Read on Twitter
Hi Twitter. I'm back to break this down and explain how governments conduct cyber influence operations in the context of 1. foreign intervention, 2. counterintelligence and 3. domestic propaganda. https://twitter.com/GeorginaMerhom/status/1278046420264722433
Influence operations are nothing new. They have been exercised since ancient times by individuals, groups, and states in all kinds of contexts. The information age has seen these influence operations migrate toward cyberspace, but the end goal has not changed.
Egypt has been a target to several cyber influence operations in the last year, two of which I personally investigated. Historically, our biggest national security threat has been foreign actors that capitalise on political unrest to create chaos, making it easier to infiltrate..
In Egypt, this type of cyber influence campaign usually has an Islamist undertone. The most recent significant influence operation of this kind was in September 2019 when spammers and terrorist groups exploited Egyptian protest hashtags on Twitter. https://monitoring.bbc.co.uk/product/c2013ul2
The most talked about cyber influence operation that undermined arguably the most powerful democracy, was Russia's alleged intervention in the 2016 US presidential race. https://money.cnn.com/2018/01/27/technology/business/russian-twitter-bots-election-2016/index.html
Counterintelligence operations target individuals with access to potential information on security procedures. Potential targets are not limited to but can include: policy advisors, public servants, government contractors, intelligence professionals... etc.
Do I suspect that @adeladawy could be targeted in a counterintelligence operation? Possibly. Adel publicly associates with government officials and high-ranking military officers. His social media accounts have been targeted by hundreds of bots coming from the same server.
Counterintelligence operations rely on the accessibility of targeted networks, credentials, or data to gain access to and manipulate protected information, technology, or personnel information. A publicly accessible target is a perfect starting point.
The last and most likely scenario to explain the hundreds of bots targeting @adeladawy's social media is that he's just collateral damage in an influence operation to control the narrative in Ethiopia by showing there's more support for #FillTheDam than there actually is.
Update: I’m putting together an infographic of the scraped data with information on geolocation and servers. Publically sharing evidence isn’t as simple as that. PS. It takes weeks for Twitter to catch up to exploits. Sometimes they don’t. (Ex. 2016 US presidential election)
