“The fact that the 2018 election process moved forward without successful Russian intervention was not a coincidence,” according to U.S. Senator Mike Rounds. The Republican from South Dakota refused to elaborate on specific mission details targeting the Internet Research Agency (IRA) in the Washington Post. Rounds added, without the aid of United States Cyber Command (USCYBERCOM), there “would have been some very serious cyber-incursions.”
According to the Washington Post (WaPo), Cyber Command, together with the NSA, launched offensive cyber operations against the IRA. The IRA was one of the most blatant offenders of “fake news” during the 2016 presidential elections and it was shut down during the 2018 midterm elections.
Cyber Command actions seem to have taken the International Research Agency completely offline on Election Day, to the extent that IRA workers complained to supervisors about the lack of internet access during the day. “Part of our objective is to throw a little curve ball, inject a little friction, sow confusion,” one anonymous official expressed to the WaPo.
Last summer, the Pentagon increased Cyber Command’s mandate to incorporate offensive clandestine cyber operations, unlike its original mandate which was largely built upon the defense of Pentagon networks. Interestingly, the extended mandate came just months before the 2018 midterms.
The IRA, along with 13 linked actors, was named in the Robert Muller indictments for Russian election meddling in February of 2018. Crimes cited included election meddling by weaponizing Facebook posts to “organize and coordinate U.S. political rallies in support of President-elect Trump.”
The New York Times earlier reported on a combined effort of the NSA and Cyber Command, coined the Russia Small Group (RSG). The team was tasked with: targeting Russian Military Intelligence (GRU) operators and oligarch-backed hackers of the IRA, utilizing direct messaging, along with popups and emails with personal information. Operators were so disturbed that they complained to senior staff about the incident. Furthermore, RSG operators were sent to Macedonia, Montenegro, and Ukraine to shore up their defenses against Russian cyber active measures.
The forming of RSG and the latest efforts come under the new NSA and U.S. Cyber Command commander, Army Gen. Paul Nakasone. The new directive of “persistent engagement” relates to the continued confrontation of adversaries in the cyber domain and sharing with partners. In an interview with Joint Force Quarterly, General Nakasone described it as “acting outside our borders, being outside our networks, to ensure that we understand what our adversaries are doing.”