We All Fall Down: Dispatches From The Front Line Of A Hybrid War
While the British establishment has finally conceded Russia is, in fact, the number one threat facing the UK, and the military and defence secretary have set out stark warnings that Putin's federation could all but destroy the increasingly isolated Britain at any given time, a void continues to exist. A vacuum of denial in which Brexit has inexplicably escaped the hybrid offensive which targeted the US, France, Denmark, Sweden, Qatar, Turkey, Syria, Catalonia, Kenya, and just about everywhere else.
It is more important now than ever to make sure this dangerous myth, the modern equivalent of a pocket full of posies, is pulled apart.
This is the latest dispatch from the front line in Russia's Alternative War and whether it falls upon deaf ears or not is the simple choice of the reader.
"The reality of such an attack is a simple one: it is possible, could happen at any time, and there is nothing you could do to escape the effects of it."
A Warning: The reality of a critical infrastructure attack
There will not be a three minute warning. No blinding flash of light, no heat, no explosion. No home-made fall out shelter will help you.
The internet will start to run slow, then sites will start to crash out as a mass DDoS attack is launched, using otherwise inert objects such as WiFi connected fridges, to repeatedly ping websites. Your doctor's appointments service will crash, your banking systems will go down, your news sites will freeze and then produce error messages. As the attack on bandwith expands, exploiting the system weaknesses in almost every consumer electrical device ever made, streaming services will fail.
Within minutes, payloads of malware will start to infect networks. Opening ransomware messages and screens of death across the terminals of public and government services, including the NHS and police. Surgeries and hospitals will be sent spiralling into chaos, the 999 system will overload and incident reporting and resource systems collapse. No help will be coming to you.
Transportation systems will be systematically taken off line, including air traffic control, and GPS signals will be disrupted, rendering the location system useless as false locations are implanted in the devices connected to every car, boat, train, and plane. For safety, all traffic is grounded or held in harbour.
The phone networks will be jammed as everyone scrambles to resolve and report their issues, or call their colleagues, friends and loved ones to find out what is going on. Or simply to have a chat about it. Engaged tones will be all that returns to callers with increasing frequency.
Control systems will be systematically hacked at oil, gas, water, and electricity distribution hubs, disrupting supplies and destroying equipment, causing fires and explosions.
Submarines will slice through undersea cables and pipelines, disconnecting telephone, internet, gas and oil supplies. Britain will be isolated in a stroke. The markets are taken off line, the economy crashes and millions of records are destroyed.
Yes, there are gas an oil reserves but these would take days to be brought online, and they would need to be rationed. There would be an eventual, emergency resumption of supply by boat but, in any case, this would insufficient even over the short term.
Supermarket supplies would hold out no more than a week, the average house, with only modern powered appliances, around three days. Maximum. Though, with banking systems down and no method of payment available to millions, even emergency stocking up would be out of the question.
Fuel stations would all be out of service.
This is without discussing rioting and looting – the last event of which was in 2011 and, though it only involved small pockets of youths and criminals, lasted for five days and spread nationwide. The police were at full resource capacity and all systems were functioning at the time.
One single, co-ordinated critical infrastructure attack would be sufficient to destroy Britain. Wrecking its economy in a stroke and breaking the general public within days. The country would take years to recover from an event which unfolded over less than 24 hours.
Unfortunately, this is the reality of the world we face. Nothing I've mentioned here is not within the capability of the Russian state and, as they've bragged themselves for some time, they have the “internet equivalent of the A-bomb.”
DDoS attacks are fairly well known, as is the inherent use of so called IoT (Internet of Things) devices in such attacks. For one example, the centralised voter registration database was taken offline in the UK on the last day it was possible for voters to put their names down for the Brexit vote. A select committee was quick (and correct) to attribute this to a foreign power almost straight afterwards. And there seems little need to remind everyone of the absolute chaos caused in 2017 by a trial run of ransomware payloads which impacted huge swathes of the NHS and worldwide critical infrastructure. This was of course followed by NotPetya. It's also now known than not only do Russia have access to stolen zero day exploits from the NSA, aided and abetted by the use of Kasperksy as an espionage tool, but the Federation owns a whole raft of its own zero days too. On top of that, every chipset in the world has been found open to hacking. Please note, however, this doesn't even account for the billions of individual accounts compromised across almost every platform we use, from Yahoo to Linked In.
GPS attacks have been making military waves for the last twelve months at least, so these are most definitely on the table and in full working order, again Russian in origin, as are control system hacks which take down utilities – such as CrashOverride, first tested in Ukraine in 2014.
Finally, the undersea cable risk is quite real and only last week the defence secretary followed the military warnings in stating an attack was imminent, unstoppable, and would impact “thousands and thousands and thousands” of Britons.
The reality of such an attack is a simple one: it is possible, could happen at any time, and there is nothing you could do to escape the effects of it.
I hope this serves as a reality check.
"...the situation in the UK is more complex, in particular due to less stringent rules controls around foreign funding of political parties and campaigners, and significant concerns around influence by Russia which has been exerted on central Brexit figures."
Social Media: An update from the front line
In the United States, as we are seeing now in the United Kingdom, when the question of Russia's deployment on social media was first raised the initial answer was nothing happened. There was no Russian involvement in the US Presidential Election of 2016.
After a short while, Twitter revised this and said it had identified 201 accounts.
After further scrutiny, Twitter admitted it had identified over 2,400 managed Russian accounts.
Last week, the company increased that figure by a further 1,000 managed accounts – trolls working at the St Petersburg farms under direct control of the Kremlin.
In addition, Twitter added that it had since come across an army of 50,000 automated Russian bots which had worked on the election in tandem with the managed troll. Something I exposed months ago.
These accounts, they estimate, produced 455 million impressions (meaning enough to be seen multiple times by every single American). They have even had to contact each American who interacted with these fake users by way of Retweet or Like – something which happened 677,000 times.
As it happens, these accounts also appear to have produced over 400,000 supportive reactions to tweets by Donald Trump, and also provided between 40 and 70% of the social media traffic around Wikileaks and their publication of the DNC emails, which were hacked directly by Russia – something helpfully reconfirmed by the Dutch Intelligence Services this week.
Based upon experiments with paid and organic reach conducted here, these accounts could have, in fact, produced up to 1.08 billion impressions, due to the working of network centrality, meaning the Russian messaging would have reached much, much farther. But even half this is incredible.
Despite some action by Twitter, huge swathes of the Russian accounts have been confirmed as still active and pushing the latest nonsense conspiracy theory, #ReleaseThe Memo, which releates to a broadly discredited document by Republican Devon Nunes and is designed to discredit the FBI's response to Russian collusion by the Trump Administration and the GOP.
Meanwhile, the UK has seen a similar pattern unfold.
Initially, there was an absolute denial of any Russian involvement in Brexit. Then it transpired the St Petersburg troll farm had spent $1000 dollars on Twitter when they took a closer look.
This last week, Twitter responded to UK's the Fake News Inquiry, led by Damian Collins MP, saying they had identified 100 Russian accounts active during Brexit. In short order, they were told to do better, in a written reply from the MP.
This number will increase, just as it did in the US. Kicking and screaming.
Facebook have similarly been taken to task, in particular given their deletion of 30,000 fake accounts in France which were supportive of Le Pen during the Macron election. This is intrinsically linked to Brexit via Nigel Farage and Arron Banks, due to their support for Le Pen and their close relationship with the Russian Embassy.
Collins is right to challenge the company, in particular due to the way things unfolded in the US, however the situation in the UK is more complex, in particular due to less stringent rules and controls around foreign funding of political parties and campaigners, and significant concerns around influence by Russia which has been exerted on central Brexit figures.
Such links are re-affirmed on a regular basis, often by key Leave.EU figure Andrew Wigmore – recently arrested for illegally using expired diplomatic credentials from Belize.
Disputing any link to Steve Bannon, despite Nigel Farage's documented close relationship, Wigmore confirmed via Twitter on January 3rd 2018 that the Leave.EU link to Trump was mainly through Mississippi Governor Phil Bryant.
This is helpful, because it reaffirms substantive Brexit links to the Trump Russia saga made last year.
The Russia inquiry in the UK is going to be much more of a mess than any such investigation elsewhere, in particular as the survival of the party in government, led by Theresa May, has tied itself so closely to the decision to leave the European Union. Any finding of Russia's involvement with Leave could destroy the Conservative party and, in effect, bring the minority government crashing down.
In Britain, denials continue but when you start to look it, even in an overview, the scales start to fall away.
It's almost completely illogical to continue to say Britain isn't a Russian target, or that Brexit could possibly have been safe from Russian interference.
A new type of virus has swept through democracies across the West. Malware for the human mind powered by the social engineering equivalent of money laundering. A plague is upon us and the symptoms are clearer than ever but, without a cure in sight and to our continued detriment, a nursery rhyme mentality prevails.
This way, we all, inevitably, fall down.