FOGINT: Russia Reveals How Important Telegram Is to Its Propaganda Program

January 8, 2025

Hopping Dino_thumb_thumb_thumb_thumb_thumb_thumbThis is an official dinobaby post. No smart software involved in this blog post.

Telegram that messaging service is important to Russia’s European propaganda efforts. Russia suggested that Telegram block messages from the Ukrainian government to Russians using Telegram April 2024. The filtering was big news in Ukraine; in the US, the Telegram action was lost in the cacophony of 24×7 digital information flows. This means that few Americans knew or cared about this Telegram acquiescence to the Kremlin.

A number of news outlets have reported that Telegram is more important to the Putin regime than many realized. Jurist.org reported in “Russia Threatens Retaliation Over Blocking of State Media Telegram Channels Across EU.” The write up states:

Russia’s Ministry of Foreign Affairs said that users attempting to access the Telegram channels of Russian state broadcasters, including RIA Novosti, Izvestia and RT, are being notified of limited access in the EU. Russia characterized the blockage as “political censorship” in violation of international obligations on free information access. Moscow warned that “specialized international organizations should duly evaluate these actions” and demanded a response from UN human rights mechanisms and UNESCO leadership.

The Jurist article adds:

This latest dispute over media access follows a pattern of escalating restrictions between Russia and the EU since Russia launched its full-scale invasion of Ukraine in February 2022. The war prompted the EU to impose massive and unprecedented sanctions against Russia, including restrictions on state media outlets accused of spreading propaganda. In June 2024, Russia blocked access to 81 European media websites from 25 European countries, affecting outlets like France’s Agence France-Presse (AFP), Le Monde, and Liberation. This action came after the EU banned four Russian state media outlets in May 2024. The EU accused the outlets Voice of Europe, RIA Novosti, Izvestia, and Rossiyskaya Gazeta of disseminating propaganda about the war in Ukraine.

The question the article does not address is, “What are the likely retaliatory measures?” Russia has blocked major European news Web sites, including Der Spiegel and El Pais, among others. Mr. Putin’s “threats” have been characterized as verbal assertions, not cyber attacks designed to cripple key EU countries or direct kinetic action against the United Kingdom.

Several observations are warranted:

  1. Telegram is a big player for Russia’s propaganda machine
  2. The Kremlin’s grousing makes it clear that some Telegram marketing verbiage is baloney when asserting that the organization operates without compromising “freedom of speech”
  3. The frantic push by Telegram in the crypto space can be interpreted as part of the Russia-supported effort to undermine the US dollar and get around sanctions imposed on Russia as a consequence of the three-year special operation.

Net net: Telegram warrants close observation in 2025.

Stephen E Arnold, January 8, 2025

Identifying Misinformation: A Task Not Yet Mastered

January 8, 2025

Hopping Dino_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumbThis is an official dinobaby post. No smart software involved in this blog post.

On New Year’s eve the US Department of Treasury issued a news release about Russian interference in the recent US presidential election. Tucked into the document “Treasury Sanctions Entities in Iran and Russia That Attempted to Interfere in the U.S. 2024 Election” was this passage:

GRU-AFFILIATED ENTITY USES ARTIFICIAL INTELLIGENCE TOOLS TO INTERFERE IN THE U.S. 2024 ELECTION

The Moscow-based Center for Geopolitical Expertise (CGE), founded by OFAC-designated [Office of Foreign Asset Control — Editor] Aleksandr Dugin, directs and subsidizes the creation and publication of deepfakes and circulated disinformation about candidates in the U.S. 2024 general election. CGE personnel work directly with a GRU unit that oversees sabotage, political interference operations, and cyberwarfare targeting the West. Since at least 2024, a GRU officer and CGE affiliate directed CGE Director Valery Mikhaylovich Korovin (Korovin) and other CGE personnel to carry out various influence operations targeting the U.S. 2024 presidential election. At the direction of, and with financial support from, the GRU, CGE and its personnel used generative AI tools to quickly create disinformation that would be distributed across a massive network of websites designed to imitate legitimate news outlets to create false corroboration between the stories, as well as to obfuscate their Russian origin. CGE built a server that hosts the generative AI tools and associated AI-created content, in order to avoid foreign web-hosting services that would block their activity. The GRU provided CGE and a network of U.S.-based facilitators with financial support to: build and maintain its AI-support server; maintain a network of at least 100 websites used in its disinformation operations; and contribute to the rent cost of the apartment where the server is housed. Korovin played a key role in coordinating financial support from the GRU to his employees and U.S.-based facilitators. In addition to using generative AI to construct and disseminate disinformation targeting the U.S. electorate in the lead up to the U.S. 2024 general election, CGE also manipulated a video it used to produce baseless accusations concerning a 2024 vice presidential candidate in an effort to sow discord amongst the U.S. electorate. Today, OFAC is designating CGE and Korovin pursuant to E.O. 13848 for having directly or indirectly engaged in, sponsored, concealed, or otherwise been complicit in foreign malign influence in the 2024 U.S. election. Additionally, OFAC is designating CGE pursuant to E.O. 13694, as amended, E.O. 14024, and section 224 of the Countering America’s Adversaries Through Sanctions Act of 2017 (CAATSA) for being owned or controlled by, or having acted or purported to act for or on behalf of, directly or indirectly, the GRU, a person whose property and interests in property are blocked pursuant to E.O. 13694, as amended, E.O. 14024, and section 224 of CAATSA.  OFAC is also designating Korovin pursuant to E.O. 14024 for being or having been a leader, official, senior executive officer, or member of the board of directors of CGE, a person whose property and interests in property are blocked pursuant to E.O. 14024.

Several questions arise:

  1. Was the smart software open source or commercial? What model or models powered the misinformation effort?
  2. What functions could intermediaries / service providers add to their existing systems to identify and block the actions of an adversary’s operative? (Obviously existing software to identify “fake” content do not work particularly well.)
  3. What safeguard standards can be used to prevent misuse of smart software? Are safeguard standards possible or too difficult to implement in a “run fast and break things” setting?
  4. What procedures and specialized software are required to provide security professionals with a reliable early warning system? The fact of this interference illustrates that the much-hyped cyber alert services do not function in a way sufficiently accurate to deal with willful misinformation “factories.”

Stephen E Arnold, January 8, 2025

UK The Register Emits News of Chinese Cyber Excreta

January 8, 2025

Hopping Dino_thumb_thumb_thumb_thumbThis is an official dinobaby post. No smart software involved in this blog post.

I loved this write up from the UK’s The Register online information service: “China’s Cyber Intrusions Took a Sinister Turn in 2024.” The write up gathers together some notable cyber events and links them to the Middle Kingdom. Examples include:

  1. Router exploits
  2. Compromising infrastructure of major American cities
  3. The exfiltration of data from US telephony companies

The write up includes the zippy names cyber security researchers give these exploits and their perpetrators; for example, Volt Typhoon and Vanguard Panda.

Perhaps the most important statement in the article is, in my opinion:

“We cannot say with certainty that the adversary has been evicted, because we still don’t know the scope of what they’re doing,” Jeff Greene, CISA’s executive assistant director for cybersecurity, told reporters during a Salt Typhoon briefing in early December.

Several observations:

  1. The attacks are not confined to the estimable Microsoft software; more commercial software is providing warm, comfortable havens for attacking systems and stealing data
  2. The existing cyber security systems — no matter what the marketers say in sales material and at law enforcement / intelligence conferences — does not work very well
  3. Different cyber investigators discover novel, unknown, and possibly unique exploits unearthed and exploited by bad actors in China. Other countries enjoy the fruits of lousy security too I want to add.

So what? What happens if one shoots enough bullets at Butch Cassidy’s and the Sundance Kids’ adobe hideout? Answer: It falls down. Each exploit is a digital bullet hole. Without remediation — serious remediation — the US may suffer some structural collapses. PR, smarmy talk, and excuses won’t do the job.

Stephen E Arnold, January 8, 2025

China Smart, US Dumb: The Deepseek Interview

January 6, 2025

Hopping Dino_thumb_thumb_thumbThis is an official dinobaby post. I used AI to assist me in this AI. In fact, I used the ChatGPT system which seems to be the benchmark against which China’s AI race leader measures itself. This suggests that Deepseek has a bit of a second-place mentality, a bit of jealousy, and possibly a signal of inferiority, doesn’t it?

Deepseek: The Quiet Giant Leading China’s AI Race” is a good example of what the Middle Kingdom is revealing about smart software. The 5,000 word essay became available as a Happy New Year’s message to the US. Like the girl repairing broken generators without fancy tools, the message is clear to me: 2025 is going to be different.

image

Here’s an abstract of the “interview” generated by a US smart software system. I would have used Deepseek, but I don’t have access to it. I used the ChatGPT service which Deepseek has surpassed to create the paragraph below. Make sure the summary is in line with the ChinaTalk original and read the 5,000 word original and do some comparisons.

Deepseek, a Chinese AI startup, has emerged as an innovator in the AI industry, surpassing OpenAI’s o1 model with its R1 model on reasoning benchmarks. Backed entirely by High-Flyer, a top Chinese quantitative hedge fund, Deepseek focuses on foundational AI research, eschewing commercialization and emphasizing open-source development. The company has disrupted the AI market with breakthroughs like the multi-head latent attention and sparse mixture-of-experts architectures, which significantly reduce inference and computational costs, sparking a price war among Chinese AI developers. Liang Wenfeng, Deepseek CEO, aims to achieve artificial general intelligence through innovation rather than imitation, challenging the common perception that Chinese companies prioritize commercialization over technological breakthroughs. Wenfeng’s background in AI and engineering has fostered a bottom-up, curiosity-driven research culture, enabling the team to develop transformative models. Deepseek Version 2 delivers unparalleled cost efficiency, prompting major tech giants to reduce their API prices. Deepseek’s commitment to innovation extends to its organizational approach, leveraging young, local talent and promoting interdisciplinary collaboration without rigid hierarchies. The company’s open-source ethos and focus on advancing the global AI ecosystem set it apart from other large-model startups. Despite industry skepticism about China’s capacity for original innovation, Deepseek is reshaping the narrative, positioning itself as a catalyst for technological advancement. Liang’s vision highlights the importance of confidence, long-term investment in foundational research, and societal support for hardcore innovation. As Deepseek continues to refine its AGI roadmap, focusing on areas like mathematics, multimodality, and natural language, it exemplifies the transformative potential of prioritizing innovation over short-term profit.

I left the largely unsupported assertions in this summary. I also retained the repeated emphasis on innovation, originality, and local talent. With the aid of smart software, I was able to retain the essence of the content marketing propaganda piece’s 5,000 words.

You may disagree with my viewpoint. That’s okay. Let me annoy you further by offering several observations:

  1. The release of this PR piece coincides with additional information about China’s infiltration of the US telephone network and the directed cyber attack on the US Treasury.
  2. The multi-pronged content marketing / propaganda flow about China’s “local talent” is a major theme of these PR efforts. From the humble brilliant girl repairing equipment with primitive tools because she is a “genius” to the notion that China’s young “local talent” have gone beyond what the “imported” talent in the US has been able to achieve are two pronged. One tine of the conceptual pitchfork is that the US is stupid. The other tine is that China just works better, smarter, faster, and cheaper.
  3. The messaging is largely accomplished using free or low cost US developed systems and methods. This is definitely surfing on other people’s knowledge waves.

Net net: Mr. Putin is annoyed that the European Union wants to block Russia-generated messaging about the “special action.” The US is less concerned about China’s propaganda attacks. The New Year will be interesting, but I have lived through enough “interesting times” to do much more than write blogs posts from my outpost in rural Kentucky. What about you, gentle reader? China smart, US dumb: Which is it?

Stephen E Arnold, January 6, 2025

Chinese AI Lab Deepseek Grinds Ahead…Allegedly

December 31, 2024

Is the world’s most innovative AI company a low-profile Chinese startup? ChinaTalk examines “Deepseek: The Quiet Giant Leading China’s AI Race.” The Chinese-tech news site shares an annotated translation of a rare interview with DeepSeek CEO Liang Wenfeng. The journalists note the firm’s latest R1 model just outperformed OpenAI’s o1. In their introduction to the July interview, they write:

“Before Deepseek, CEO Liang Wenfeng’s main venture was High-Flyer, a top 4 Chinese quantitative hedge fund last valued at $8 billion. Deepseek is fully funded by High-Flyer and has no plans to fundraise. It focuses on building foundational technology rather than commercial applications and has committed to open sourcing all of its models. It has also singlehandedly kicked off price wars in China by charging very affordable API rates. Despite this, Deepseek can afford to stay in the scaling game: with access to High-Flyer’s compute clusters, Dylan Patel’s best guess is they have upwards of ‘50k Hopper GPUs,’ orders of magnitude more compute power than the 10k A100s they cop to publicly. Deepseek’s strategy is grounded in their ambition to build AGI. Unlike previous spins on the theme, Deepseek’s mission statement does not mention safety, competition, or stakes for humanity, but only ‘unraveling the mystery of AGI with curiosity’. Accordingly, the lab has been laser-focused on research into potentially game-changing architectural and algorithmic innovations.”

For example, we learn:

“They proposed a novel MLA (multi-head latent attention) architecture that reduces memory usage to 5-13% of the commonly used MHA architecture. Additionally, their original DeepSeekMoESparse structure minimized computational costs, ultimately leading to reduced overall costs.”

Those in Silicon Valley are well aware of this “mysterious force from the East,” with several AI head honchos heaping praise on the firm. The interview is split into five parts. The first examines the large-model price war set off by Deepseek’s V2 release. Next, Wenfeng describes how an emphasis on innovation over imitation sets his firm apart but, in part three, notes that more money does not always lead to more innovation. Part four takes a look at the talent behind DeepSeek’s work, and in part five the CEO looks to the future. Interested readers should check out the full interview. Headquartered in Hangzhou, China, the young firm was founded in 2023.

Cynthia Murrell, December 31, 2024

OpenAI Partners with Defense Startup Anduril to Bring AI to US Military

December 27, 2024

animated-dinosaur-image-0062_thumb_thumbNo smart software involved. Just a dinobaby’s work.

We learn from the Independent that “OpenAI Announces Weapons Company Partnership to Provide AI Tech to Military.” The partnership with Anduril represents an about-face for OpenAI. This will excite some people, scare others, and lead to remakes of the “Terminator.” Beyond Search thinks that automated smart death machines are so trendy. China also seems enthused. We learn:

“‘ChatGPT-maker OpenAI and high-tech defense startup Anduril Industries will collaborate to develop artificial intelligence-inflected technologies for military applications, the companies announced. ‘U.S. and allied forces face a rapidly evolving set of aerial threats from both emerging unmanned systems and legacy manned platforms that can wreak havoc, damage infrastructure and take lives,’ the companies wrote in a Wednesday statement. ‘The Anduril and OpenAI strategic partnership will focus on improving the nation’s counter-unmanned aircraft systems (CUAS) and their ability to detect, assess and respond to potentially lethal aerial threats in real-time.’ The companies framed the alliance as a way to secure American technical supremacy during a ‘pivotal moment’ in the AI race against China. They did not disclose financial terms.”

Of course not. Tech companies were once wary of embracing military contracts, but it seems those days are over. Why now? The article observes:

“The deals also highlight the increasing nexus between conservative politics, big tech, and military technology. Palmer Lucky, co-founder of Anduril, was an early, vocal supporter of Donald Trump in the tech world, and is close with Elon Musk. … Vice-president-elect JD Vance, meanwhile, is a protege of investor Peter Thiel, who co-founded Palantir, another of the companies involved in military AI.”

“Involved” is putting it lightly. And as readers may have heard, Musk appears to be best buds with the president elect. He is also at the head of the new Department of Government Efficiency, which sounds like a federal agency but is not. Yet. The commission is expected to strongly influence how the next administration spends our money. Will they adhere to multinational guidelines on military use of AI? Do PayPal alums have any hand in this type of deal?

Cynthia Murrell, December 27, 2024

The Future: State Control of Social Media Access, Some Hope

December 25, 2024

It’s great that parents are concerned for their children’s welfare, especially when there are clear and documented dangers. The Internet has been in concerned parents’ crosshairs since its proliferation. Back in the AOL days it was easier to monitor kids access, you simply didn’t allow them to log on and you reviewed their browser history. However, with the advent of mobile devices and the necessity of the Internet for everyday living, parents are baffled on how to control their children and so is the Australian government. In an extreme case, the Australian parents proposed a bill to ban kids under the age of sixteen from using social media. The Senior relates how they are winning the battle: “Parents To Lose Final Say In Social Media Ban For Kids.”

The proposed bill is from Prime Minister Anthony Albanese’s administration and it plans to ban all kids under the age of sixteen from any and other social media platforms. Parents are taken out of the equation entirely. Parents will not be allowed to consent and many see it as a violation of their civil and parental rights.

The bill hasn’t been drafted yet and probably won’t be in 2024. It is believed that the first legislation on the bill will be in 2025 and will slowly work its way through the Australian parliament. The blanket ban would also not require age verification:

“Asked if parents would be allowed to consent to their children being on social media at a younger age, Communications Minister Michelle Rowland told Labor’s party room meeting “no”. She said people using social media would not have to upload proof of identity directly to those platforms, when minimum age requirements kick in. ‘The opposition is the only party arguing that people should upload 100 points of ID and give it to TikTok,’ she told the meeting. The government wants 12 months of consultation to figure out exactly how the ban will be enforced.”

Australia doesn’t have faith in parents’ efforts to regulate their kids on social media, so the government is acting in the kids’ best interests. It does sound like the government is overstepping, but social media experts and mental health professionals have documented the potential and real harm of social media on kids. Many parents also don’t monitor and discipline their children’s Internet usage habits. Is this an overstep by the government? No, just a first step.

Whitney Grace, December 25, 2024

VoIP in Russia, Nyet. Telegram Voice, Nyet. Just Not Yet

December 24, 2024

animated-dinosaur-image-0055_thumb_thumbWritten by a dinobaby, not an over-achieving, unexplainable AI system.

PCNews.ru in everyone’s favorite special operations center reported that Roskomnadzor (a blend of the FBC and a couple of US three letter agencies) has a New Year’s surprise coming. (Xmas in Russia is often celebrated on January 7, 2024.) The short write up reported to me in English via the still semi reliable Google Translate that calls within “messenger apps” are often fraudulent. I am not sure this is a correct rendering of the Russian word. One of my colleagues suggested that this is a way to say, “Easily intercepted and logged by Roskomnadzor professionals.”

Among the main points in the article are:

  • The target is voice traffic not routed via Roskomnadzor
  • Communication operators — that is, Internet providers, data centers, etc. — are likely to be required to block such traffic with endpoints in Russia
  • As part of the “blocks,” Roskomnadzor wants to identify or have identified for the entity such functions as “identifying illegal call centers (including those using SIM boxes) on their networks.”

The purpose is to protect Russian “consumers.” The source cited above included an interesting factoid. YouTube traffic, which has been subject to “blocks” has experienced a decrease in traffic of 80 percent.

Not bad but a 20 percent flow illustrates that Roskomnadzor has been unable to achieve its total ban. I wonder if this 80 percent is “good enough” for Roskomnadzor and for the fearless head of state who dictates in Russia.

Stephen E Arnold, December 24, 2024

FOGINT: Intelware Tension Ticks Up

December 24, 2024

fog from gifer 8AC8 small_thumb_thumb Observations from the FOGINT research team.

On Friday, December 20, 2024, NSO Group, the Pegasus specialized software outfit, found itself losing a court squabble with Facebook (Meta and WhatsApp). According to the Reuters’ news story pushed out at 915 pm Eastern time, “US Judge Finds Israel’s NSO Group Liable for Hacking in WhatsApp Lawsuit.” In case you don’t have the judgment at hand, you can find the United States District Court, Norther District of California document at this link.

The main idea behind the case is that the NSO Group’s specialized software pressed into duty for the purpose of obtaining information about WhatsApp users. The mechanism was to exploit “a bug in the messaging app to install spy software allowing unauthorized surveillance.” NSO Group’s fancy legal two step did not work.

The NSO Group has become the poster child for the “compromise the mobile” phone and obtain data. The Pegasus system exfiltrates data and, when properly configured, can capture information from a mobile device. Furthermore, the company’s hassles about its customers’ use of the Pegasus tool unwittingly created a surge in software and specialized services performing identical or similar tasks.

The FOGINT team has identified firms which have found different ways of compromising mobile devices. The company, therefore, has been an innovator and its approach to compromising devices has [a] focused attention on Israel’s technical competence in this specialized software niche and [b] rightly or wrongly illustrated that the technology can act with extreme prejudice when used by some clients to solve what they perceive as “problems.”

There are several larger consequences which the FOGINT team has identified:

  1. Specialized software is more prevalent because the revelations about Pegasus have encouraged entrepreneurs and technologists to develop more effective surveillance methods
  2. Unique delivery methods have been crafted. These range for in-app malware to more sophisticated multi-stage malware installed as a consequence of a user’s carelessness
  3. Making clear that powerful surveillance tools can be installed in a way that does not require the user to click, email, or interact. The malware simply dials up a mobile and bingo! the device is compromised.

How will this judgment affect the specialized software industry? In FOGINT’s view, the decision will further stimulate competition and the follow of novel surveillance techniques. One consequence also may be that law enforcement and intelligence professionals will encounter headwinds when similar specialized software is required for certain investigations. FOGINT’s view is that NSO Group’s go-go approach to sales created a problem for the company and for specialized software. Some technologies should remain “secret,” which is now becoming an old-fashioned viewpoint. Marketing is not always a benefit.

Stephen E Arnold, December 24, 2024

Thales CortAIx (Get It?) and Smart Drones

December 23, 2024

Countries are investing in AI to amp up their militaries, including naval forces. Aviation Defense Universe explores how one tech company is shaping the future of maritime strategy and defense: “From Drone Swarms To Cybersecurity: Thales’ Strategic AI Innovations Unveiled.” Euronaval is one of the world’s largest naval defense exhibitions and CortAlx Labs at Thales shared their innovations AI-power technology.

Christophe Meyer is the CTO of CortAlx Labs at Thales and he was interviewed for the above article. He spoke about the developments, innovations, and challenges his company faces with AI integration in maritime and military systems. He explained that Thales has three main AI divisions. He leads the R&D department with 150 experts that are developing how to implement AI into system architectures and cybersecurity. The CortAlx Labs Factory has around 100 hundred people that are working to accelerate AI integration into produce lines. CortAlx Lab Sensors has 400 workers integrating AI algorithms into equipment such as actuators and sensors.

At Euronavel Thales, Meyer’s company demonstrated how AI plays a crucial role in information processing. AI is used in radar operations and highlights important information from the sensors. AI algorithms are also used in electronic warfare to enhance an operator’s situation awareness and pointing out information that needs attention.

Drones are also a new technology Thales is exploring. Meyer said:

“Swarm drones represent a significant leap in autonomous operations. The challenge lies in providing a level of autonomy to these drones, especially when communication with the operator is lost. AI helps drones in the swarm adapt, reorganize, and continue their mission even if some units are compromised. This technology is platform-agnostic, meaning it applies to aerial, maritime, and terrestrial swarms, with the underlying algorithms remaining consistent across domains.”

Drones are already being used by China and Dubai for aerial shows. They form pictures in the night sky and are amazing to watch. Ukraine and Russia are busy droning one another. Exciting.

Whitney Grace, December 23, 2024

Next Page »

  • Archives

  • Recent Posts

  • Meta