An Official Announcement: Seizure of Domain Names and Social Media Accounts Linked to Russian Disinformation Campaign
The Justice Department has revealed a significant disruption in a major disinformation campaign orchestrated by Russian actors. This initiative involved the seizure of two domain names and the investigation of 968 social media accounts. These accounts were part of an AI-enhanced bot farm designed to spread disinformation both within the United States and internationally. The bot farm created fictitious social media profiles, often masquerading as American citizens, to promote messages aligning with Russian government objectives. The details of this operation were unveiled in recently unsealed affidavits.
The Joint Effort Against Cyber Disinformation
In a unified effort, the FBI and the Cyber National Mission Force (CNMF), in collaboration with the Canadian Centre for Cyber Security (CCCS), the Netherlands General Intelligence and Security Service (AIVD), the Netherlands Military Intelligence and Security Service (MIVD), and the Netherlands Police, have released a joint cybersecurity advisory. This advisory elucidates the technology behind the social media bot farm and provides insights into how the creators leveraged a custom AI system for their scheme. The advisory aims to assist social media platforms and researchers in identifying and preventing further misuse of this technology by the Russian government. Additionally, X Corp. (formerly Twitter) has voluntarily suspended the remaining bot accounts identified in the court documents due to terms of service violations.
Statements from Key Officials
Attorney General Merrick B. Garland emphasized the importance of this disruption, stating, “With these actions, the Justice Department has disrupted a Russian-government backed, AI-enabled propaganda campaign to use a bot farm to spread disinformation in the United States and abroad. As the Russian government continues its brutal war in Ukraine and threatens democracies around the world, the Justice Department will continue to deploy all of our legal authorities to counter Russian aggression and protect the American people.”
Deputy Attorney General Lisa Monaco echoed this sentiment, adding, “Today’s action demonstrates that the Justice Department and our partners will not tolerate Russian government actors and their agents deploying AI to sow disinformation and fuel division among Americans. As malign actors accelerate their criminal misuse of AI, the Justice Department will respond and we will prioritize disruptive actions with our international partners and the private sector. We will not hesitate to shut down bot farms, seize illegally obtained internet domains, and take the fight to our adversaries.”
The Technology Behind the Bot Farm
How AI Enhances Disinformation
According to court documents, a bot farm is a sophisticated software system that enables the creation of false personas on social media platforms. These bot farms are enhanced with AI components, such as image generation and text synthesis, to create more convincing fictitious profiles.
The Development and Operation
The affidavits reveal that the development of the social media bot farm was led by an individual identified in Russia, referred to as Individual A. In early 2022, Individual A was the deputy editor-in-chief at RT, a state-run Russian news organization. RT sought alternative methods for disseminating information beyond its traditional television news broadcasts. In response, Individual A spearheaded the development of software capable of creating and operating a social media bot farm. This initiative was executed by Individual B and other collaborators who concealed their identities and location by purchasing infrastructure for the bot farm in April 2022.
The Role of the Kremlin
By early 2023, with the approval and financial backing of the Presidential Administration of Russia (the Kremlin), a Russian FSB officer, referred to as FSB Officer 1, established a private intelligence organization (P.I.O.). The P.I.O. included employees from RT, including Individual A, and aimed to advance the FSB’s mission by spreading disinformation through the bot farm’s social media accounts.
Legal and Technical Details
Domain Seizures
The bot farm relied on private email servers, which utilized the two domain names seized by the FBI. By controlling these domain names, the actors were able to create email accounts that facilitated the registration of fictitious social media accounts. The domains “mlrtr.com” and “otanmail.com” were used to establish the email servers necessary for the bot farm’s operations.
Legal Violations
The FSB’s use of U.S.-based domain names for registering bots constitutes a violation of the International Emergency Economic Powers Act. Moreover, the payments made for this infrastructure breach federal money laundering laws.
Coordination with the Private Sector
The Justice Department has praised the cooperation of private sector entities in this disruption, including X Corp., which proactively suspended the identified bot accounts. Prior to the government’s intervention, X had already identified and suspended a significant number of these accounts.
Ongoing Investigations
The Justice Department continues its investigation, with efforts led by the National Security Division’s National Security Cyber Section, the U.S. Attorney’s Office for the District of Arizona, and the U.S. Attorney’s Office for the Northern District of Illinois. They are receiving substantial assistance from the National Security Division’s Counterintelligence and Export Control Section.
Case Prosecutions
Several individuals have already pleaded guilty in connection with related offenses. For instance:
- Nikolay Goltsev, 38, of Montreal, and Salimdzhon Nasriddinov, 53, of Brooklyn, New York, pleaded guilty to conspiracy to commit export control violations.
- Douglas Edward Robertson, 56, of Olathe, Kansas, the former vice president of KanRus Trading Company Inc., pleaded guilty to his role in a years-long conspiracy to circumvent U.S. export controls.
- Former Honduran President Juan Orlando Hernández, also known as JOH, was sentenced to 540 months in prison and 60 months of supervised release for cocaine importation.
Frequently Asked Questions (FAQs)
What is a social media bot farm?
A social media bot farm is an advanced software system that creates and manages multiple fictitious social media profiles to disseminate specific messages or disinformation.
How did the bot farm use AI?
The bot farm integrated AI components, such as image generation and text synthesis, to create more realistic and convincing fictitious profiles on social media platforms.
What domains were seized by the FBI?
The FBI seized the domains “mlrtr.com” and “otanmail.com,” which were used to establish email servers for the bot farm.
What laws did the FSB violate?
The FSB’s actions violated the International Emergency Economic Powers Act and federal money laundering laws.
How did X Corp. (formerly Twitter) contribute to this effort?
X Corp. voluntarily suspended the identified bot accounts for terms of service violations and had already suspended a significant number of these accounts before the government’s intervention.
Conclusion
The Justice Department’s recent actions have significantly disrupted a Russian government-backed AI-enabled disinformation campaign. This operation underscores the importance of international cooperation and the role of the private sector in combating cyber threats. The ongoing investigations and prosecutions highlight the Justice Department’s commitment to countering malign actors and protecting democratic processes. As technological advancements continue to evolve, so too will the strategies employed by law enforcement and their partners to safeguard the public from disinformation and cyber threats.
