Russia Meddling, Round Two: Project Lakhta’s Accountant

The U.S. Department of Justice (DoJ) has shown tremendous patience as it builds its case to identify those involved with the Russian election interference in the United States and elsewhere (Project Lakhta). In February 2018, we wrote of the indictment of 13 individuals and three organizations from within what is affectionately known as the “Trolls of Ogino.” That is the not-too sub rosa infrastructure of Evgeny Prigozhin, who is affectionately known in the Kremlin as “Putin’s Chef,” which includes the Internet Research Agency (IRA) and numerous other entities, mostly shell companies.

On Oct. 19, 2018, the DoJ announced the unsealing of the criminal complaint charging Elena Alekseevna Khusyaynova, the accountant within Project Lakhta. Project Lakhta has been identified as Russian information warfare efforts targeting the populations of the United States and other nations.

As was the case with Al Capone, the accountant’s records are proving invaluable to federal investigators. In this case, they provided to the DoJ a road map to the Russian subversive activities within the United States. Kremlin funding for Project Lakhta exceeded US$ 10 million from January to June.

Project Lakhta Key Performance Indicators

In November 2017 (“Russia Skilled Political Warfare Adversary”) and then again in February 2018 (“Project Lakhta: Russian Meddling Gets Russians Indicted”), we wrote of the two key performance indicators (KPI) by which the Kremlin was most likely measuring its success.

They remain apropos within the context of the criminal complaint levied against Khusyaynova, and we add a third KPI: the recruitment of U.S. citizens to be unwitting participants.

KPI 1: Shape the U.S. election discourse and feed divisiveness into the United States

They took all sides of all divisive issues.

DevOps Unbound Podcast

Their success was measured by the degree to which their efforts incensed the populace of the United States. Examples culled from the criminal complaint and highlighted by The New York Times as topics on which the Russians invested their time, money and effort: anti-Trump Republicans, voter registration, special counsel’s inquiry, mainstream media and immigration.

By any measure, they have been succeeding and the criminal complaint demonstrates that Russia is doubling down in attempting to keep the U.S. electorate at each other’s throats by manipulating media and social media.

KPI 2: Framing the dialogue via ads and fictitious persons

The criminal complaint provides specific examples of both ads and fictitious accounts and personas that Project Lakhta created and utilized across multiple social media platforms. Their analysts in St. Petersburg would identify the issue and then frame the dialog for those creating the social network blurbs—280 characters in length with an inflammatory image for Twitter and longer form with similar inflammatory image for Facebook.

Topics that served as evidentiary examples included:

  • Racism
  • Gun ownership
  • LGBT
  • Fake news/nainstream media
  • Democratic party candidates
  • Republican party candidates
  • Pro-Trump
  • Anti-Trump
  • Terrorism
  • Immigration – sanctuary cities, border wall, migrant caravans
  • Taxes
  • Big government
  • Religion
  • Voting – apathy, registration

Last week, Twitter announced it had identified more than 4 million Russian tweets that were posted by 3,841 fictitious accounts which have been identified as being associated with the Internet Research Agency (Project Lakhta).

KPI 3: Recruit U.S. citizens to be unwitting participants

As noted above, the social networks of Twitter and Facebook were manipulated and continue to be manipulated by the Project Lakhta participants. As the Russians were on both sides of the most divisive topics within the United States, they found success in creating fictitious U.S. personas to recruit unwitting U.S. citizens in the placement of advertisements and management of social network groups.

Four of these “US personas” were identified: “Helen Christopherson,” Rachell Edison,” “Luisa Haynes” and “Bertha Malone.”

The following is an example of how smoothly they were able to engage the services of an unwitting U.S. person to help manage Facebook page and the attendant advertising. The conversation is between Bertha Malone and an unidentified U.S. person.

Security Boulevard - Project Lakhta recruitment excerpt

Russia’s Response

The Russian Ministry of Foreign Affairs characterized the DoJ criminal complaint as pure fiction, as evidence by their Oct. 20 statement:

“The US government, in an ongoing campaign to frighten the US and international public with tales of “Russian hackers and bloggers”, has accused yet another Russian national of attempting to influence US voters. Spreading blatant lies about the mythical “hand of Moscow” for over two years – since the last presidential election – Washington is now trying to play the same card ahead of the upcoming election day: Americans will elect a new Congress on November 6.”

While the Russian Embassy in the United States posted on their Facebook page how this is simply a case of U.S. slogan diplomacy. Characterizing the criminal complaint as:

“The US sanctions mechanism requires all the new ‘justifications’ for functioning. We expected the upcoming mid-term elections to be used as a convenient pretext for further accusations against Russia, accusing us again and again of meddling.”

The Russian Federation is not going to slow down, their economy is feeling the sting of the EU and U.S. sanctions and their per capita GDP is now less than US$8,000 per person. Fomenting divisiveness within the internal politics of the United States and the EU reduces the bandwidth for focus on the machinations of Russia in the world of realpolitik.

The United States and other countries will be well-served to heed the words of President Reagan and invest efforts in the verification of the root sources of information, exposing the existence of fictitious personas and organizations and unwinding the covert action/active measures emanating from the Russian intelligence apparatus.

Christopher Burgess

Christopher Burgess

Christopher Burgess (@burgessct) is a writer, speaker and commentator on security issues. He is a former Senior Security Advisor to Cisco and served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit: Senior Online Safety.

burgesschristopher has 186 posts and counting.See all posts by burgesschristopher

Integrated Security Data PulseMeter

Step 1 of 7

What percentage of your organization’s security data is integrated into a SIEM or data repository you manage? (Select one)(Required)