· Competitive Intelligence – relevant information collected on target consumers and competitive rivals attempting to sell similar products or services
o Starting at least in or around 2014, Defendants and their co-conspirators began to track and study groups on U.S. social media sites dedicated to U.S. politics and social issues. In order to gauge the performance of various groups on social media sites the organization tracked certain metrics like the group’s size, the frequency of content placed by the group, and the level of audience engagement with that content, such as the average number of comments or responses to a post. (Page 12, Sec. 29.)
o Defendants and their co-conspirators also traveled, and attempted to travel, to the United States under false pretenses in order to collect intelligence for their interference operations. (Page 12, Sec. 30.) Only [Aleksandra] Krylova and [Anna] Bogacheva received visas, and from approximately June 4, 2104 through June 26, 2014, Krylova and Bogacheva traveled in and around the United States including stops in Nevada, California, New Mexico, Colorado, Illinois, Michigan, Louisiana, Texas and New York to gather intelligence… Another co-conspirator who worked for the organization traveled to Atlanta… (Page 13, Sec. 30, part c & d.)
o Defendants and their co-conspirators posed as U.S. persons and contacted U.S. political and social activists. For example, starting in or around June 2016, Defendants and their co-conspirators, posing online as U.S. persons, communicated with a real U.S. person affiliated with a Texas-based grass roots organization. During the exchange, the Defendants and their co-conspirators learned from the real U.S. person that they should focus their activities on “purple states like Colorado, Virginia and Florida”. After that exchange, Defendants and their co-conspirators commonly referred to targeting “purple states” in directing their efforts. (Page 13, Sec. 31.)
· Budget/Resources – money and other organizational resources dedicated to achieving strategic goals
Financing for the agency came from a billionaire Russian oligarch who provides catering for the Kremlin and food for the Russian military. The oligarch, Yevegeniy Prigozhin , is a member of Vladimir Putin’s closest inner circle and is often referred to as “Putin’s Chef.”
o By in or around September of 2016, the organization’s monthly budget for Project Lakhta [code name for broader interference in multiple countries, including the U.S.] submitted to Concord [one of three Russian companies named in the indictment] exceeded 73 million Russian rubles (over $1.25 million U.S. Dollars), including approximately one million rubles in bonus payments. (Page 7, Sec. 11, part b). [The average monthly wage in Russia is currently $675].
o To hide their Russian identities and organization affiliation, defendants and their co-conspirators – particularly [Sergey] Polozov and the organization’s IT department – purchased space on computer servers located inside the United States in order to set up virtual private networks (VPNs). Defendants and their co-conspirators connected from Russia to the U.S.-based infrastructure by way of these VPNs and conducted activity inside the United States – including accessing online social media accounts, opening new accounts, and communicating with real U.S. persons – while masking the Russian origin and control of the activity. (Page 15, Sec.39)
o In or around 2016, Defendants and their co-conspirators also used, possessed, and transferred without lawful authority the social security numbers and dates of birth of real U.S. persons without those persons’ knowledge or consent. Using these means of identification, Defendants and their co-conspirators opened accounts at PayPal, a digital provider; created false means of identification, including fake driver’s licenses; and posted on organization-controlled social media accounts using the identities of these U.S. victims. (Page 16, Sec. 41)
· Operational Initiatives/Actions – coordinated actions at the operational level of the firm to ensure achievement of strategic goals. These are some examples, but not an exhaustive list.
o Defendants and their co-conspirators also registered and controlled hundreds of web-based email accounts hosted by U.S. email providers under false names so as to appear to be U.S. persons and groups. From these accounts, Defendants and their co-conspirators registered or linked to online social media accounts in order to monitor them; posed as U.S. persons when requesting assistance from real U.S. persons; contacted media outlets in order to promote activities inside the United States; and conducted other operations… (Page 16, Sec. 40)
o Defendants and their co-conspirators also created and controlled numerous Twitter accounts designed to appear as if U.S. persons or groups controlled them. For example, the organization created and controlled the Twitter account, Tennessee GOP, which used the handle @TENGOP. The @TENGOP account falsely claimed to be controlled by a U.S. state political party. Over time, the @TENGOP account attracted more than 100,000 online followers_. (Page 15, Sec. 36)
o In or around the latter half of 2016, Defendants and their co-conspirators, through their organization-controlled personas, began to encourage U.S. minority groups not to vote in the 2016 U.S. presidential election or to vote for a third-party U.S. presidential candidate. (Page 18, Sec. 46)
o Starting in or around the summer of 2016, Defendants and their co-conspirators also began to promote allegations of voter fraud by the Democratic Party through their fictitious U.S. personas and groups on social media.” Defendants and their co-conspirators purchased advertisements on Facebook to further promote the allegations. [For example] On or about August 4, 2016 Defendants and their co-conspirators began purchasing advertisements that promoted a post on the organization-controlled Facebook account “Stop A.I.” The post alleged that “Hillary Clinton has already committed voter fraud during the Democrat Iowa Caucus”. On or about November 2, 2016, Defendants and their co-conspirators used [Twitter account@TENGOP] _to post allegations of #VoterFraud by counting tens of thousands of ineligible mail in Hillary votes being reported in Broward County, Florida. (Page 18, Sec. 47)
o In or around late July 2016, Defendants and their co-conspirators used Facebook group “Being Patriotic” the Twitter account @MarchforTrump, and other false U.S. personas to organize a series of coordinated rallies in Florida. The rallies were collectively referred to as “Florida Goes Trump” and held on August 20, 2016. (Page 22, Sec. 55) After the rallies in Florida, Defendants and their co-conspirators used false personas to organize and coordinate U.S. political rallies supporting then-candidate Trump in New York and Pennsylvania. Defendants and their co-conspirators used the same techniques to build and promote these rallies as they had in Florida, included: buying Facebook advertisements; paying U.S. persons to participate in, or perform certain tasks at, the rallies; and communicating with real U.S. persons and grassroots organizations supporting then-candidate Trump. (page 23, Sec. 56)
· Employee Job Descriptions – What organizational employees do on a tactical/daily basis to ensure that operational initiatives are a success
o The organization employed hundreds of individuals for its online operations, ranging from creators of fictitious personas to technical and administrative support. The organization was headed by a management group and organized into departments, including: a graphics department, a data analysis department; a search-engine optimization (SEO) department; an information-technology (IT) department to maintain the digital infrastructure used in the organization’s operations; and a finance department to budget and allocate funding. (Page 5, Sec. 10, part a & b) By approximately July 2016, more than eighty organization employees were assigned to the “translator project.” (Page 6, Sec. 10, part d)
o Organization employees, referred to as “specialists,” were tasked to create social media accounts that appeared to be operated by U.S. persons. The specialists were divided into day-shift and night-shift hours and instructed to make posts in accordance with the appropriate U.S. time zone. The organization also circulated lists of U.S. holidays so that specialists could develop and post appropriate account activity. (Page 14, Sec. 33) (Page 17, Sec. 43, part a)
o Specialists were directed to create “political intensity through supporting radical groups, users dissatisfied with the social and economic situation and oppositional social movements.” (Page 14, Sec. 33)
o Defendants and their co-conspirators also created thematic group pages on social media sites, particularly on social media platforms Facebook and Instagram. Organization-controlled pages addressed a wide range of issues, including immigration (with group names including “Secured Borders”); the Black Lives Matter movement (with group names including “Blacktivist”); religion (with group names including “United Muslims of America” and “Army of Jesus”); and certain geographic regions with the United States (with group names including “South United” and “Heart of Texas”). (Page 14, Sec. 34)
o On or about September 14, 2016, in an internal review of an organization-created and controlled Facebook group called “secured Borders,” the account specialist was criticized for having “a low number of posts dedicated to criticizing Hillary Clinton” and was told “it is imperative to intensify criticizing Hillary Clinton” in future posts. (Page 17, Sec. 43, part b)
· Performance Measures – Metrics used to measure success of organizational strategy
o To measure the impact of their online social media operations,Defendants and their co-conspirators tracked the performance of content they posted over social media. They tracked the size of the online U.S. audiences reached through posts, different types of engagement with the posts (such as likes, comments, and reposts), changes in audience size, and other metrics. Defendants and their co-conspirators received and maintained metrics reports on certain group pages and individualized posts. (Page 15, Sec. 37)
o Defendants and their co-conspirators also used false U.S. personas to communicate with unwitting members, volunteers, and supporters of the Trump Campaign involved in local level community outreach, as well as grassroots groups that supported then-candidate Trump. These individuals and entities at times distributed the organization’s materials through their own accounts via retweets, reposts, and similar means. Defendants and their co-conspirators then monitored the propagation of content through such participants. (Page 17, Sec. 45)
While not specifically identified by IRA as performance metrics, the following excerpts from the indictment show the Russian operation to be a stunning success in duping Americans.
Americans joined their online groups:
o By 2016, the size of many organization-controlled groups had grown to hundreds of thousands of online followers. (Page 14, Sec. 34)
Americans attended their rallies:
o On or about August 4, 2016, Defendants and their co-conspirators created and purchased Facebook advertisements for the “Florida Goes Trump” rally. The advertisements reached over 59,000 Facebook users in Florida, and over 8,3000 Facebook users responded to the advertisements by clicking on it, which routed users to the organization’s “Being Patriotic” page. (Page 27, Sec. 71).
Americans amplified their posts:
o On or about August 19, 2016, Defendants and their co-conspirators used the false U.S. persona “Matt Skiber” account to write to the real U.S. person affiliated with a Texas-based grassroots organization who previously had advised the false persona to focus on “purple states like Colorado, Virginia and Florida.” Defendants and their co-conspirators told that U.S. person, “We were thinking about your recommendation to focus on purple states and this is what we’re organizing in FL.” Defendants and their co-conspirators then sent a link to the Facebook event page for the Florida rallies and asked that person to send the information to Tea Party members in Florida. The real U.S. person stated that he/she would share among his/her own social media contacts, who would pass on the information. (Page 29, Sec. 80)
Americans took their money:
o For example, defendants and their co-conspirators asked one U.S. person to build a cage on a flatbed truck and another U.S. person to wear a costume portraying Clinton in a prison uniform. Defendants and their co-conspirators paid these individuals to complete the requests. (Page 23, Sec. 55) On or about September 9, 2016, Defendants and their co-conspirators, through a false U.S. persona, contacted the real U.S. person who had impersonated Clinton at the West Palm Beach rally. Defendants and their co-conspirators sent that U.S. person money via interstate wire as an inducement to travel from Florida to New York and to dress in costume at another rally they organized. (Page 30, Sec. 84)
Americans paid them money:
o Defendants and their co-conspirators also used the [bank and PayPal] accounts to receive money from real U.S. persons in exchange for posting promotions and advertisements on the organization-controlled social media pages. Defendants and their co-conspirators typically charged certain U.S. merchants and U.S. social media sites between $25 and $50 U.S. dollars per post for promotional content on their popular false U.S. persona accounts, including Being Patriotic, Defend the 2nd, and Blacktivist. (Page 34, Sec. 95)
Most troubling lines
Outside the framework of organizational strategy, there were three things in the indictment that stood out to me.
1. The term co-conspirator was used a total of 121 times in the document. While most or all of these references may pertain to unnamed Russians, some may not. The document states: “Defendants knowingly and intentionally conspired with each other (and with persons known and unknown to the Grand Jury) to defraud the United States.”
2. President Trump has tweeted repeatedly that the indictment vindicates him and his associates and proves there was no collusion. Yet, the indictment specifically notes that “defendants and their co-conspirators also used false U.S. personas to communicate with unwitting members, volunteers, and supporters of the Trump Campaign involved in local level community outreach, as well as grassroots groups that supported then-candidate Trump.” Could this imply that the only Trump campaign officials who conspired unwittingly with the Russians were officials at the local level, not national?
3. Perhaps most troubling, where Mueller begins to introduce the detailed nature of the Russian interference, the sentence opens with: “From in or around 2014 to the present.” We are still under attack by Russian trolls.
Last November the Federal Communications Commission voted to gut Obama-era rules protecting net-neutrality of the Internet. We now know that 7.75 million of the 23 million email comments submitted on Chairman Ajit Patel’s proposal ahead of the vote came from FakeMailGenerator.com, Bloomberg reported, and 444,938 messages were from Russian email addresses. New York Attorney General Eric Schneiderman has filed a lawsuit with 22 states attorneys general to block the rollback of net neutrality laws after concluding that, ahead of the vote, 2 million comments were made using stolen identities of Americans. You can search
to see if your identity was among those stolen and used to submit fraudulent messages of support to end net neutrality.
Perhaps most sickening is that there have already been news reports of Russian bots inundating Twitter with tweets related to guns the day after the school shooting massacre in Parkland, Florida. They have no place in our national discourse, our politics, or our grief.
Robert Mueller’s indictment of Russian crimes against our country is just the tip of the iceberg. It is stunning in its scope and level of detail and should be required reading for every American.
Ruth May is a business professor at the University of Dallas and an expert on the economies of Russia and Ukraine. She wrote this column for The Dallas Morning News. Email: firstname.lastname@example.org.
What’s your view?
Got an opinion about this issue? Send a letter to the editor, and you just might get published.