The US government says that so far in 2018, Russia’s attempts to meddle in US elections have been limited to social media and disinformation campaigns. But in the eight months since its creation, the group tasked with leading the fight against those sorts of campaigns, the FBI’s Foreign Influence Task Force, has been almost invisible to the public.
There’s no reliable way to quantify what influence such foreign operations have on US opinion, despite the well-documented efforts of Russian groups to influence the 2016 US elections, when Russia’s Internet Research Agency not only conducted a social media campaign designed to rankle American discourse but also paid costumed protesters and organized competing pro- and anti-Islam rallies to instigate conflict. Some of its accounts’ most openly racist and violent sentiments were cited by US media as evidence of the country’s political polarization.
The creation of the FITF, which FBI Director Christopher Wray announced in November, was a response to that campaign. But since the announcement of its creation, almost nothing is known about the task force. Wray’s own remarks have been sparse. The other information has come from people frustrated with trying to work with it.
Speaking last week at the Aspen Security Forum, Wray said that foreign influence operations — as opposed to hacking operations designed to tap candidates’ computer systems or state election systems — comprise the bulk of the Russian election threat so far in 2018. “We haven’t yet seen an effort to target specific election infrastructure this time, but certainly other efforts, what I would call malign influence operations, are very active,” Wray said, adding that their consistent aim is “sowing discord in this country.”
But asked by a reporter how many people work for the task force, Wray declined to share numbers.
The reluctance extends to the FBI in general. An agency spokesperson was willing to confirm to BuzzFeed News that the unit’s name is indeed the Foreign Influence Task Force, a phrase that does not appear on the FBI.gov website, and that it pulls its staff from the FBI’s counterterrorism, cyber, and counterintelligence divisions, which Wray had said in November.
A statement to BuzzFeed News also confirmed its mission: “to identify and combat foreign influence operations targeting our democratic institutions and values. These actions include undeclared or covert efforts to influence U.S. policy, distort political sentiment and public discourse, and undermine confidence in democratic values to achieve other governments’ geopolitical objectives. It is the clandestine nature of those activities that is the basis for the FBI’s investigative interest.”
But the FBI declined to answer how many employees the task force has, whether it plans to issue any formal report before the midterm elections, or if it’s had any successes to date.
One of the task force’s leaders, Jeffrey Tricoli, left in June to work in a law firm, but the FBI pushed back against the idea that the departure seriously hampers the task force's work. "The FBI's Foreign Influence Task Force continues its work without interruption,” a spokesperson said. “The mission of each division and task force is not dependent on any one person.”
Groups outside of the federal government that have worked with the task force describe it as slow to get off the ground and tight-lipped about what it's been able to uncover.
To date, there has been only a single joint meeting between the task force and the major tech companies whose platforms Russian trolls rely on. On May 23, an FBI official and Department of Homeland Security undersecretary Christopher Krebs met with employees of eight of the biggest Silicon Valley companies, including Facebook and Twitter. Participants identified the FBI official as Mike Burham, and say he introduced the task force, but people familiar with the meeting say it was frustratingly one-sided, with the government officials declining to share information on ongoing activities. The FBI declined to talk about personnel assigned to the task force.
No follow-up meeting has been set, an employee at one of the tech companies told BuzzFeed News. Another, a Facebook representative, said that while the company hadn’t acquired intelligence from the task force to date, it was optimistic about working together in the future.
The lack of information has left some members of the Senate Intelligence Committee, the most active congressional body exploring Russian election influence tactics, dissatisfied.
"Staff hasn't briefed us on it. They might," Sen. Joe Manchin, who sits on the committee, told BuzzFeed News.
“The task force hasn’t been particularly active yet,” said another source familiar with the Senate investigation, who wasn’t authorized to speak on its behalf. “We would have liked them to get started up faster.”
In its most recent authorization bill, the committee added language to compel the director of national intelligence to submit a comprehensive report of foreign influence operations and how the US is countering them. The task force’s lack of sharing information influenced that language, the source said.
Russia’s known efforts to meddle with the 2016 election had three major components: hacking Democrats’ computer systems and leaking the contents to WikiLeaks; probing election infrastructure, including scanning states’ online voter registration databases for vulnerabilities; and the Internet Research Agency’s influence operations.
During the 2016 election cycle, Russian military intelligence had stolen emails from Hillary Clinton’s campaign chair by March; they would be posted to WikiLeaks in October. The Democratic National Committee’s computers were hacked in April and their contents were posted to the web in June and July, first on the Russian-created website DCLeaks and then by WikiLeaks.
In this election cycle, only one candidate has been publicly identified as a victim of Russian hacking attempts, Democratic Sen. Claire McCaskill, who said the operation was unsuccessful.
But that information came not from the FBI, but from McCaskill herself. The only hard information about hacking has been divulged by a private company, Microsoft, whose Vice President of Customer Security and Trust, Tom Burt, announced July 19 that the company had disrupted attempted phishing campaigns against three candidates. It’s unclear if McCaskill was one of those.
In 2016, Russian intelligence agents had begun scanning voter databases in June. The only known successful one was Illinois, where that July, Russia copied half a million voters’ names, addresses, and information from drivers’ licenses, according to a July 13 indictment of 12 Russian military intelligence operatives by special counsel Robert Mueller. The Department of Homeland Security, tasked with identifying and stopping hackers who target election infrastructure, said earlier this month that it has detected no similar campaigns so far.
But what sorts of tactics Russia is using to influence Americans through social media or other methods is a black box.
“The troll factory is still in operation in some form. What we don’t know is which of the anonymous troll accounts are genuine Americans and which are the troll factory posing as Americans,” Ben Nimmo, an Atlantic Council researcher who studies online influence tactics, told BuzzFeed News.
To an extent, social media companies have plugged the most obvious holes where foreign influencers can get in. One common Russian troll tactic — though its ability to affect change is questionable — is using controlled botnets to amplify a particular divisive message. Twitter began a massive purge of millions of suspicious and automated accounts this month.
“A year ago, there were botnets out there with 100,000 bots doing the same thing at the same time,” Nimmo said. “As far as I can tell, at the moment, that’s not happening so much. The botnets are much smaller, and they’re having to work a lot harder to work in the shadows.”
One IRA-style site, USA Really, came online in May and began posting fake news stories and videos. But it found it hard to get a foothold. Twitter and LiveJournal deleted USA Really's accounts within weeks, and a planned 4th of July rally in Washington, DC, was canceled when organizers couldn't get a permit.
But other IRA practices are more sophisticated and will be harder for tech companies to address, Nimmo said. One common tactic is to quickly jump from platform to platform — Twitter, Facebook, Tumblr, and Reddit have all declared they’ve deleted batches of IRA accounts. In at least one case, though, the GRU created a fake freelance journalist named Alice Donovan, who successfully published in a number of smaller publications.
In theory, at least, the US intelligence community does have deep insight into operations that the FBI could use to uncover foreign influence campaigns.
Mueller’s indictment, which references specific activities certain GRU officers would conduct on particular computers, shows the depth to which the US intelligence agencies can spy on adversaries’ online operations.
“The indictment actually goes almost to the level of individual computers that were used to do this, which argues that they’ve got a level of access and level of data, at least retrospectively,” Nimmo said. “If they had that level of knowledge of 2016 to 2017, you expect them to have more knowledge than an open-source researcher in 2018.”
By its nature, fighting foreign influence operations, as opposed to conventional cyberattacks, is not something the US government is well suited for, said April Doss, an attorney who has worked at the National Security Agency and for the Senate Intelligence Committee's Russia investigation.
“One of the difficult challenges that the government faces in trying to deal with countering foreign influence operations is that addressing these activities falls between the cracks of different government agencies and authorities, and implicates important US First Amendment and privacy rights,” Doss told BuzzFeed News.
The NSA's and CIA’s broad missions have them looking at foreign targets, making them less than ideal choices to lead the effort of foreign trolls who are often indistinguishable from Americans. The Department of Homeland Security has a foreign influence task force, too, but the FBI takes the lead, a spokesperson told BuzzFeed News. The State Department, which has a group that fights online terrorist recruitment, said it also defers to the FBI on fighting foreign government influence operations.
A spokesperson for the National Security Council, the White House’s clearinghouse for national security strategy across different agencies, told BuzzFeed News that “The NSC has regular and continuous meetings to coordinate a whole-of-government approach to foreign malign influence and election security.”
But the NSC not only doesn’t have a dedicated employee for considering foreign influence operations, it eliminated the position of cybersecurity coordinator in June.
No one is suggesting policing potential Russian influence operations is easy, despite the experience of 2016.
“We saw it in 2016, and we're seeing it right now, how well they integrate into organic online activism,” said Kate Starbird, a University of Washington professor who studies social media manipulation. “They target groups, whether it's the alt-right or Black Lives Matter or Bernie supporters. Right now it's targeting activists around the Palestinian conflict. They don't control those groups, but they cultivate them, and they amplify certain voices and shape the conversation toward strategic goals.”
While some accounts are conspicuously pro-Putin, many blend in well enough to be essentially invisible as foreign trolls, Starbird said. “I know some accounts are IRA because Twitter told me they are, and they don't look anything different from the other accounts. I can't really tell them apart.”
CORRECTION
Tom Burt is the vice president of customer security and trust at Microsoft. An earlier version of this post misstated his role.