Welcome to Codebook: The cybersecurity newsletter that doesn't lie to you.
Tips? Send 'em in to this email address.
Today's Smart Brevity: 1,258 words, <5 minute read
A now-defunct loudspeaker system set up to bombard North Korea with South Korean messaging. Chung Sung-Jun/Getty Images
The international industry of disinformation-for-hire services has already reared its head in Western politics, and it's growing fast.
The big picture: There is no U.S. law that prevents candidates, parties or political groups from launching their own disinformation campaigns, either in-house or through a contractor, so long as foreign money isn't involved. It's up to individual candidates to decide their tolerance for the practice.“These tactics have been used by candidates all over the world,” said Camille François of the social media analysis firm Graphika.
The intrigue: Broadly, U.S. campaign finance laws don’t regulate free social media accounts. Even a vast network of inauthentic bot and troll accounts would likely be treated as a protected form of political speech.
The only firm rules are the boundaries political actors set for themselves.
Axios reached out to the parties to see if they took active stances on the issue.
Meanwhile: Campaigns can act in ways the national party does not endorse, and political committees, in turn, can act in ways the candidates do not endorse.
Secondary school students protest in Hong Kong. Photo: Anthony Wallace/AFP/Getty Images
Earlier this week, Twitter banned state-run media from purchasing advertising after it came to light that Chinese state media had been amplifying disinformation related to the Hong Kong protests.
Why it matters: This isn't the first time that regime-run media has lost ad privileges. In 2017, after U.S. intelligence agencies singled out Russia’s news services, Twitter banned Russia Today (RT) and Sputnik from buying ads. But the new move makes a proactive rule out of a previously ad hoc approach.
Naturally, banned agencies aren’t thrilled. RT complained that it was banned while outfits like the BBC were not, and Chinese media took the narrative that suppressing its freedom of speech was a strange way to promote freedom of speech.
China has a long tradition of focusing disinformation internally. But Twitter is banned from the mainland, so Chinese campaigns on that platform are targeted to an external audience.
The big picture: This is a good reminder that not all Western-facing disinformation comes from Russia.
But, but, but: Not all of these campaigns use ads. “We’ve seen campaigns that spend $0 on ads; we’ve seen those that spend tens of thousands on ads,” said Ben Nimmo of Graphika.
To be sure, the effectiveness of ads for state-based news agencies goes beyond amplifying the news story in the ad.
Kaspersky software is still running on federal agency and contractor systems despite orders to purge the Moscow-based firm's wares, according to a study from Expanse.
The big picture: Two years ago, the Department of Homeland Security directed agencies to remove Kaspersky products due to fears that Russia used Kaspersky Antivirus to find and steal classified documents. Several other federal orders, including one for contractors to remove the products, followed.
But, but, but: "It's actually hard to remove software that comes bundled with hardware," Tim Junio, Expanse co-founder and CEO, told Codebook.
None of this means Expanse found evidence to substantiate concerns that Kaspersky was involved in espionage.
22 Texas towns hit by ransomware attack (TDIR): 22 communities in Texas are working to contain ransomware attacks, the Texas Department of Information first reported over the weekend. The same attacker is believed to be behind all the attacks, state systems were not affected and most victims were apparently governments of small localities.
Browsers unite against Kazakhstani surveillance (Axios): Google, Mozilla and Apple are taking a coordinated action to prevent the Kazakhstani government from using bulk surveillance on citizens' web browsing.
Five fraudsters arrested in swindling of U.S. vets (DOJ): An international crew of 3 U.S. citizens, 1 Australian and 1 South Korean was arrested for allegedly using stolen personal information to bilk thousands of veterans out of benefits.
Facebook audit finds no liberal bias (Axios): In a blow to a conservative talking point that never really had much evidence on its side, an independently conducted, Facebook-funded audit lead by Republican former Sen. Jon Kyl found no bias against conservatives on Facebook.