Law Enforcement

DOJ charges Russian national in $35M election influence plot

From DOJ indictment  

These internet memes, allegedly spread on social media by the Russia-backed Operation Lakhta, were included in charging documents released Oct. 19 by the Department of Justice.

In one of the first concrete examples of a foreign interference campaign targeting the midterm elections, the Department of Justice today announced a criminal complaint charging Russian national Elena Alekseevna Khusyaynova with conspiracy to defraud the United States, overseeing financial operations for a multinational social media influence campaign tied to the Russian government.

According to the complaint, from 2014 to the present, Khusyaynova served as the paymaster for a campaign, dubbed Operation Lakhta, that was designed in part to enable interference "with U.S. political and electoral processes, including the 2018 elections."

The conspiracy included the use of fictitious social media personas, pages and groups to target U.S. audiences around divisive political and social issues and "to advocate for the election or electoral defeat of particular candidates." The group staged and promoted political rallies, bought social media analytics products and services as used third parties to buy advertisements on social media platforms. The group also coordinated with the Internet Research Agency, a Russian troll factory that was the target of previous indictments by Special Counsel Robert Mueller's ongoing investigation, as well as other companies like Concord Management, which have shown up in previous indictments.

Khusyaynova is accused of maintaining itemized monthly budgets for the project and requesting funds from Concord for ongoing operations, which were sent through 14 different bank accounts in a series of "vague contracts that obscured or falsely stated the true intended use of the funds."

According to the indictment, the group's proposed operating budget from 2016 to the present was approximately $35 million. Actual spending included millions of dollars to purchase proxy servers, social media marketing services, advertisements, search engine optimization software and other expenses designed to facilitate disinformation campaigns.

The complaint details $60,000 for advertisements on Facebook and another $6,000 for ads on Instagram between January 2018 and June 2018, as well as an additional $18,000 for "bloggers."

Between December 2016 and May 2018, the group used social media and other web-based platforms to sow discord within the American political sphere by tailoring their message to users who were "dissatisfied with the social and economic situation and oppositional social movements. Operators allegedly disseminated memes staking out extreme positions on immigration enforcement and gun rights or looked to tap into prejudice against racial and religious minorities and gays and lesbians. The group also ran messages against specific domestic events, like the 2017 Las Vegas gun massacre that killed 59 attendees at a music festival or the 2017 white supremacist rallies in Charlottesville, Va.

"As the criminal complaint notes," said Sen. Mark Warner (D-Va.) in a statement, "these attacks continue to this day. It is critical for Congress to step up and immediately act to employ much-needed guardrails on social media."

The criminal complaint was released just minutes after the DOJ, the Office of the Director of National Intelligence, the FBI and the Department of Homeland Security released a joint statement expressing "concern" that foreign countries were seeking to influence U.S. politics through social media.

In a press briefing unrelated to the indictments, Christopher Krebs, undersecretary of the National Protection and Programs Directorate, broke down election interference efforts into three categories: technical hacking of election infrastructure, hacking and leaking against political campaigns and broader disinformation and misinformation campaigns designed to influence the views and beliefs of American citizens.

While Krebs and other U.S. officials have continually characterized threats against election infrastructure in the lead-up to 2018 as "well below" those seen in 2016, information operations have become a year-round exercise for many countries.

"That sort of activity is persistent," said Krebs. "We continue to see Russians, and increasingly Iranian and Chinese and other actors, continue to use social media to influence the American public to sow discord and increase divisiveness. That is something that is probably just a tool of the trade from them right now."

"Our planning factor is looking back in 2016 to see what the Russians conducted in terms of spear-phishing campaigns and other sorts of attacks on state and local networks and working to ensure that those sorts of events can't happen again," said Krebs. "But in the meantime, also thinking a little bit more broadly of, ok, if we're not seeing that kind of activity, which we're not, what other sorts of activity might they implement in the last two and a half weeks before the election."

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at [email protected], or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.