Disinformation And National Security
Weaponized information wields the unparalleled capacity to destabilize a target country’s peace, stability, democracy, and national security even without firing a single shot. This consistent with Chinese military strategist and philosopher, Sun Tzu’s concept of subduing the enemy without fighting. United States’ Army Gen. Paul Nakasone, who heads both NSA and Cyber Command, opined that ”Foreign adversaries have stepped up the use of information warfare to control populations since 2011 and the operations are one of the new threats in the digital age”.
How Disinformation Flips Elections, Impacts Democracy
Philippine’s controversial President Rodrigo Duterte’s inadvertently admitted that he used keyboard troll army to manipulate social media during 2016 campaign. “In Mexico, an estimated 75,000 automated accounts known colloquially as Peñabots have been employed to overwhelm political opposition on Twitter.” “When a new hashtag emerges to raise awareness about a protest or corruption scandal, government backers employ two methods to game the system in favor of President Enrique Peña Nieto.” In South Korea, an investigation found that state-sponsored disinformation operation during the country’s 2012 presidential election by the National Intelligence Service generated more than 1.2 million Twitter messages which supported now-impeached South Korean President Park Geun-Hye and while denigrating her rival in the election.
It is widely speculated that influence operations by Russia in tandem with Cambridge Analytica and Facebook data boosted Trump’s prospect during the US presidential election. Since 2010 political parties and governments have reportedly spent more than half a billion dollars on social-media manipulation. Disinformation and social media manipulation are now monetized (disinformation as a service (DaaS) and has become an essential component of electioneering worldwide. This new normal has morphed into a “guns for hire” professional service, as Professor Andrew Chadwick, Co-Director, New Political Communication Unit at Royal Holloway described it. UK parliament’s digital, culture, media and sport (DCMS) committee believes that democracy is at risk unless the government and regulators take urgent action to combat a growing crisis of data manipulation, disinformation, and so-called fake news. Explains why streetwise politicians assemble and bankroll retinue (social) media teams – cyber-warriors, spin-doctors, and Goebbels. Such subtle battle for hearts and minds can catapult an ‘unlikely’ candidate to power.
Writing on the activities of the Buhari Media Centre (BMC) which was recently rebranded as Buhari New Media Centre (BNMC), a Nigerian journalist, author, blogger and US-based professor, Dr. Farooq Kperogi, refers to the Buhari government as ”an absolute propagandocracy, that is, a government conducted by intentionally false and manipulative information”. Just recently, Demola Olarewaju, a political strategist and PDP member raised an alarm in a series of tweets about sinister plans by the BNMC to use bots and online trolls to attack his person. Demola advised handlers of the BNMC to rein in the bots else he would expose “minutes of meetings, letters requesting money, phone numbers, addresses, bank details, planned propaganda etc”.
Countering Weaponized Information, Fake News 2.0
Preparatory to the 2018 midterm elections in the US, social media companies scrambled to reassure the United States government that their platforms would not be abused by vested interests. Pursuant to what can be deemed ‘anti-disinformation as a service’ (AdaaS) provided by an enterprise cybersecurity company – FireEye, Facebook declared on August 21, 2018, that it took down 652 fake accounts. Twitter foiled and removed political influence social media campaigns allegedly originating from Russia. Similarly, Microsoft dismantled six phishing domains linked to Russian election hackers. Google reportedly took down 39 YouTube channels linked to Iranian influence campaign. Given the growing threat of weaponized information to national security, the British Army announced the creation of a new unit for psychological and social media warfare to help Britain “fight in the information age” and control the “narrative” of warfare. The United Kingdom recently set up a ”dedicated national security unit to tackle fake news and disinformation”. The equivalent in the United States is the ”Global Engagement Center (GEC)”, which is ”charged with leading the U.S. government’s efforts to counter propaganda and disinformation from international terrorist organizations and foreign countries”. Similar bodies established to counter weaponized information and hybrid threats include: the European Centre of Excellence for Countering Hybrid Threats (CoE) which was set up in Finland, aftermath of an agreement between eight European countries, the US, and NATO; EU’s East StratCom Task Force, NATO’s StratCom Center of Excellence, amongst others.
Egyptian President, Abdul Fattah al-Sisi recently ratified a law that seeks to monitor social media users in Egypt. This legislation empowers Egypt’s Supreme Council for Media Regulations the power to place people with more than 5,000 followers — on social media or with a personal blog or website — under supervision – and to suspend or block any personal account which “publishes or broadcasts fake news or anything [information] inciting violating the law, violence or hatred.” Those who administer or visit such websites, intentionally or “in error without a valid reason,” can now face jail time and fines. Not to be outdone, the Nigerian military says it now monitors social media for anti-government and anti-military information. Nigeria’s Minister of information and culture, Alhaji Lai Mohammed has since set up a ”National Campaign Against Fake News”.
Hacking Critical Election Infrastructure
Apart from weaponizing information and using social to hack hearts and minds, hacking critical election infrastructure is also doable. In 2016, hackers breached databases for election systems in Illinois and Arizona, in the United States. This explains why as part of proactive election security measure, 36 states in the US have deployed Albert Sensors, a cybersecurity detection system that could detect hacking attempts and send alerts to federal and state government agencies. If the United States which parades some of the best cybersecurity brasses and professionals, struggles to ward off cyber-attacks, one wonders the fate of Nigeria where a fire-brigade approach is a state policy. Interestingly, I read the Director General of Nigeria’s National Information Technology Development Agency (NITDA), Dr. Isa Pantami recently saying that the 2019 general elections may be disrupted if adequate information technology security measures were not put in place. Dr. Pantami raised the alarm at the 10th annual conference organised by Information Systems Audit and Control Association (ISACA), Abuja Chapter. He was quoted as saying, ‘’terrorists may disrupt the national elections by hacking into the voter registration database of the Independent National Electoral Commission (INEC)’’. Perhaps Nigeria should consider the aforesaid ‘’Sensors’’. It was reported that the Independent National Electoral Commission (INEC) will transmit the results of the results of the 2019 general elections from the 119,973 polling units nationwide electronically and in real-time through the Nigerian Communications Satellites Limited (NIGCOMSAT’s) satellite. Someone please remind them that commercial satellites can be hijacked. The Hackers News describes an incident where hackers, most notably the Turla APT (Advanced Persistent Threat) hijacked a commercial satellite.
As the defining 2019 general election approaches, Nigeria must ramp up cyber-defence capability and cybersecurity standards to counter weaponized information, disinformation and influence operations on our democratic process by domestic and foreign vested interests. The National Assembly must expedite passage of a robust data protection framework and privacy laws in Nigeria with a view to protecting citizen’s data from data breaches. The European Union GDPR (General Data Protection Regulation) is a classic template.