Russian trolls get DM from U.S. Cyber Command: We know who you are. Stop it
The U.S. Cyber Command (USCYBERCOM) is engaging in a campaign to deter further disinformation operations by Russian operatives—individuals like those employed through Russian companies as part of the "Project Lakhta" program described in last week's Justice Department indictment of Elena Alekseevna Khusyaynova—by letting them know that they are being watched.
According to a report from the New York Times' Julian E. Barnes, USCYBERCOM has directed operations to identify, track, and directly message individuals involved in disinformation campaigns associated with the upcoming midterm elections, Arstechnica wrote.
The Cyber Command operation, described by unnamed senior military officials, is limited in scope and does not involve directly threatening Russian operatives. The measured steps are meant to avoid an escalation of operations by Russia to more serious computer-based attacks on U.S. information systems and infrastructure.
The operation reflects a more aggressive stance outlined in President Trump's recent executive order on national cyber strategy, which called for building a stronger deterrent. The new policy was accompanied by a loosening of Obama administration limits on use of offensive "cyber weapons" and a more "offense-forward" posture in information and network operations.
USCYBERCOM, which is led by Gen. Paul M. Nakasone (also director of the National Security Agency), has had a growing role in taking on foreign adversaries on the Internet. During operations against the Islamic State, CYBERCOM launched attacks intended to prevent Islamic State propagandists from accessing social media platforms. But the latest campaign targeting Russians working for private companies not directly funded by the Russian government is relatively new territory for the military command.
Defense officials did not share the means by which warning messages were being delivered to the Russian disinformation operatives identified by USCYBERCOM. While not carrying a direct threat, the warnings being imparted could be interpreted by the recipients as a threat of public exposure, indictment, and sanctions from the U.S. government.