Helsinki Think Tank Tackles Fake News, Novichok and Unknown Unknowns

As Donald Trump and Vladimir Putin pose for the cameras at the Helsinki summit, the groundwork for their talks, at least on the NATO side, was laid by researchers at the nearby Center of Excellence on Hybrid Threats. This uber-think tank is part military, part civilian, EU and NATO, operating in the real world and in cyberspace. Hybrid threats, like the three-headed Chimera slain by Bellerophon in the Ancient Greek myth, combine multiple means of aggression. This think tank is addressing cyber-attacks, physical attacks and psychological warfare, known as ‘psy-ops’.

The Center set out in 2017 to guard against state actors, hobby hackers, terrorists, trolls and propagandists as well as assassins, spy-drones and actual “soldiers without insignia”. (This is an understated euphemism for invaders posing as advisors or “polite soldiers” as they’re known in Lithuania.)

An almost perfect example of a hybrid threat is the spy poisoning scandal that has shocked the sleepy English town of Salisbury in April 2018. Russian/British double agent Sergei Skripal and his daughter Yulia were attacked with novichok, a chemical weapon from Russia’s Cold War stockpile. A local woman, Dawn Sturgess, has died of novichok poisoning and her partner is seriously ill. The propaganda frenzy that followed the Skripal case in mainstream and social media spread fear, uncertainty and doubt. The episode is analysed on the Centre for Hybrid Threats website by Sir David Omand, former director of the UK listening post GCHQ and now a Visiting Professor in War Studies at Kings College London. He criticises Britain’s Foreign Secretary for loose talk around the incident and warns:

“Western politicians and spokespersons need to be prepared for this: every word they say will be analysed and any potential opening provided exploited as part of the propaganda onslaught.”

Sir David is equally caustic in his report on hybrid threats about the Russian propaganda surrounding the use of chemical weapons at Douma in Syria, in April 2017. We can see examples of this on the Russian online TV network commenting thusly:

“Douma will forever stand as a milestone in the moral degeneracy of those handsomely remunerated champions of regime change who colonize the opinion columns of mainstream newspapers”

Propaganda vs Fake News
Propaganda is different from fake news in that it consists largely in reports of actual events, but slanted towards a political agenda. For example, the Russian TV network covers news in a way that is critical and damaging to Western governments, if anyone believes it. Rumours in the western networks may play a similar role. An example of this could be the speculation that the Trump-Putin summit might involve the future fate of Edward Snowden, the US National Security Agency whistleblower who exposed mass surveillance of European and American citizens by intelligence agencies, and who has been granted asylum in Moscow. Russian Foreign Minister Sergei Lavrov has denied the reports and insists “Snowden is his own man”.

Fake news, on the other hand, is manufactured, usually by paid operatives who may not even understand what they are doing. Journalists at Poland’s liberal (opposition) newspaper Gazeta Wyborczka have noticed that pro-government political comments pop up even on the football pages where they are not relevant to the coverage, and sometimes they also see a message that notes ‘0.5 zlotys have been credited to your account’.

At YLE Finnish TV, reporter Jessika Aro became so incensed with politically-motivated online bullies who impersonated her dead father that she literally tracked them down in the real world to a troll farm in Saint Petersburg.

Could paid click-farmers could create enough fake news in Europe’s social media networks to influence the May 2019 European Parliament elections?

And fake news can have political consequences, too. Since the Cambridge Analytica scandal there is a well-founded fear in European capitals: could paid click-farmers could create enough fake news in Europe’s social media networks to influence the May 2019 European Parliament elections? Katja Valaskivi in her Beyond fake news report for the Center examines the evidence that such interventions played a part in the UK’s Brexit referendum campaign and the US presidential election in 2016. She, like the EU’s High Level Expert Group on this subject, rejects the term ’fake news’ and subsitutes ‘disinformation’.

In another of the Center’s reports, Norway-based expert Patrick Cullen borrows from former US Defense Secretary Donald Rumsfeld to explain how the West’s vulnerability to threats from Russia has changed since the Soviet Union faced off the USA, both with their fingers trembling on the nuclear bomb button.

“Whereas Cold War puzzles and mysteries were by and large known unknowns (e.g. we knew what we did not know), hybrid threats are relatively likely to manifest as unknown unknowns (e.g. as threats we are not even aware we are unaware of) “

Useful Idiots

Even this type of activity has its roots in the Cold War, when according to Ivo Juurvee’s report the Russian intelligence agencies relied on unpaid “confidential contacts” and, in a phrase (probably wrongly) attributed to Lenin, on “useful idiots” who would supply information, and spread disinformation, out of ideological conviction that the Soviet Union was a model society.

These days it is hard to imagine such a motivation, since the Russian Federation and the United States are both capitalist. But there are always useful idiots who want to earn money, whether they are in the Veles fake news factory of Northern Macedonia, or the august university city of Cambridge, UK, or anywhere else. And the notion of a so-called “Holy War” between Islam and Christianity also has the power to recruit propagandists and real-world fighters for terrorist outrages.

In many cases, there is not even a law against these activities, because most laws pre-date the internet’s potential for clandestine warfare, in words and in deeds. Some countries, notably Germany have enacted national laws to force the companies that own the platforms to purge fake news and hate speech. So one of the Center’s Communities of Interests (COIs) is updating legal frameworks to clear the way for international co-operation. Here another quote –

You only control what you own

This one attributed to Trotsky – seems appropriate: “You only control what you own”. These giant American networks are commercial companies, making money out of European users’ data and difficult to tax or take to task, as MEPs found when they interrogated Facebook’s Mark Zuckerberg about leaking users’ details to Cambridge Analytica.

Private Critical Infrastructure
Indeed, private ownership is high on the Center’s agenda. For if critical infrastructure is privatised, and owned by foreign companies, what is to stop those companies from economising on cyber security and/or physical maintenance works in order to increase their shareholders’ dividends? The TalkTalk data breach in the UK showed how vulnerable telecommunications networks can be. And cyber security experts at Gartner have warned of the risks inherent in what they call “COTS” (commercial off-the-shelf solutions), which can be subject to supply chain disruption or just plain old obsolescence.

Peter Warren, chair of the UK’s Cyber Security Research Institute, comments: “A hybrid threat can occur just within cyber-space. The hostile actor might set up a DDOS attack to distract attention from a data breach which in turn is a diversionary stratagem to conceal the real intrusion. And then there might also be a psychological attempt to turn the population against their own government, for example by knocking out part of the critical infrastructure.”

Energy supplies are an element of infrastructure that is especially vulnerable to these threats: much of Northern and Eastern Europe relies on Russia for its gas supplies. The Kremlin can turn off the tap, as it did in Ukraine in 2006, 2008-9 and 2014. Alternatives are being actively pursued, in the form of liquified gas from the United States and the Southern Gas Corridor from Azerbaijan via Turkey and the Balkans.

Swapping Vladimir Putin for Presidents Trump, Aliyev and Erdogan might bring new risks, of course. The known danger is that a political crisis might prompt one of these powers to turn off the gas tap. The great unknown is the potential cyber threat to critical infrastructure. A presidential finger on the button is not required. Paid hackers could target Europe’s pipelines, power stations, internet, water, rail and media services, causing massive degradation. Backed by disinformation agents in social networks, they could make large sections of the population believe their own government is to blame for these catastrophes.

“Particularly when securing a nation’s critical infrastructure and developing its resilience, shared responsibility between the public and the private sectors is a necessity”, writes Jarno Limnéll, Professor of Cybersecurity at Aalto University in a Strategic Report for the Center. He cites the GAFA ( Google, Apple, Facebook and Amazon) as crucial partners.


Matti Saarelainen, Federica Mogherini and Juha Sipilä (from left to right) (C) European Parliament Audio Visual Dept

Matti Saarelainen, Federica Mogherini and Juha Sipilä (from left to right)

Hybrid Threats – Intelligence Officer Comments

Facing these multiple “attack vectors” as they are named, the Center for Hybrid Threats has appointed a modern-day Bellerophon, former Finnish intelligence officer Matti Saareleinen. Unlike the Ancient Greek hero, he does not have a winged horse – as far as we know. But he has a staff of 15, a budget of 1.5 million EUR and an array of acronyms which by their very banality have the power to make terrible threats seem far less terrible.

Interviewed for Netopia, Matti Saareleinen reveals a quiet pride in what the Center has done so far:

Q: In the twelve months since it opened, what has been the main achievement?
The main achievement has been getting the Centre running and all our networks established. One year ago the Centre had 9 member states and now there are 16 of them. That is also a clear sign of success.

Q: In the European public’s mind, most propaganda and fake news it thought to originate from Russia. What do your own findings show about the geography and history of these threats?
We look at both state and non-state actors and won’t be focusing on one certain area or a state. In recent years Russia’s activities are been discussed the most in Europe, but Russia is not the only actor.

Q: The Center is a co-operative venture of NATO and the EU. How do the military and civilian branches work together? Or do they operate separately?
Hybrid CoE serves as a platform for EU–NATO cooperation on hybrid threats and is unique in that way. Military and civilian branches work together. By this we refer to our events, trainings and exercises, which are targeted both the military and civilian branches.

Q: What will be the status of the UK after Brexit in relation to the operation of the Center?
The British people voted to leave the institutions of the European Union, but the UK is not leaving Europe. The UK has played an integral role in supporting EU external security priorities. The UK will continue to share information with relevant EU bodies in order to promote a peaceful and secure rules-based international order, in collaboration with the EU and as an active member of NATO.

Q: Research is continuing into automated responses to fake news and hate speech – for example the FRAbot of the EU’s Fundamental Rights Agency. How do you regard these developments, and how much of your own work is automated?
Hybrid CoE is a hub of expertise and our role is to enhance participants’ civil-military capabilities, resilience, and preparedness to counter hybrid threats by organising seminars, trainings and exercises. The Centre doesn’t carry an operational role but is a strategic level actor.

Saareleinen can also count nine Strategic Reports, four workshops and a brainstorm amongst the Center’s successes. In the ancient legend, Bellerophon killed the three-headed monster using molten lead, or hot metal as it was known in the old days of print newspapers. He went on to defeat the Amazons (the tribe, not the online shop). How many more threats to critical infrastructure, terrorist plots and counter-propaganda initiatives are on Saareleinen’s to-do list? Well – for obvious reasons – those statistics are not being shared with Netopia.