Meta / Facebook has issued a threat report for November 2021, which focused in particular on “coordinated inauthentic behavior”, “brigading” and massive amounts of user account reports. Six international and national networks were particularly noticeable.
Coordinated inauthentic behavior (CIB for short) is mostly assigned to state campaigns, for example to spread false news about political opponents. The term “brigading” describes the behavior of a group that deliberately devalues comments and tries to destroy discussions with a flood of comments. The “mass reporting” threat encompasses the behavior of targeted groups who accuse people in social networks en masse via reporting functions. In this way, those affected can be locked out of their user accounts for a long time. Brigading and mass reporting have been added to the Meta threat catalog.
As Facebook’s parent company Meta explains, four CIB operations from China, Palestine, Poland and Belarus were discovered in the past few months and removed in November. A network in Italy and France operated brigading, and a network in Vietnam attracted attention through massive account reports.
Anti-Vaccination Networks and Activist Notifiers
The network from Italy and France tried to attack medical staff, journalists and elected officials. An anti-vaccination conspiracy movement called V_V was behind the actions. People in this group, with partly authentic, partly with duplicate and fake accounts, commented en masse on user postings and postings from news agencies in order to intimidate and suppress views. Meta have not blocked all postings from V_V, but continue to monitor the situation.
In Vietnam, a network was noticed to report people en masse using the abuse reporting tool from Facebook so that their user accounts were automatically blocked. This particularly affected people who publicly criticized the Vietnamese government for various violations. The operating network has been removed.
Origin of COVID-19
Meta found “coordinated inauthentic behavior” in networks from Palestine, Poland, Belarus and China. Their activities also targeted international user accounts and were found in several countries.
The Chinese campaign in particular caused a stir because it was about it False news about COVID-19 root cause research should be disseminated (PDF). The network tried to disseminate the information that the US was putting pressure on the WHO to blame China for the emergence of the virus. For this purpose, a Swiss biologist by the name of Wilson Edwards was invented, whose profile and statements were supported by a larger fake user network. In connection with this, 524 Facebook accounts, 20 pages, four groups and 86 accounts were removed from Instagram. The network is believed to have originated from people in mainland China, including employees of Sichuan Silence Information Technology, an information security company, and people associated with state-owned Chinese infrastructure companies around the world.
The network emanating from Palestine was assigned to Hamas by Meta. It targeted people in Palestine, Egypt and Israel. To resolve it, 141 Facebook accounts, 79 pages, 13 groups and 21 Instagram accounts were removed.
31 Facebook accounts, four groups, two Facebook events and four Instagram accounts were assigned to a Polish network, which were then removed. They are said to have targeted Belarus and Iraq and served to deter refugees. The network attracted attention because Meta had examined the developing crisis on the border between Belarus and the EU in more detail.
According to Meta, a campaign from Belarus aimed at target groups from the Middle East and Europe and again turned against Poland. For example, Poland is said to have committed acts of violence against refugees. Here, 41 Facebook accounts, five groups and four Instagram accounts have been removed. The campaign is associated with the Belarusian KGB.
Data sharing for science
Meta has been sharing information and data on its investigations with independent researchers since 2018, including information on more than 150 CIB incidents that have already been processed. The cooperation is hoped for a better detection rate of malicious networks on their own platforms. In the coming months, the company plans to make its data available to even more researchers around the world.