WASHINGTON – The United States Cyber Command is targeting individual Russian operatives to try to deter them from spreading disinformation to interfere in elections, telling them that U.S. operatives have identified them and are tracking their work, according to officials briefed on the operation.
The campaign, which includes missions undertaken in recent days, is the first known overseas cyberoperation to protect U.S. elections, including the Nov. 6 midterms.
The operations come as the Justice Department outlined Friday a campaign of “information warfare” by Russians aimed at influencing the midterm elections, highlighting the broad threat the U.S. government sees from Moscow’s influence campaign.
Defense officials would not say how many individuals they were targeting, and they would not describe the methods that Cyber Command has used to send the direct messages to the operatives behind the influence campaigns. It is not clear if the information was delivered in an e-mail, a chat or some other electronic intervention.
Senior defense officials said they were not directly threatening the operatives. Still, former officials said anyone singled out would know, based on the U.S. government’s actions against other Russian operatives, that they could be indicted or targeted with sanctions. Even the unstated threat of sanctions could help deter some Russians from participating in covert disinformation campaigns, said Andrea Kendall-Taylor, a former intelligence official now with the Center for a New American Security.
The Cyber Command operations appear relatively measured, especially in comparison with the increasingly elaborate and sophisticated efforts by Russia to use disinformation to sow dissent in the United States.
But the U.S. campaign undertaken in response to Russia’s information offensive is limited in large part to keep Moscow from escalating in response by taking down the power grid or conducting some other reprisal that could trigger a bigger clash between great powers. Compared with traditional armed conflict, the rules of cyberwarfare are not well-defined.
Cyber Command was founded in 2009 to defend military networks but has also developed offensive capabilities. The command shares a headquarters and leadership with the National Security Agency, which collects electronic and signals intelligence. A joint Cyber Command-NSA team has been working on the effort to identify and deter foreign influence campaigns.
U.S. officials also said the campaign is one aspect of a broader effort, which includes purges by social media companies of fake accounts that spread propaganda, to fight Russian intrusion in democratic elections. Cyber Command has also sent teams to Europe to shore up the defenses of U.S. allies and partners so they can combat Russian intrusions on their own government networks, according to defense officials.
U.S. intelligence officials have concluded that Russia is unlikely to try to hack into voting machines or directly manipulate voting results this year. On Friday, the director of national intelligence said state and local governments have reported attempted intrusions into their networks, but that foreign governments have not penetrated voting systems.
But Russian efforts to sway public opinion by spreading false information have continued, and officials said those efforts are becoming more refined, targeting specific groups of Americans. Almost all of the Russian disinformation efforts, according to current and former officials, are aimed at sowing dissent, polarizing the political parties and setting the stage for the 2020 presidential election.
Others said the U.S. government must be ready to go further — cutting off the Russians’ ability to spread propaganda.