Facebook offers opaque update on election security
Facebook executives offered reporters a wide-ranging survey of efforts the social media company is making to boost election integrity worldwide, but said little in its press call Tuesday about what kind of information operations, if any, had already been detected targeting the 2018 U.S. elections.
"We know that Russians and other bad actors are going to continue to try to use our platform before the midterms, probably during the midterms, after the midterms, and around other events and elections," said Nathaniel Gleicher, Facebook's Head of Cybersecurity Policy. "We are continually looking for that type of activity, and when we find things – which, we think, is inevitable – we'll notify law enforcement and, where we can, the public."
Despite several follow-up questions from reporters on the call as to whether that kind of activity had already been detected, Gleicher did not deviate from the answer he provided, adding only that the company was cautious about protecting potential investigations into the matter.
"[W]e always have to be careful about compromising the investigations – either our own, or government – when we're thinking about how to engage with the public on these issues," he said.
Gleicher said the company was using a combination of manual investigations and automatic detection strategies to identify and disrupt efforts by malicious actors to mislead or manipulate users of the platform.
"We're dealing with adaptive, persistent adversaries, not unlike the challenge that information security experts face stopping advanced persistent threat in the world of cyber-enabled espionage," Gleicher said.
The call was one of a series of updates the company has held on its efforts to protect election integrity since it became a central focus for lawmakers and investigators, many of whom have criticized Facebook's executives for not better identifying and raising awareness about information operations that were taking place on its platform in the 2016 presidential election.
Other executives on the call detailed the continued steps Facebook is taking to suppress false news and disinformation, verify the identities of and disclose financial backing for those running political or issue ads, and monitor content by enlisting 27 third-party fact checking partners in more than a dozen countries. The company aims to hire between 15 and 20 thousand employees dedicated to these issues by the end of the year, the officials said.
As has been the case on previous calls, imperfections in all of the systems and practices being put in place were preemptively acknowledged by Facebook's representatives on the call – "We know we have more work to do" was a frequent refrain.
Facebook reportedly convened a meeting in May with other tech giants like Google, Twitter, Apple and Microsoft to work with officials from the FBI and Department of Homeland Security on election security measures and ways to prevent manipulation of social media platforms.
Officials from the FBI, DHS and Office of the Director of National Intelligence have all said Russian efforts spread disinformation continue, though interference in voter databases has abated from levels seen in 2016.
Director of National Intelligence Dan Coats said earlier this month that the intelligence community continues to see "aggressive attempts to manipulate social media and to spread propaganda focused on hot-button issues that are intended to exacerbate socio-political divisions." He said individuals affiliated with the Internet Research Agency – which, alongside 12 of its employees, was indicted by special counsel Robert Mueller in February – continue to create new social media accounts "masquerading as Americans" in order to spread disinformation.
Beyond that, at least one report of known, targeted interference in the 2018 election emerged last week.
During a panel at the Aspen Security Forum, Microsoft's Vice President for Customer Security and Trust, Tom Burt, revealed that the company had found a fake Microsoft domain that had been established as a landing page for phishing attacks. "We saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections," he said.
Burt declined to identify the candidates, though he said their positions made them "interesting targets from an espionage standpoint as well as an election disruption standpoint."
