A new battlespace emerged in the post-9/11 counterterrorism era, encompassing the halls of U.S. technology companies and the alleys of Raqqa alike. Today, the United States is engaged in an expansive conflict that requires solutions from the same key players—the private tech industry and the U.S. government. They cannot afford to waste the digital, organizational, and strategic lessons learned from nearly two decades of countering terrorism.
Learning from specific successes in tech sector and U.S. government counterterrorism efforts will optimize the United States’ collective response to the digital disinformation challenges of the future.
Private and public actors should consider five important lessons from countering terrorism: (1) improve technical methods for identifying foreign influence campaign content; (2) increase collaboration among companies; (3) build partnerships between government and the technology sector via public and private analyst exchanges; (4) maintain an offensive posture and devote the resources necessary to keep the adversary on the back foot; and (5) take advantage of U.S. allies’ knowledge.
The following set of recommendations offers opportunities to apply these five lessons to combating foreign influence campaigns. The first two recommendations are aimed at the private technology industry; the third applies to both the tech industry and the U.S. government; and the final two recommendations are directed at U.S. government agencies.
Summary of Recommendations
-- Tech companies should, over the long term, direct a sustainable percentage of engineering capacity to automating the identification of state-sponsored, malign influence campaigns. Companies can leverage existing practices and traditions, like Facebook “hackathons,” to share engineering tasks, build prototypes, and seek new technical fixes for the disinformation problem.1
-- Tech companies should create and fund an enduring disinformation-related consortium among willing companies, modeled after the Global Internet Forum to Counter Terrorism (GIFCT). The goal would be to move toward establishing industry standards on what constitutes disinformation and malign, foreign influence campaigns for U.S. companies.
-- The Office of the Director of National Intelligence (ODNI), in coordination with the private sector, should appoint a body of interagency representatives to create and fund smaller, more forward-leaning fusion cells that integrate public and private sector analysts. Social media companies should lend their threat intelligence analysts (with intelligence agencies providing relevant all-source analysts) to this effort in an enduring dialogue at appropriate levels of classification. If this body meets certain standards of success, the U.S. government should explore appointing a standalone, high-level inter-agency task force to incorporate these cells and possess full responsibility for countering digital foreign influence operations.
-- The executive branch should expand its Cybersecurity Strategy and U.S. Cyber Command’s (CYBERCOM’s) authorities to conduct offensive cyber operations that impose costs on foreign adversaries. However, expanding authorities should stop short of directives to conduct offensive influence operations in foreign countries.
-- The United States should work with democratic allies to exchange best practices from their own efforts in countering foreign influence operations and conducting offensive cyber measures. The United States should use the same convening mechanism to institute a formal method of providing CYBERCOM with the results of this information-sharing and recommendations for action.
Click here for the full report ( PDF pages) on the CNAS website.