Elevated
Suspicious
The more synthetic media is perceived to be legitimate and authoritative, the content is more likely to be trusted, persuasive, and acted upon.
Synthetic media can range from non-interactive, not ongoing, or not consistent (low) to interactive, ongoing, and consistent (high).
Synthetic media can range from very recognizable and familiar (high) or hardly (or not) recognizable and familiar (low).
Synthetic media can range from evoking a significant affective response (high) to barely or not at all eliciting an affective reaction.
Synthetic media can range from broadcast to a wide human audience or technical security measures (high) to a narrow, specific human audience or tailored technical security measure (low).
While the media content is not synthetically created, the media footage was likely created for influence and information operation purposes.
Information, especially of a biased, misleading or non-rational nature, used to promote a political cause or point of view
Aktivnye meropriyatiya, or “active measures,” was a term originally used by the Soviet Union (USSR) starting in the 1920s and presently used by the Russian Federation to describe a myriad of covert and deniable political influence and subversion operations, such as establishing front organizations, the backing of friendly political movements, the orchestration of domestic unrest in enemy countries and the spread of disinformation based on foreign policy objectives of the Soviet and Russian governments.
маскировка ("maskirovka") is the Russian doctrine and tactics of military denial & deception
Reflexive Control is a uniquely old Soviet Union (USSR)—and now Russian Federation—concept of a campaign that feeds an adversary select misdirecting information so that the adversary makes the decisions that Russia wants him/her to. Methods of reflexive control include spreading false information, leaking partial information at opportune moments, and projecting a different posture of Russia than what may actually be true. The goal of reflexive control is to ‘control’ the ‘reflex’ of the adversary by creating a certain model of behavior in the system it seeks to control.
Russian propaganda technique in which large number of messages (text, video, audio, and still imagery) are disseminated rapidly, repetitively, and continuously over multiple channels, such as Internet, social media, satellite television, and traditional radio and television broadcasting, without regard for truth or consistency
United States leaders and others government entities invested in the arrests and operational enforcement actions against cyber adversaries responsible for the ransomware attacks against Colonial Pipeline had a vested, motivated belief interest that Russia would genuinely follow through with President Biden's urgent requests for arrests.
The tendency to seek information that confirms or supports a predetermined position or conclusion.
Tendency to focus on a single piece of information when making a decision or assessing a situation, this is often one of the first pieces of information acquired by the individual.
A form of motivated reasoning, this is both a cognitive and social response, in which individuals, consciously or unconsciously, allow emotion-loaded motivational biases affect how new information is perceived. In particular, information is often interpreted to correspond with hope/wants/wishes and information to the contrary is ignored.
Affective responses--emotions, moods and feelings--effect cognition and perception. Media that intentionally causes a high degree of emotional load can significantly image how target audience member perceives and thinks about the subject of the media.
Both humans and automation may be targeted by synthetic media attacks. This criteria references whether the target of the attack was human or automation. The highlighted icon represents the intended target of this submitted media.
Human
Technical
Hybrid
Unknown
A measure of if the attack was constructed by a human or by artificial intelligence. The highlighted icon represents the method of control of this submitted media.
Human
Automation
Hybrid
Unknown
The medium is the format of the content submitted. Highlighted items represent all of the various formats contained in the submitted content.
Text
Image
Video
Audio
Technical complexity of the atttack.
How damaging the attack was intended to be.
In what has many hallmarks of Russian information operation efforts, the video footage was likely created to pacify, deceive and shape the decision making United States government leadership.
Decision paralysis is (also known as choice paralysis or analysis paralysis) is phenomena that occurs when presented with a number of options the more difficult it becomes to make a choice.
Psychological Pressure is the stress felt from perceived serious demands imposed on one person by another individual, group, or environment.
Leading the target audience to believe that something acceptable or benign is occurring to reduce vigilance.
Creating the perception of insurmountable superiority or futility to resist
Intentional strategy and tactics meant to mislead, misdirect and manipulate the perceptions of a target audience through simulation (showing the false) and/or dissimulation (hiding the real)
While the media content is not synthetically created, the media footage was likely created for influence and information operation purposes. The respective areas in the Deepfake Kill Chain inform areas of cyber media deception.
Motivation is the underlying activator, purpose or sustained reasons for why the deepfake threat actor wants to create nefarious synthetic media.
Pacify, deceive and shape the decision making United States leadership
Targeting is the threat actor’s intentional selection of a target audience, or the group or individual whom he is interested in impacting with his deepfake campaign.
United States government leadership; United States and global audiences for influence and manipulation by Russian Impression Management efforts.
Research & Reconnaissance occurs when the threat actor is effortfully gathering information about the target audience, the optimal channels to conduct their campaign on, the relevant narratives for the attack, and type of content that will have the desired impact on the target audience.
No case specific insights generated.
Preparation & Planning are the steps and processes that the threat actor takes to acquire the tools and content needed to create the deepfake media for their campaign and their deliberation for the execution of the campaign.
No case specific insights generated.
Production is the threat actor’s use of tools and content for the creation and development of deepfake media for their attack campaign.
No case specific insights generated.
Narrative Testing. A narrative is a story, or an account of related events or experiences. A good narrative will have story coherence, such that both the story being told and its relationship to the real world are cohesive and clear. In deepfake campaigns, threat actors consider and evaluate the possible narratives—particularly in relation to events and context—to support the campaign in an effort to maximize the believability and efficacy of the attack.
Narrative framing of Russia performing benevolent, responsible and international comity enforcement actions.
Deployment is the threat actor’s intentional transmission of deepfake content to the target audience through selected online channels.
Video & audio rich media over the Internet.
Amplification is the threat actor’s intentional efforts to maximize the visibility, virality and target audience exposure to their deepfake content.
Social media, news outlets
Post-Campaign is the period after the target audience has received and been exposed to the deepfake content.
Timing of the video release was only 2.5 weeks before Russian military aggression mobilization.
This type of Russian information operation effort is part of Reflexive Control, meant to exploit United States government leaders' motivated reasoning (desirability biased) that "Russian will do the 'right thing' and genuinely comply with United States requests." -Content such as this should be holistically assessed within the context of known information operation strategies and tactics used by Russia -Content such as this should be compared to historical cases and statistics regarding Russia's true, authentic enforcement action efforts when requested by the United States--particularly when the United States is the target and the offenders are Russian citizens. -Recognize and acknowledge existing hopes and expectations relating to the the arrests. Do these thoughts, feelings, biases and expectations color your perception of the video and the signaled outcome in the video?
Notes:
Translated notes from the video description: The FSB of Russia has established the full composition of the criminal community "REvil" and the involvement of its members in the illegal circulation of payment instruments, and has documented the illegal activities. The basis for the search activities was a request from the competent US authorities, who reported the leader of a criminal community and his involvement in attacks on the information resources of foreign high-tech companies by introducing malicious software, encrypting information and extorting money for decrypting it. As a result of a set of coordinated investigative and operational search activities at the places of residence of 14 members of an organized criminal community, funds were seized: over 426 million rubles, including in cryptocurrency, 600 thousand US dollars, 500 thousand euros, as well as computer equipment, crypto wallets used for committing crimes, 20 premium cars purchased with funds obtained from crime. The detained members of the organized crime group were charged with committing crimes under Part 2 of Art. 187 “Illegal circulation of means of payment” of the Criminal Code of Russia.” As a result of joint actions of the FSB and the Russian Ministry of Internal Affairs, the organized criminal community ceased to exist, and the information infrastructure used for criminal purposes was neutralized. #FSB #RUSSIA #HACKERS