In the twenty-first century, the concept of war and fight between states has changed. Nowadays, threats to state security can be observed primarily on the Internet. Kamil Basaj, founder and president of the INFO OPS Poland Foundation, talked to Izabela Wojtyczka, editor-in-chief of The Warsaw Institute Review, about manipulation, information warfare and extensive disinformation operations.
Izabela Wojtyczka: In your opinion, how right are the emerging diagnoses of the global disinformation warfare? How many directions and what specific features are we able to indicate?
Kamil Basaj: Currently, the Polish-language information ecosystems, but not only, are under permanent manipulative influence. Among such activities one can find disinformation and propaganda operations, as well as, more widely – psychological and informational ones. This subject has a wide range and cannot be limited solely to an operation using only correct, false or mixed information.
The processes of influence are carried out by more or less specialized action units, generally state-controlled ones. The reconnaissance processes are also sophisticated. The state security sector, non-governmental organizations and society all have distinct capabilities to identify such threats. Manipulative operations are very often complex and are not limited to overt, propaganda and/or manipulative actions. An active information operation, conducted by professionals, often features a multi-vector transmission, activities (in multiple dimensions, e.g. physical and virtual), use of active means, e.g. provocation, simulation, mystification, or inspiration (made either consciously or not by the actor) and a planning process based on cognitive models, including subjectivity models. To make the whole action more effective and gain influence over the decision-making process of an individual and/or a social group in a wider context. The existing research shows that the basic parameter, which becomes the target of the attacker, are the cognitive processes of the recipients and they should be given special attention in the first place. This is also important from the perspective of developing models for the recognition of such operations, because skillfully created queries/surveys taking into account the recognition of elements of an information opponent’s actions enable to detect an information operation at its early stage. More broadly – in some cases this takes place already during the preparation of the background information by the attacker, which is supposed to constitute the foundation for future manipulative actions.
When wondering how correct the emerging diagnoses of the global disinformation warfare are, one can only point out that the information ecosystem, the processes of shaping views and decisions (including the abandonment of decisions), are the space for conducting information warfare and are coming from several basic directions in Poland. The centers conducting offensive actions through open or overt channels are undoubtedly China, Russia, Germany and other actors, whose actions can be omitted for the purpose of this statement. It should be remembered, however, that propaganda processes and activities, as those of the Russian Federation undertakes through open channels of communication the Kremlin-controlled media, vary from influencing public opinion through lobbying and paying off selected publicists and editorial boards for propaganda activities, related to, for example, masking, or otherwise – information cloaking, provided for e.g. Huawei products. Unfortunately, in both cases such activities are constantly present in the Polish information space. Other threats, such as the distribution of terrorist materials or manuals (e.g. how to construct a bomb or transform a vehicle into a weapon, etc.), have a completely different structure and origin, but there are cases where materials of the so-called Islamic State are hidden in domains involved in manipulative operations of the Russian Federation.
From this perspective, the answer to the question on the accuracy of the aforementioned diagnosis is not obvious, as the very nature of the threats makes special services in individual states be responsible for recognition and prevention. There is no doubt that Polish special services have already developed capabilities both to recognize and counteract these threats within the framework of the applicable law in Poland, which often narrows down their possibilities of active performance.
Disinformation, even if it resembles true information, is intended to effectively interfere with the recipient’s decision-making process, i.e. in accordance with their preferences. One of the techniques commonly used by the planners is to build models of reflection, based on models of subjectivity. Could you please tell us about the mechanism of this process?
Reflexive management (control) has become a popular theme, used in the discourse on the use of active measures, deception and psychological operations, no less it has a very broad definition and can be used differently. The area of research, which I am currently focusing on in my professional activity at the INFO OPS Poland Foundation, concerns tactical level of control (low level), i.e. multidimensional method of influencing an individual’s decision-making process. By definition, it takes place through the development of reflection on the collected resources of data, stimuli, memory, knowledge, decisions and the so far produced outlooks, accumulated unconsciously in human mind. Focusing on the tactical level of control in the research allowed to recognize processes classified as the group of models of subjectivity, i.e. individual patterns of perception of a stimulus – any information – by an affected entity. This research has a long history.
In the Foundation we have also conducted research on volunteers to confirm the effectiveness of the applied solutions of conducting manipulative actions in an unconscious but effective way. The results of the research allowed us to determine the special features of this type of operations, i.e. a manipulative operation conducted with the use of models of subjectivity. They can be applied to defensive actions and the recognition of the occurrence of events that may suggest the use of specialized tools by the attacker, which we qualify under models of subjectivity. From this perspective, the reflexive management has a very precise nature, because it is based on the understanding how the attacker seeks to permanently impair the decision-making process of the attacked, which from the perspective of the domain of reconnaissance is a significant element, as it enables an early identification of threats, often before they reach the right phase of action.
Going further, it is, of course, necessary to distinguish between operational areas in which it may apply. In simple terms, we should distinguish other models used, e.g. in reconnaissance conducted by APT teams, conducting intelligence operations in cyberspace, where the element of target profiling plays an important role through the operation against a single decision maker (e.g. commander, director of the department responsible for security), up to widely understood psychological operations, where elements of models of subjectivity can also be found by examining semantics and rhetorical clues or through applied social engineering. All these areas as well as subsets of reflexive control (models of subjectivity, pre-reflexive patterns, individual thinking patterns), have a different potential to cause harm and in general their recognition process has a diversified form.
Can we trace this pattern on a specific example? Are there only public or private entities among the clients?
Employing models of subjectivity in conducting information attacks and more broadly – the use of active measures –– requires professional preparation, and I have not yet encountered a study that would reveal that the attacker using models of subjectivity was not a part of the security apparatus of the attacking state. However, it cannot be ruled out that such specialized abilities of non-state actors will appear in the future, for instance, through the progressive commercialization of manipulative services.
Do we have any data on the financing and organization of disinformers’ work? Are these secret units operating at specific organizations with a hierarchy of orders?
The answer to this question requires determining which sector of the state apparatus is responsible for conducting the information operation. Typically, such an operation requires several different data sets, which can be obtained through the following processes: reconnaissance, analysis (including profiling of an object or a group of objects) and planning (also the use of manipulative matrices, models of subjectivity).The very scope of activities preceding the information operation indicates that the responsible centers, for instance in the case of the Russian Federation, are the Russian state apparatus as well as special and security sectors. A good example of such a complex action was the process of cloaking the use of chemical weapon in Syria, where the information operation involved the Russian state administration apparatus, the military and media sectors as well as diplomacy and a number of cover-up activities carried out by Russian services in the form of inspiration and mystification, performed for the purposes of the so-called “media” activities.
Of course, overt actions, being conducted through open propaganda channels, such as Sputnik, RT or other documents that disseminate content, which is convergent with the actions of Russian propaganda, are somewhat different. In this case, recognizing and defining actors is simplified, rather similar to information or media operations. However, please be careful about the so-called Russian troll factories, because these centers would not be able to effectively perform their activities without the substantive support of reconnaissance, analysis and planning carried out by special centers, controlled by the security system of the Russian Federation.
Since the closure of national borders due to the coronavirus pandemic we have been receiving reports on intensified Russian cyberattacks. What are the main threats to Poland and the European Union? What defense mechanisms do we have?
The Russian Federation permanently uses cyberspace as an operational environment in information, intelligence and penetration operations. The threats are permanent and concern all state sectors being of interest for a country conducting hostile politics. From the security sector, the army, diplomacy, state administration, to the economic sphere, state-owned enterprises and non-governmental organizations, which from the perspective of the attacker have the potential to obtain the desired information from the organization’s resources.
This threat should be defined as permanent and important, also due to the low visibility of this type of operation, especially for the public. In the European Union, the infrastructure of the European Commission or the European Parliament is an equally sensitive target due to the potential gain of information that can present the background of many international events. Hostile actions of the Russian Federation cannot be underestimated and compared to other criminal activities because this runs greater risk to state security. There are various possibilities of prevention. Poland and other EU or NATO members are constantly developing the potential to ensure the security of telecommunication systems and this process will continue. The human factor still plays a vital role in this system and often this aspect determines whether an attack is successful or not, for instance phishing. In recent years, Poland has reached many milestones, from the bill on the national cybersecurity system to the achievement of operational capabilities by specialized agencies, such as CERT Poland (CERT Polska) – a Computer Emergency Response Team operating within the structures of Research and Academic Computer Network (NASK), CSIRT GOV – a Computer Security Incident Response Team operated by the Internal Security Agency (ABW) and CSIRT MON – operated by the Ministry of National Defense (MON), which continuously monitor and counteract threats in cyberspace, including attacks by the Russian Federation, China or North Korea.