How to spot a bot
- By Derek B. Johnson
- Sep 04, 2018
Congress, federal agencies and the American electorate have spent much of the past two years grappling with how to respond to a series of Russian-directed online influence campaigns on social media platforms.
Now, a new report provides a deep dive into the behavior and strategies that guide botnet-directed influence campaigns. SafeGuard, a cybersecurity and digital risk company that sells bot detection services, released a report examining 320,000 social media accounts, using crowdsourcing and algorithms to identify bot accounts linked to Russia and examine content and metadata for behavioral patterns.
The company's research focused on Twitter bots and found a strikingly sophisticated methodology. The Russian efforts cut across different ideological and social boundaries but were all designed to push a targeted country's electorate towards a common goal or perception.
"Despite the nomenclature, bots are not a uniform army of automatons blanketing Twitter with the same tweets," the report's authors write. "These bot operations are far more sophisticated than the psy-ops of yesteryear."
Rather than acting as automatons who parrot the same message, SafeGuard's research indicates that many bots have specific and distinct purposes. Some are designed to mimic supporters of President Donald Trump; others downplay the narrative that Russia interfered in the 2016 U.S. presidential elections.
These bots are often "purpose-built to connect with one another to create amplification nodes" that appear to be coming organically from a wide range of Americans, giving a disinformation operation "the paradoxical benefits of [both] individualized specificity and generalized scale."
The research backs up what the U.S. intelligence community and disinformation experts have claimed: that these bots largely do not create division, but rather are designed to exploit and enhance existing discord.
While these different bot networks are always pumping out enough content to give the appearance of a real user, they tend to become more active at specific moments and in reaction to relevant news events.
"The spike is an attempt to intercept the news and the higher volume after the fact represents the continuing campaign to shape perception," the report states.
The report comes amidst a wave of actions over the past month by tech giants like Facebook, Twitter and Microsoft to scrub hundreds of accounts and websites on their platforms that they claim are linked to coordinated foreign influence campaigns.
In an Aug. 31 post, Raj Samani, chief scientist for cybersecurity firm McAfee, said the Safeguard research provided further evidence of the "remarkable" effectiveness and sophistication of botnet-fueled online influence campaigns.
"Leveraging a system of amplification nodes, as well as testing of messaging (including hashtags) to determine success rates the botnet operators demonstrate a real understanding on manipulating popular opinion on critical issues," wrote Samani.
The question of how whether and how much to police social media platforms for bot activity has vexed policymakers at times, who must first be able to accurately identify and segregate foreign-directed online content from the constitutionally protected activities of American citizens and residents.
Sen. Lindsey Graham (R-S.C.) proposed legislation to expand the definition of fraud to cover botnets and malware. At an August 21 congressional hearing, associate deputy attorney general Sujit Raman told Graham that the law would be "very helpful" to the Department of Justice's efforts to protect the 2018 midterm elections and future contests from similar influence campaigns.
Sen. Sheldon Whitehouse (D-R.I.), a cosponsor of that bill, encouraged DOJ to use its existing authorities to crack down on the practice, arguing that there is little societal benefit in allowing parties free reign to leverage automation in the social media sphere.
"There is no good to a botnet as far as I can tell," Whitehouse said at the same hearing. "It's like a weed in the garden; anytime you take one out, it's good."
Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.
Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.
Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at firstname.lastname@example.org, or follow him on Twitter @derekdoestech.
Click here for previous articles by Johnson.