CIBs are the new APTs

Part 4 of 7 of our journey into one of the most crucial challenges of our time: the information warfare

  1. The fifth element of war
  2. The end of the “old wars”?
  3. From square to war
  4. CIBs are the new APTs
  5. The race for Cyber Superiority
  6. Information warfare in a multipolar world: European Union
  7. A place for ethics in information warfare?

In the cyber domain, experts are already familiar and actively responding to the “Advanced Persistent Threats” (APTs). They were originally used to describe cyber intrusions against military organizations. APTs have evolved and are no longer limited to the military domain. As highlighted in several large-scale security breaches, APTs have been targeting a wide range of industries and governments.

APTs are stealthy and deliberately slow-moving cyberattacks that aim to compromise interconnected information systems without revealing themselves. APTs often use various attack methods to initially get unauthorized system access and then gradually spread throughout the network. Thus Far, APTs have been considered the most challenging to detect and mitigate as they are rarely used to interrupt services, but primarily to steal intellectual property, sensitive internal business and legal documents, and other data. 

With the rise of social media, there is another threat that can target and defame individuals, sway elections, and undermine democracies around the world. Social Media giants such as Facebook have named this new threat Coordinated Inauthentic Behavior. Coordinated Inauthentic Behavior (CIB) is when groups of pages or people work together to mislead others about who they are or what they are or what they are doing. The individuals behind this activity generally pose locals in countries targeted by this campaign — often using fake accounts — and created fictitious personas to run Pages and Groups, disseminate their content, increase engagement and drive people to an off-platform domain. They managed Pages that masqueraded as local news organizations.

Because social media encompasses a diverse range of communication styles, from short messages to multimedia and immersive experiences, and connects a wide range of users in a wide range of societies, network complexity is a structural dimension. This makes social media a powerful multiplier of the destabilizing effects of distorted information. Its strengths (high connectivity, low latency, low cost of entry, multiple distribution points without intermediaries, and a total disregard for physical distance or national borders) become a liability in prevention and security. When we talk about influencing the online debate, we are therefore discussing “perception management” in an environment that is entirely non linear.

These features of cyber and social space are exploited by many different actors with the intent to incept and disseminate fake news and spread online manipulated content. The goal? Deceive, distract, and misinform public opinion, trashing the debate with diverging truths, which eventually disorient and corroborate a sense of doubt among the public or shape a specific target audience’s view on a particular issue. 

Given its ubiquitous nature, it is evident that social media has become more prevalent in information-based conflict, and its role has become more significant. 

Because the primary purpose of social media is to facilitate communication, its ability to serve as an impromptu command and control network or mass communication platform for psychological operations remains. Due to its influence in society being in flux, the final state of social media in information conflict is yet to be determined.

While digital sabotage aims to infiltrate, disorganize, disrupt or destroy a State’s functions, information warfare aims at misleading the opponent, discrediting its decision-makers, and disorienting and demoralizing the public and armed forces. This is reflected, for example, in the 2014 Russia’s Military Doctrine, the “New Generation War”, that includes a combination of hard and soft power across different domains and through the application of coordinated military, diplomatic and economic tools. In this context, informational attacks integrate all the other realms. “They are waged during peacetime and wartime in domestic, the adversary’s, and international media domains, and they are perceived as one of the most cost-effective tools of non-nuclear coercion, and an essential instrument to minimize kinetic engagements”. 
If operations in the information space are so critical, it’s still unclear what the escalation in directness, activity and scope can bring in terms of international security. That’s why governments are more and more oriented to include it in their global, “real world” strategies. At the 2016 Warsaw NATO Summit, Allies recognized that “cyberattacks present a clear challenge to the security of the Alliance and could be as harmful to modern societies as a conventional attack” and that cyberspace is a “domain of operations”.