition to the Cyberspace Administration of China. The  Chinese leaders’ central idea is to make national sovereignty possible in cyberspace.

This is not easy, but it can be achieved with technological hegemony and strategic wisdom.

 Hence the importance of Huawei’s 5G  global fight and the concrete possibility of “controlling world innovation”, as some Chinese leaders say.

 Therefore, in the “war of shadows”, we currently have to deal with the great influence operations, which are actions of cognitive modification, i.e. actions to change the perceptions, behaviours and decisions of certain target groups, in the country to be influenced, which can be changed to the benefit of the acting Power.

 Or even very broad operations, which regard the whole  political audience.

Conversely, the “influence campaigns” are operations carried out by an adverse and alien Power that tend to put together various small-scale and sectoral influence actions, which may have common goals or, in any case, not contradictory and opposed goals.

 This means that through “influence operations”, we can influence the actions of the rulings class, as well as all or part of the public in a country, or the activities of an allied country.

Influence actions are always linked to strategic deception and the possibility of exploiting the enemy’s weaknesses, particularly those typical of moralism.

Currently moralism is a tool used by some countries against others.

Hence influence operations are certainly deception, but above all they mark a new Intention, or an Interference.

Nevertheless everything happens in the epistemic chain formed by single individuals, and then in the social or para-social sphere, characterized by the real relations among individuals, the real public sphere, the media, the elites, the “experts”, the scientific and technical system of a country.

Currently all Western media are ever weaker and often not very attentive to influence operations because they are subjected to a very fast change of technologies, as well as a quick commercial trend of the system. We are all market oriented in the short term, and currently all the influence operations made so far exploit above all the technological, legal and economic weaknesses of the various countries to reach their own aims.

 The vulnerability of the public is yet another issue. Considering the new technologies, there is not only the possibility for each psywar operator to change the perception of others’ world, but also to do so in a covert way. 

This applies to any Internet operator and any millennial kid.

 And that is what counts. One hundred “denials”, however developed, are always news.

 There is also a psychological problem.

The above mentioned evolution has not provided us with a brain that always seeks the objective truth of facts, but we have a cognitive system that finds an acceptable reality day by day.

Phylogenetically, the conformity to a group is more important than a subjective psychology that always seeks only truth, be it objective or linguistic.

In economics as in politics, free riders always have a hard life. And they are always those who define a new paradigm. Enzo Ferrari invented luxury sports cars against everything and everyone. Some pasta makers in Northern Italy discovered they could sell dried Italian pasta any where in the world.

Not to mention advanced technologies, where Italian companies were bought to be destroyed (Hewlett-Packard with Olivetti, for example) or to be put out of business, or the export of mass technologies, such as Piaggio in India.

Hence we often have to deal with the confirmation bias, i.e.  the psychological tendency to ignore information that goes against accepted beliefs, or with the creation of a protective apparatus against threats to identity and team spirit.

Therefore we have to do with a series of mass influence actions that are now typical:

a) Terrorism. Creation of fear, an essential element of influence operations, but also of the radicalization of certain themes. A primitive, but very effective solution. In this respect, just consider the case of Italy in the 1970s and in the 80s. The sword jihad is a different story, but often not dissimilar to that of “red” terrorism in Europe.

b) The operations of para-State organizations, i.e. criminal structures and vast organized crime. Or do you really think that the international crime organizations have been created and have become powerful on their own, like the Baron  Munchausen, who rescued himself from quicksand by pulling himself out at his own hair? All criminal organizations have always been influence instruments.

c) There are also hackers, who operate divided to strike together. Consciously or not, 78% of them are operators of the Powers that support their projects.

d) Not to mention hackers having only economic goals. After making money they, too, are not aware of the fact  they have resold their data to some countries, but not always those they like.

Hence how can you create a “narrative” for influence operations?

Nowadays you can certainly create a consistent, long, credible and wide-ranging storytelling.

Conversely, “negative” techniques tend to disrupt the narrative over a long period of time.

 There is also distraction, the creation of an external objective far from the themes discussed.

 Therefore, we propose to create an Agency or a unit of it   dealing with the disruption of influence operations which, before the end of the Cold War, Italy hosted like no other country in the world to later maintain its Kantian “minority status” in the following years.

 An Agency that can really carry out influence operations – actively, with no curbs and restraints other than the operational and technical ones.

Therefore, in terms of protection of Italy’s industrial values, patents, as well as “reputation” of the country and its brands, even the less famous ones, we are now almost at death’s door.

Hence it will be good to quickly reverse the course.

Continue Reading

Latest

Trending

Copyright © 2019 Modern Diplomacy