Indictment: Social media firms got played by Russian agents

Friday’s election-interference indictment brought by Robert Mueller, the U.S. special counsel, underscores how thoroughly social-media companies like Facebook and Twitter were played by Russian propagandists.

And it’s not clear if the companies have taken sufficient action to prevent something similar from happening again.

Thirteen Russians, including a businessman close to Vladimir Putin, were charged Friday in a plot to interfere in the 2016 U.S. presidential election through social media propaganda. The indictment said the Russians’ conspiracy aimed, in part, to help Republican Donald Trump and harm the prospects of his Democratic opponent, Hillary Clinton.

The alleged scheme was run by the Internet Research Agency, a troll farm based in St. Petersburg, Russia, which used bogus social media postings and advertisements fraudulently purchased in the name of Americans to try to influence the White House race. The messages also sought to denigrate Trump GOP primary rivals Marco Rubio and Ted Cruz, and to support Clinton’s Democratic opponent Bernie Sanders.

“I created all these pictures and posts, and the Americans believed that it was written by their people,” wrote one of the defendants, Irina Kaverzina, in an email to a family member obtained by investigators.

Tech companies have spent months pledging to fix their platforms ahead of the upcoming midterm elections this year, and reiterated those promises Friday. Twitter said in a Friday night statement it is “committed to addressing, mitigating, and ultimately preventing any future attempts to interfere in elections and the democratic process, and to doing so in the most transparent way possible.” Facebook thanked U.S. investigators for taking “aggressive action” and pointed out its own role in helping the investigation.

Researchers, however, noted that the companies’ business incentives don’t necessarily align with improved security and anti-hoaxing measures that might have frustrated Russian agents.

“I’ve never been convinced that these sites are motivated to fix a problem like this,” said Notre Dame business professor Timothy Carone, who added that security controls make it harder for sites like Facebook to offer users new features and keep advertisers happy. “It’s a really, really, really difficult problem.”

The indictment confirms earlier findings from congressional investigations that Russian agents manipulated social media to promote social division by mimicking grassroots political activity. It also underscores that the problem wasn’t just “bots” — i.e., automated social-media accounts — but human conspirators who fine-tuned propaganda and built online relationships with American activists.

The idea was to “sow as much discord as possible,” said Melissa Ryan, a Democratic social media marketing expert who now keeps track of right-wing online activity. “This was America that was attacked.”

Social-media companies weren’t the only ones subverted in the influence campaign. Federal prosecutors allege that Russian criminals used PayPal as a primary conduit to transfer money for general expenses and to buy Facebook ads aimed at influencing voters. Prosecutors say the accounts were opened using fake identities to help bypass PayPal’s security measures.

PayPal spokesman Justin Higgs said the San Jose, California, company has been cooperating with the Justice Department and is “intensely focused on combatting and preventing the illicit use” of its services.

In an interview with The Associated Press on Tuesday, Facebook Chief Technology Officer Mike Schroepfer outlined the complexity of preventing abuse.

“Election integrity is challenging because again, you’re dealing with adversaries,” Schroepfer said during a conference in Half Moon Bay, California. “They are trying to accomplish a goal and they have smart people who are trying to figure out their way into the system to accomplish that.”

For instance, infiltrators often react immediately to countermeasures. If they figure out Facebook is checking the internet addresses of computers to identify visitors from particular countries, Schroepfer said, “they’ll take over a machine with malware in the U.S. and post from there instead. People say, ‘Why don’t you just check the currency or the IP address?’ And as soon as you do that, literally that afternoon, they will change tactics.”

Schroepfer said the company is making “good headway” on the problem, although he declined to give specifics. “By kind of doing a lot better job of trying to figure out the authenticity of these different actors, we can certainly stop that sort of behavior,” he said. “There’s a big focus on that.”

On the other hand, now that the Russians have shown how this sort of campaign is done, the door is open for others — including American special interest groups — to use the same tactics to target disaffected voters in the right places, said David Gerzof Richard, a communications professor at Emerson College.

“This is the new norm,” he said. “It’s not going away. It’s not going to be magically fixed by a Silicon Valley CEO or a group of executives saying they’re going to do better.”

__

AP Technology Writer Ryan Nakashima in Half Moon Bay, California, contributed to this report.