image

Cybersecurity

Are rabid squirrels and mosquito invasions part of a new Russian cyberattack campaign?

Offbeat articles on mystery website may be Moscow’s latest assault on American democracy, a US internet security firm claims

PUBLISHED : Saturday, 02 June, 2018, 4:03pm
UPDATED : Saturday, 02 June, 2018, 7:52pm

A new Russian influence operation has surfaced that mirrors some of the activity of an internet company that the FBI says was deeply involved in efforts to sway the 2016 US elections, a cybersecurity business claims.

A website called usareally.com appeared on the internet on May 17 and called on Americans to rally in front of the White House on June 14 to celebrate President Donald Trump’s birthday, which is also flag day.

FireEye, a California-based cybersecurity company, claims USA Really is a Russian-operated website that carries content designed to foment racial division, harden feelings over immigration, gun control and police brutality, and undermine social cohesion.

The web site’s operators once worked out of the same office building in St Petersburg, Russia, where the Kremlin-linked internet Research Agency had its headquarters, said Lee Foster, manager of information operations analysis for FireEye iSight Intelligence.

“We’re not saying [USA Really] is the internet Research Agency but there are a number of indicators that suggest it is,” Foster said.

The new web site’s banner declares in English: “America will wake up on June 14th!” It carries a drawing of the White House and a fluttering US flag as a backdrop.

Foster said the site has more than 100 articles and they are posting an average of nine articles a day.

It’s not always easy to change an outcome [of an election] but they can delegitimise the process
John Hultquist, FireEye iSight

Russians involved in the web site work for the Federal News Agency, which is known by its Russian acronym FAN and closely follows the Kremlin line on international issues. Ownership of the agency is not known.

The new website may be part of a pending broader campaign, Foster claims.

“There are a bunch of other domains as well that play on USA Really that we are monitoring that have not launched,” he said.

But so far, he said, Russians have not been pushing the web site and its stories using robotic networks, or botnets, to promote them on social media, and they may be holding back.

“They may also be contemplating what risks are involved if we were able to positively ID Russia trying to influence the 2018 midterms. To what extent does that undermine denials about 2016 activity? I’m sure that is something that is playing around in their minds as well,” Foster said.

Foster spoke along with other FireEye researchers at the end of the Fifth Annual Government Forum on Cyber Threat Intelligence, which the company partly sponsored.

“It’s not always easy to change an outcome [of an election] but they can delegitimize the process and create doubt,” said John Hultquist, director of intelligence analysis at FireEye iSight.

The USA Really website contains a mix of articles taken from US sources or carrying a USA Really credit and written in poor English. One article suggested that Louisiana should secede. Louisiana’s economy would still place it 45th out of 211 countries around the world, it said.

Another article said rabid squirrels were terrorising Florida. One headline suggested the US government is preparing for World War III.

“New bloodshed in Wisconsin. Thousands of victims,” read the headline of one article about a mosquito invasion.

A posting from May 25 said the “USA Really” campaign officially starts on June 14 with the slogan, “USA as it is.”

“We invite all Americans – all who cares (sic) about the country – to celebrate this. Come up to the White House on June 14 at 2:00pm to congratulate America,” it said.

A short YouTube video posted April 17, purportedly from the Federal News Agency, said USA Really “will focus on promoting information and problems that are hushed up by major American publications controlled by the US political elite.”