In Aug. 2019, Bobby Chesney (from Strauss Center at the University of Texas at Austin) and Max Smeets (from ETH Zurich and also Stanford University’s Center for International Security and Cooperation (CISAC)) convened a workshop in Amsterdam focusing on military operations in the cyber domain, from a transatlantic perspective. The “Transatlantic Dialogue on Military Cyber Operations—Amsterdam” gathered experts from military, civilian, and academic institutions hailing from a range of countries, including the United States, United Kingdom, Germany, the Netherlands, Denmark, Estonia, and France.

Read the Rest at Lawfare Blog

As a U.S.-China trade deal hangs in the balance and the world’s two largest economies are locked in a race for technological supremacy, concerns have arisen about China’s counterintelligence threat to the United States. In July 2019, FBI Director Christopher Wray told members of the U.S. Senate Judiciary Committee that China poses the most severe counterintelligence threat to the United States than any other country, and described that national security and economic espionage threat as “deep and diverse and wide and vexing.” He noted that the FBI has to contend not only with Chinese officials but also with “nontraditional collectors,” including Chinese scientists and students who are looking to steal American innovation. There are currently multiple legislative proposals in Congress, all of which, in one way or another, are aimed at limiting university collaboration with Chinese nationals and the education of Chinese nationals in “strategic” research fields by U.S. higher education institutions.

These legislative endeavors, however, argues Arthur Bienenstock, co-chair of the American Academy of Arts and Sciences’ Committee on International Scientific Partnerships, may endanger the U.S. science and technology workforce and limit the effectiveness of U.S. academic research, thus weakening the very fields the nation is most anxious to protect.

Bienenstock is also a member of the National Science Board, the governing body of the National Science Foundation, and former associate director for science of the White House Office of Science and Technology Policy. At Stanford, he is special assistant to the President for federal research policy, associate director of the Wallenberg Research Link, and professor emeritus of photon science. At a recent lecture hosted by APARC’s China Program, Bienenstock discussed some of the proposed legislation and federal acts regarding international scientific collaboration with China and their implications for the U.S. scientific workforce. He cautioned U.S policymakers against an expansive interpretation of what constitutes “sensitive research” in strategic areas, such as artificial intelligence and quantum science, and offered a framework for determining when scientific research should be subject to greater control.

[To get more stories like this delivered to your inbox sign up for APARC newsletters]

Image

We must come to terms with reality, claimed Bienenstock, presenting evidence that the United States is no longer the dominant funder of science and technology research; that Chinese nationals constitute a very significant portion of the U.S. workforce in computer science, engineering, and mathematics; and that the U.S. science and technology workforce is highly dependent on Chinese graduate students.

The United States must maintain and strengthen its scientific and technological efforts if it is to maintain a leadership position, Bienenstock said. To do so, he emphasized, U.S. universities must maintain their openness, and lawmakers, in turn, must thoughtfully understand the benefits of collaboration with Chinese scientists and engineers as well as keep the country attractive for Chinese students.

Listen to highlights from Bienenstock’s presentation on our SoundCloud channel. A transcript is available below.

Photo: Arthur Bienenstock (right) and APARC DIrector Gi-Wook Shin (credit: Andrea Brown).

Given much of the recent coverage surrounding security and the fifth generation (5G) of cellular networks, you would be forgiven for assuming that security concerns are largely limited to China in general and Huawei in particular.

This is not the case.

Equally important are the concerns for United States’ security that extend beyond Huawei’s role in the development and deployment of 5G technology. Notably, while Huawei amplifies many pre-existing areas of concern, 5G would represent a significant challenge for American national security even if China was not a peer competitor in the market. 

Read the rest at The Wilson Center

This is the second of a series of pieces we intend to publish on societies and elections at risk from online disinformation. This election monitoring project is somewhat unique: the elections in Libya may not actually happen. We choose to focus on Libya as regional actors are largely unconstrained in their ability to meddle in the country; it is an important test case to see how far malign influence operations can extend.

Libya’s UN-backed Government of National Accord (GNA) has proposed scheduling presidential elections for the end of 2019, though it is unlikely this will happen. Over the coming months the Stanford Internet Observatory will track disinformation in Libya, observing activities of myriad regional actors with both a stake in how Libyan politics unfold and a track record of running overseas social media influence operations.

Political context

Libya has seen continuing violence for several years, with rebel General Khalifa Haftar, head of the Libyan National Army (LNA) forces, controlling large swaths of the country and aiming to take control of Tripoli.

Libya became independent in 1952. Muammar Gaddafi took power in 1969 and ruled until 2011. His rule was characterized by oppression, patronage, and violence, and Gaddafi consolidated control with networks of informants and a climate of fear. In the 1990s international sanctions against the regime (for supporting terrorism) weakened Gaddafi’s patronage machine. In 2011, at the start of the Arab Spring, the Libyan people began to protest the Gaddafi regime. The government was brutal in its response, which caused further and more intense protests. With support from Qatar, the UAE, and France, rebel groups began seizing territory. In the fall of 2011, with NATO support and a US-backed no-fly zone, rebels killed Gaddafi and seized control of the government. A National Transitional Council, which included former government officials who had defected in early 2011, academics, human rights activists, and tribal leaders, took power. The Council transitioned power to an elected General National Congress in 2012.

The GNC lost legitimacy in the years that followed, primarily for failing to provide security to citizens. In response, new parliamentary elections were held in 2014 for the House of Representatives, but the results were contested. This institution’s lack of legitimacy contributed to the outbreak of militia violence later in 2014, and the Libyan government split between the Tobruk-based House of Representatives and executive leadership in Tripoli. Strongman Haftar and his House of Representatives-aligned LNA forces built support in the East. The GNA’s Prime Minister Fayez al-Sarraj maintained control in Tripoli. The most salient points of conflict between the two sides are over oil revenue and control of the Central Bank. The Central Bank is split in two, with the GNA controlling the Tripoli branch and oil revenues, and the LNA controlling an eastern branch. If the GNA were to cut off the LNA from banks, this could precipitate a national financial crisis.

There was an attempt at a peace deal in 2015; the Libyan Political Agreement, as it was known, created a Government of National Accord (GNA) but this deal never secured buy-in from the House of Representatives. In April 2019, after a series of successes in other parts of the country, Haftar began an offensive on Tripoli, bombing a migrant detention center in the process. This caused an outcry from the international community. He took some territory, but it was subsequently reclaimed by the GNA In June 2019.  

The international response to the conflict has been weak because of U.S. indifference, and disagreement among European countries about who to support. Though the US officially supports the GNA, President Trump spoke by phone with Haftar in April 2019 and praised his desire to fight terrorism.

US ambivalence has emboldened regional governments to interfere. The conflict has evolved into a proxy war, with the UAE, Saudi Arabia, and Egypt on the side of Haftar’s forces, challenging Qatar and Turkey’s support for the GNA; the GNA has incorporated elements of the Muslim Brotherhood. Both the GNA and LNA conduct drone strikes, using weapons supplied by Turkey and the UAE respectively, despite an arms embargo that has been in place since 2011.

As of October 2019 the war is at a stalemate, with neither the GNA nor the LNA open to negotiations, though Haftar recently signalled a willingness to open a dialogue. There are ongoing conflicts on the outskirts of Tripoli and in Misrata, Jufra, and Murzuq. Observers suggest that the soonest the elections could take place is early 2020, and only then if the UN can bring all factions to the negotiating table.

Potential disinformation threats

The ongoing conflict has made its way to online spaces, where all sides are spreading disinformation. This information battle is playing out primarily on Facebook and Twitter, and includes repurposing photos and videos to create false stories. For example, the Libyan affiliate of Al-Aan, an Arabic news network based in the UAE (the UAE is pro-Haftar) shared 2011 video footage of military movements, claiming they were recent. When the LNA captured a Portuguese mercenary supporting the GNA, an inauthentic Facebook account claiming to be a popular TV station pushed the untrue narrative that the mercenary was only conducting migrant smuggling surveillance for Europe. This false story went viral in Libya, and was amplified by a Saudi news network, and then The Daily Mail. 

There is compelling evidence of foreign-initiated pro-Haftar social media campaigns. In the weeks preceding Haftar’s effort to take Tripoli, there was a coordinated pro-Haftar Twitter campaign, complete with hashtags such as #SecuringTheCapital (in English and Arabic) that were amplified by bots, some of which participated in pro-UAE and anti-Qatar online campaigns in the past. On the day of the attack on Tripoli, another pro-Haftar campaign emerged with the Arabic hashtag “We support the Arab Libyan army” (#ندعم_الجيش_العربي_الليبي).  The top users of the hashtag were Twitter accounts in the UAE, Saudi Arabia, and Egypt. One account that used this hashtag had organized online campaigns for the Egyptian government in the past. Egyptian and UAE media coverage amplified the hashtag.  

There is speculation that Russia has acted to support the LNA in both the military and digital realms. However, given the uncertainty over which side will consolidate control, Russia has ongoing dialogue with the GNA, and is also considering supporting Saif Al-Islam Gaddafi, Muammar Gaddafi’s son and a possible presidential candidate. In 2018 Haftar traveled to Moscow and met with Yevgeny Prigozhin, who heads both Wagner Group, a private military company with ties to the Kremlin, as well as the Internet Research Agency, the entity involved in numerous global influence operations. Some reports suggest Wagner Group has provided mercenaries and arms to the LNA. In May 2019 Russian citizens Maxim Shugaley, Samer Khasan, and Ali Sueyfan were arrested in Tripoli, accused of attempting to meddle in the upcoming elections. They had been in Libya with Alexander Prokofiev (who escaped arrest), meeting with Saif Al-Islam Gaddafi. All three worked for the Foundation for the Protection of National Values, a Russian NGO headed by Aleksandr Malkevich, who is on the US Treasury sanctions list for spreading divisive and untrue stories on social media in the run up to the 2016 US elections. 

Findings from newly-released Twitter data

Further evidence of UAE and Egyptian ties to Libya comes from files Twitter recently released of removed accounts. Two files – one that Twitter says contains accounts originating in the UAE, and the other with accounts based in the UAE and Egypt that were managed by a company called DotDev – each contain Tweets that are supportive of Haftar, critical of the Muslim Brotherhood, and claim Qatar (and to a lesser extent Turkey) are supporting terrorism in Libya. The tweets were primarily in Arabic and English.

The first file, with accounts based in the UAE, contains 1,325,530 tweets. 2,503 of these (0.2%) contain the word Libya in English or Arabic, and 711 of the 4,248 accounts (17%) tweeted at least once about Libya. 96% of user accounts were created between 2018 and 2019, and the average account had 215 followers. The accounts claimed to be based primarily in the Middle East and North Africa. 

Image

The references to Libya begin in 2012, including one that praised the (translated) “secular liberal coalition” for gaining more votes than a party affiliated with the Muslim Brotherhood in Libya’s parliamentary elections. A small flurry of pro-Haftar Tweets appeared on February 14 and May 20, 2014, days in the vicinity of two Haftar coup attempts. A few of these used the hashtag #الجيش_الليبي_يحارب_الإرهاب (the Libyan Army fights terrorism). In the years that followed, the accounts mercilessly attacked Qatar, claiming Qatar supported terrorism in Libya. “Who would want to loot the capabilities of the Libyan state, overthrow institutions and stealing oil expect [sic] Qatar?” one Tweet said. Tweets also praised the UAE; the hashtag #Libya_UAE appeared 43 times in the file, accompanying statements about UAE’s contributions to security and humanitarian relief in the country. Many tweets retweeted content from @alain_4u, the handle associated with Al-ain.com, a UAE-based media outlet.

A meme an account shared that emphasized the importance of fighting terrorism in (among elsewhere) Libya, while claiming that Qatar is not committed to fighting terrorism.

Days after Haftar attempted to seize Tripoli, accounts retweeted a news headline saying the LNA was trying to liberate Tripoli, using the hashtag DFRLab researched earlier this year: “We support the Arab Libyan army” in Arabic.

Among the accounts Tweeting about Libya, we identified two likely fake online personas. Sara Bitar (@SaraBiitar) and Bilal Hamdan (@BilalHamda). They both claimed to be based in Lebanon and had about 5,500 followers. The accounts were created one day apart on September 2017, and had the same profile photo: a Lebanese woman at a protest, which appears to have been stolen from a 2012 news article. Sara claimed to be a “Political activist with a master degree in political and economics sciences.” We were unable to find any other online presence for either Sara or Bilal. The personas shared the standard narratives about Qatar and Turkey working against the interests of the Libyan people, and retweeted @qatarileaks, an account removed in the next file we discuss.

The second file – the one attributed to DotDev, contained 214,898 tweets between 2014 and 2019. 5,671 (3%) contained the word Libya, and 176 of the 271 accounts tweeted at least once about Libya.  

"The Libyan Army launches the second phase of Operation Flood of Dignity" reads this image tweeted by @binlibyaa, and retweeted by many accounts in the data in 2019.

These tweets had a near-identical tenor to the previous file, extolling the virtues of the UAE and asserting that Qatar is tearing Libya apart. One tweet in September 2017 said: “In order to avoid competing with #Libyan oil, #Qatar conspired to kill #Gaddafi and steal the #oil #QatariLeaks #boycott Qatar”. (We discuss Qatari Leaks below.) In February 2019 tweets alluded to possible Haftar movements: “Infighting Plagues #Qatar’s Arms [sic] in #Libya  #Qatar’s militias in Libya are about to be eradicated, victories of Haftar’s national army put them in a corner #Qatarileaks”. In March 2019, one tweet claimed Qatar’s militias were nearing “total collapse.” Tweets the day after Haftar’s Tripoli offensive said things like: “#Qatar and #Turkey United against Tripoli freedom The #Libyan National Army launched a final blow to terrorism in Tripoli, Seeks to purge the country from the abomination of the Muslim Brotherhood. #Qatarileaks”. A few days later a tweet stated that “Liberating #Tripoli provokes union of terrorism.”

Accounts in this file frequently retweeted @LyOffSpokesman. The account, now suspended, appears to have been a fake account for the LNA spokesman. A different account for the spokesman had denounced it as fake, showing a screenshot with @LyOffSpokesman claiming to be the spokesman's "official account." @LyOffSpokesman was likely a handle managed by DotDev. An account in the data appears with the same April 2010 account creation date (one of the earliest created accounts in the file), and a profile descirption that says it is the (translated) "news account" – perhaps a phrase added in after being called out on Twitter – "for the lieutenant Ahmad Al Mismari, the official spokesperson for the general leadership of the Libyan armed forces."

This image was tweeted by several users, including on May 23, 2019, just weeks after Haftar’s Tripoli offensive.

One of the suspended accounts claims to have been “The Official page of General Khalifa Haftar.” It was created in 2015, and had 2,896 followers. Though the handle is anonymized, engagement with the now-suspended @HaftarOfficial appeared only in May 2019, the only month that the account tweeted in the data, suggesting that may have been the suspended account. The account tweeted official-sounding statements about, for example, being well received in a meeting with the Egyptian President. Tweets from this account received on average 305 likes and 139 retweets. One tweet received 1,323 likes.

One account removed in this file was @qatarileaks, with 70,168 followers. Qatarileaks claims to be a platform to analyze information exposing Qatari support for terrorism; in practice it is simply an anti-Qatar propaganda machine. This account was among the most commonly re-tweeted accounts in both files. In the context of Libya alone, the #qatarileaks hashtag was used 352 times in the DotDev file. With tweets like “Qatar's foolish policies have contributed to the downfall of Libya, but that was the plan all along #Qatarileaks”, (from the first file) this handle linked to qatarileaks.com, a site with almost comically negative stories about Qatar. One story headlined “Death haunts passengers on Qatar Airways” contains no information about any death associated with Qatar Airways. The administrators for the affiliated Facebook Page are located in Egypt, and its Instagram account posts memes (including about Libya) that were shared frequently in the Twitter file. 

A screenshot of Qatarileaks.com/en, as seen on September 24, 2019. 

The about page of Qatarileaks.com.

@binlibyaa is likely another account Twitter removed in the DotDev takedown. While the screen name is hashed, the profile url linked to bnlibya.com. This account tweeted from March to May 2019, and replies to @binlibyaa covered the same time period. @binlibyaa frequently re-tweeted @LyOffSpokesman and @HaftarOfficial, along with links to bnlibya.com articles. That url was registered on April 6, 2019, two days after the start of Haftar’s Libya offensive. The account’s associated Facebook and Instagram accounts are down, and another Twitter account with a similar handle, @bnlibyaa, is suspended.

Alliances and interested parties

Non-aligned interfering party:

• Italy, with a populist right-wing government, is taking a hard line on migrants from Libya. Italy has economic interests in Tripoli and Libya’s south, and a rivalry with anti-populist French President Emmanuel Macron. France is fighting terrorism and smuggling in southern Libya.

Media environment

After the fall of Gaddafi, print, television, radio, and online media outlets flourished as a result of new press freedoms. Many of these outlets are based abroad, with information about their financial backers hard to discern. Many also have strong political slants. Militias frequently compel reporters to publish stories that push their narratives. The BBC has an overview of the slants of the main newspapers, TV stations, radio stations, and news agencies/sites. 

Facebook is the most popular social media platform for both civilians and militias in Libya.

Competing factions use Facebook, YouTube, and Twitter, the most popular social media platforms, to promote their agendas. Estimates for Facebook usage range from 53% to 60% to 65% of the population. In addition, 29% use YouTube and 8% use Twitter. Instagram usage estimates range from less than 1% to 14%. Overall, 58% of the population uses the open internet.

Narrative context

Organized social media campaigns push the following narratives:

1. Claim the opposing side committed war crimes (all)
2. Suggest that Haftar is a force for stability and security for Libya and will fight terrorism (pro-Haftar)
3. Highlight the role of the other side’s foreign backers (all)
4. Emphasize successes in securing or taking territory (all)
5. The UN is failing in its goals for Libya (pro-Haftar)

Hashtags that have likely been part of coordinated inauthentic social media campaigns:

• #SecuringTheCapital / #تأمين العاصمة (pro-Haftar, context here)
• #PeopleOfLibyaWantTheLibyanArmyToSecureTheCapital (pro-Haftar, context here)
• #ندعم_الجيش_العربي_الليبي (We support the Arab Libyan army) (pro-Haftar, context here)
• #WeAreReady (pro-Haftar)

Key takeaways and risks

Libya is a complex case: it’s a country at war, with two competing governments, and seemingly extensive foreign engagement in both the conflict theatre and the media environment. Domestic groups involved in the conflict intentionally share false and misleading content on social media platforms. Evidence suggests foreign disinformation efforts have supported the LNA as well. These efforts will likely increase when elections are scheduled, as domestic groups and foreign backers jockey for power in the new government. The Internet Observatory intends to follow campaigning around Libya’s presidential and parliamentary elections as they develop.

Challenges to studying disinformation in Libya

• Minimal impartial investigative reporting in Libya makes assessing the validity of narratives difficult.  
• Discerning media outlet bias is not always straightforward, further complicating the verification process.

For further reading 

Disinformation assessments

• Removing Coordinated Inauthentic Behavior in UAE, Egypt and Saudi Arabia, Facebook
• Walking on Hot Coals: How Disinformation Is Fueling the Fight in Libya, DFR Lab
• A Twitter Hashtag Campaign in Libya: How Jingoism Went Viral, DFR Lab
• Libyan Hashtag Campaign Has Broader Designs: Trolling Qatar, DFR Lab

News coverage

• Russia’s Wagner Mercenaries Have Moved Into Libya. Good Luck With That, Daily Beast
• A Facebook War: Libyans Battle on the Streets and on Screens, New York Times

Research

• Stopping the War for Tripoli, International Crisis Group 
• At a Glance: Libya’s Transformation 2011-2018: Power, Legitimacy, and the Economy, Democracy Reporting
• Libya Social Media Monitoring, Democracy Reporting

 Regional voices

• The Libyan Center for Freedom of the Press
• Khadeja Ramali, Social data analyst and Middle East and North Africa consultant, @k_ramali

We thank Katie Jonsson, Khadeja Ramali, and Lydia Sizer for helpful feedback on this document.

Eighteen years ago, al-Qaeda operatives hijacked planes, toppled buildings, terrified an entire nation, and killed nearly 3,000 innocents. That the elaborate 9/11 plot went undetected will forever be remembered as one of the intelligence community’s worst failures. For many U.S. intelligence officials, memories of that day remain fresh, searing, and personal. Still hanging over the entrance to the CIA’s Counterterrorism Center is a sign that reads, “Today is September 12, 2001.” It’s a daily reminder of the agency’s determination to prevent future attacks—but also of the horrifying costs when intelligence agencies adapt too slowly to emerging threats.

For a decade after the Soviet Union’s collapse, the CIA and the FBI were mired in Cold War structures, priorities, processes, and cultures even as the danger of terrorism grew. My research has shown that even though many inside and outside U.S. intelligence agencies saw the terrorist threat coming and pressed for change years earlier, they could not get the necessary reforms enacted. The shock of 9/11 finally forced a reckoning—one that led to a string of counterterrorism successes, from foiled plots to the operation against Osama bin Laden. But now, nearly two decades later, America’s 17 intelligence agencies need to reinvent themselves once more, this time in response to an unprecedented number of breakthrough technologies that are transforming societies, politics, commerce, and the very nature of international conflict.

Read the Rest at The Atlantic.