Advertisement

Indictments reveal how Russia’s 2016 election information warfare worked

Russian operatives were able to obfuscate their activities by stealing the identities of U.S. citizens, renting servers based in the U.S. and using a VPN all while posting targeted propaganda on social media, according to Robert Mueller's lengthy indictment.
(Getty Images)

Russian operatives were able to obfuscate their activities in 2016 by stealing the identities of U.S. citizens, renting servers based in the U.S. and using a VPN all while posting targeted propaganda on social media to disrupt American politics, according to a new and lengthy criminal case against multiple Russian nationals.

The Justice Department on Friday released an indictment against 13 Russian individuals and three Russian companies accused of violating federal U.S. criminal law to interfere with the 2016 U.S. presidential election. The defendants are charged with conspiracy to defraud the United States, wire fraud and identity theft.

Special Counsel Robert Mueller’s investigation into Russian interference released the detailed charges Friday, accusing a long list of Russians of supporting Donald Trump’s presidential campaign and working against Hillary Clinton’s candidacy. A recent leak of Julian Assange’s personal messages showed WikiLeaks pushing for the same goal.

“The defendants waged what they called ‘information warfare against the United States,” Assistant Attorney General Rod Rosenstein said on Friday. The indictment includes allegations that the Russians communicated with “unwitting” members of the Trump campaign to coordinate activities.

Advertisement

Mueller’s investigation is ongoing. The special counsel did not offer any comments beyond the indictment.

The indictment says Russians bought U.S. servers to obfuscate their origins while they targeted the American political system with hundreds of fake personas on social media that they developed into “leaders of public opinion.”

The operators set up virtual private networks to open and operate the social media accounts. Prosecutors also say the Russians stole U.S. identities to open accounts at PayPal and bolster their false identities as they purchased advertisements on social media sites.

No word on DOJ’s methods

An open question: How did the U.S. government collect so much evidence from Russian targets? The obvious guess is hacking, but the indictment doesn’t hint at an answer. The DOJ didn’t respond to a request for comment.

Advertisement

The indictment spotlights the Russian Internet Research Agency, a St. Petersburg company engaged in government influence operations, as the key tool used by Russia to interfere in American politics from 2014 to the present, including the 2016 presidential election. The IRA is popularly referred to as a “troll farm.”

“IRA employed hundreds of people with an annual budget of millions of dollars,” Rosenstein said. “The Russians also recruited and paid real Americans to engage in political activities, promote political campaigns and stage political rallies. The Americans did not know they were communicating with Russians, according to the indictment. After the election, the defendants allegedly staged rallies to support the president while simultaneously staging rallies to protest his election. For example, the defendants organized one rally to support the president-elect and another rally to oppose him both in New York on the same day.”

The IRA’s stated goal, according to the indictment, is to use paid internet trolls to “spread distrust toward the candidates and the political system in general.”

The organization paid hundreds of employees to be active on most of America’s most popular social media networks including YouTube, Facebook, Instagram and Twitter.

Concord Management and Consulting LLC and Concord Catering are two Russian companies with government contracts accused of being used to fund, recommend personnel for and oversee the IRA’s actions. The monthly budget for the project exceeded $1.25 million, the indictment says.

Advertisement

The interference operation is referred to as “Project Lakhta.” The money was concealed as payment for software support and development through 14 bank accounts held in the name of Concord affiliates, the indictment says.

The man who controlled Concord is identified as the 57-year-old Yevgeniy Viktorovich Prigozhin. The general director of the IRA was Mikhail Ivanovich Bystrov, who regularly held meetings with Prigozhin about Project Lakhta’s operations, the indictment says.

Another defendant, Sergey Pavlovich Polozov allegedly oversaw the IRA’s IT department. The U.S. charges he bought servers in the United States in order to mask the IRA’s Russian origins and locations while they conducted operations targeting the U.S.

Two members of the IRA are said to have traveled to the United States in intelligence gathering efforts.

The IRA maintained accounts at at least one bank, through PayPal and within various cryptocurrency exchanges using stolen and faked U.S. identities, the indictment says. The accounts allegedly were used to pay for Facebook ads promoting the IRA’s fake personas.

Advertisement

In an effort to throw off investigators, members of the IRA are accused of attempting to destroy evidence including emails and social media accounts used to conduct operations. The IRA paid employees, salaries and bonuses to the defendants in order to create fake American personas online that would address “divisive U.S. political and social issues” by falsely claiming to be American activists, Muller’s indictment reads. To hide their Russian origin, the defendants procured computer infrastructure based partly in the United States.

The indictment highlights one defendant’s email to a family member: “We had a slight crisis here at work: the FBI busted our activity (not a joke). So, I got preoccupied with covering tracks together with colleagues.”

You can read the full indictment below:

Latest Podcasts