How one group of ‘fellas’ is winning the meme war in support of Ukraine


Article by Suzanne Smalley: “The North Atlantic Fella Organization, or NAFO, has arrived.

Ukraine’s Defense Ministry celebrated the group on Twitter for waging a “fierce fight” against Kremlin trolls. And Rep. Adam Kinzinger, D-Ill., tweeted that he was “self-declaring as a proud member of #NAFO” and “the #fellas shall prevail.”

The brainchild of former Marine Matt Moores, NAFO launched in May and quickly blew up on Twitter. It’s become something of a movement, drawing support in military and cybersecurity circles who circulate its meme backing Ukraine in its war against Russia.

“The power of what we’re doing is that instead of trying to come in and point-by-point refute, and argue about what’s true and what isn’t, it’s coming and saying, ‘Hey, that’s dumb,’” Moores said during a panel on Wednesday at the Center for International and Strategic Studies in Washington. “And the moment somebody’s replying to a cartoon dog online, you’ve lost if you work for the government of Russia.”

Memes have figured heavily in the information war following the Russian invasion. The Ukrainian government has proven eager to highlight memes on agency websites and officials have been known to personally thank online communities that spread anti-Russian memes. The NAFO meme shared by the defense ministry in August showed a Shiba Inu dog in a military uniform appearing to celebrate a missile launch.

The Shiba Inu has long been a motif in internet culture. According to Vice’s Motherboard, the use of Shiba Inu to represent a “fella” waging online war against the Russians dates to at least May when an artist started rewarding fellas who donated money to the Georgian Legion by creating customized fella art for online use…(More)”.

Applications of an Analytic Framework on Using Public Opinion Data for Solving Intelligence Problems


Report by the National Academies of Sciences, Engineering, and Medicine: “Measuring and analyzing public opinion comes with tremendous challenges, as evidenced by recent struggles to predict election outcomes and to anticipate mass mobilizations. The National Academies of Sciences, Engineering, and Medicine publication Measurement and Analysis of Public Opinion: An Analytic Framework presents in-depth information from experts on how to collect and glean insights from public opinion data, particularly in conditions where contextual issues call for applying caveats to those data. The Analytic Framework is designed specifically to help intelligence community analysts apply insights from the social and behavioral sciences on state-of-the-art approaches to analyze public attitudes in non- Western populations. Sponsored by the intelligence community, the National Academies’ Board on Behavioral, Cognitive, and Sensory Sciences hosted a 2-day hybrid workshop on March 8–9, 2022, to present the Analytic Framework and to demonstrate its application across a series of hypothetical scenarios that might arise for an intelligence analyst tasked with summarizing public attitudes to inform a policy decision. Workshop participants explored cutting-edge methods for using large-scale data as well as cultural and ethical considerations for the collection and use of public opinion data. This publication summarizes the presentations and discussions of the workshop…(More)”.

Supporting peace negotiations in the Yemen war through machine learning


Paper by Miguel Arana-Catania, Felix-Anselm van Lier and Rob Procter: “Today’s conflicts are becoming increasingly complex, fluid, and fragmented, often involving a host of national and international actors with multiple and often divergent interests. This development poses significant challenges for conflict mediation, as mediators struggle to make sense of conflict dynamics, such as the range of conflict parties and the evolution of their political positions, the distinction between relevant and less relevant actors in peace-making, or the identification of key conflict issues and their interdependence. International peace efforts appear ill-equipped to successfully address these challenges. While technology is already being experimented with and used in a range of conflict related fields, such as conflict predicting or information gathering, less attention has been given to how technology can contribute to conflict mediation. This case study contributes to emerging research on the use of state-of-the-art machine learning technologies and techniques in conflict mediation processes. Using dialogue transcripts from peace negotiations in Yemen, this study shows how machine-learning can effectively support mediating teams by providing them with tools for knowledge management, extraction and conflict analysis. Apart from illustrating the potential of machine learning tools in conflict mediation, the article also emphasizes the importance of interdisciplinary and participatory, cocreation methodology for the development of context-sensitive and targeted tools and to ensure meaningful and responsible implementation…(More)”.

Data for Peace and Humanitarian Response? The Case of the Ukraine-Russia War


Article by Behruz Davletov, Uma Kalkar, Salwa Mansuri, Marine Ragnet, and Stefaan Verhulst at Data & Policy: “Since the outbreak of hostilities between Russia and Ukraine on 24 February 2022, more than 4,889 (28,081 according to the Ukrainian government) civilians have been killed and over 7 million people have been displaced. The conflict has had a significant impact on civilians, particularly women and children. In response to the crisis, local and international organizations have sought to provide immediate humanitarian assistance, and initiated numerous initiatives to monitor violations and work toward peacebuilding and conflict resolution.

As in other areas of society, data and data science have become important to tailor, conduct, and monitor emergency responses in conflict zones. Data has also become crucial to support humanitarian action and peacebuilding. For example, data collected from satellite, GPS, and drone technologies can be used to map a conflict’s evolution, understand the needs of civilians, evaluate migration patterns, analyze discourses coming from both sides, and track the delivery of assistance.

This article focuses on the role that data has played in crisis response and peacebuilding related to the Russian-Ukrainian war so as to demonstrate how data can be used for peace. We consider a variety of publicly available evidence to examine various aspects of how data is playing a role in the ongoing conflict, mainly from a humanitarian response perspective. In particular, we consider the following aspects and taxonomy of data usage:

  • Prediction: Data is used to monitor and plan for likely events and risks both prior to and during the conflict;
  • Narratives: Data plays a critical role in both constructing and countering misinformation and disinformation;
  • Infrastructure Damage: Data can be used to track and respond to infrastructure damage, as well as to associated human rights violations and migration flows;
  • Human Rights Violations and Abuses: Data is used to identify and report human rights abuses, and to help construct a legal basis for justice;
  • Migration Flows: Large-scale population flows, both within Ukraine and toward neighboring countries, are one of the defining features of the conflict. Data is being used to monitor these flows, and to target humanitarian assistance;
  • Humanitarian Response: In addition to the above, data is also being used for a wide variety of humanitarian purposes, including ensuring basic and medical supplies, and addressing the resulting mental health crisis….(More)”.

Protecting Children in Cyberconflicts


Paper by Eleonore Pauwels: “Just as digital technologies have transformed myriad aspects of daily life, they are now transforming war, politics and the social fabric.

This rapid analysis examines the ways in which cyberconflict adversely affects children and offers actions that could strengthen safeguards to protect them.

Cyberconflict can impact children directly or indirectly. Harms range from direct targeting for influence and recruitment into armed forces and armed groups, to personal data manipulation and theft, to cyber attacks on infrastructure across sectors critical to child well-being such as education and health facilities.

Many experts believe that the combination of existing international humanitarian law, international criminal law, human rights law, and child rights law is adequate to address the emerging issues posed by cyberconflict. Nevertheless, several key challenges persist. Attribution of cyber attacks to specific actors and ensuring accountability has proven challenging, particularly in the so-called grey zone between war and peace.

There is an urgent need to clarify how child rights apply in the digital space and for Member States to place these rights at the centre of regulatory frameworks and legislation on new technologies…(More)”.

How crowdfunding is shaping the war in Ukraine


The Economist: “This month Aerorozvidka, a Ukrainian drone unit, celebrated the acquisition of four Chinese-made DJI Phantom 3 drones, provided by a German donor. The group, founded in 2014 after the Russian invasion of eastern Ukraine and annexation of Crimea, is led by civilians. The gift is just one example of crowdfunding in Russia’s latest war against Ukraine. Citizens from both sides are supplying much-needed equipment to the front lines. What is the impact of these donations, and how do the two countries differ in their approach?

Private citizens have chipped in to help in times of war for centuries. A writing tablet found near Hadrian’s Wall in northern England mentions a gift of sandals, socks and underwear for Roman soldiers. During the first world war America’s government asked civilians to knit warm clothing for troops. But besides such small morale-boosting efforts, some schemes to rally civilians have proved strikingly productive. During the second world war Britain introduced a “Spitfire Fund”, encouraging civilian groups to raise the £12,600 (£490,000, or $590,000, in today’s money) needed to build the top-of-the-range fighter. Individual contributors could buy wings, machineguns or even a rivet, for six old pence (two and a half modern ones) apiece. The scheme raised around £13m in total—enough for more than 1,000 aircraft (of a total of 20,000 built)…(More)”.

Confronting Reality in Cyberspace: Foreign Policy for a Fragmented Internet


Report by Council on Foreign Affairs Task Force: “…The Task Force proposes three pillars to a foreign policy that should guide Washington’s adaptation to today’s more complex, variegated, and dangerous cyber realm.

First, Washington should confront reality and consolidate a coalition of allies and friends around a vision of the internet that preserves—to the greatest degree possible—a trusted, protected international communication platform.

Second, the United States should balance more targeted diplomatic and economic pressure on adversaries, as well as more disruptive cyber operations, with clear statements about self-imposed restraint on specific types of targets agreed to among U.S. allies.

Third, the United States needs to put its own proverbial house in order. That requirement calls for Washington to link more cohesively its policy for digital competition with the broader enterprise of national security strategy.

The major recommendations of the Task Force are as follows:

  • Build a digital trade agreement among trusted partners.
  • Agree to and adopt a shared policy on digital privacy that is interoperable with Europe’s General Data Protection Regulation (GDPR).
  • Resolve outstanding issues on U.S.-European Union (EU) data transfers.
  • Create an international cybercrime center.
  • Launch a focused program for cyber aid and infrastructure development.
  • Work jointly across partners to retain technology superiority.
  • Declare norms against destructive attacks on election and financial systems.
  • Negotiate with adversaries to establish limits on cyber operations directed at nuclear command, control, and communications (NC3) systems.
  • Develop coalition-wide practices for the Vulnerabilities Equities Process (VEP).
  • Adopt greater transparency about defend forward actions.
  • Hold states accountable for malicious activity emanating from their territories.
  • Make digital competition a pillar of the national security strategy.
  • Clean up U.S. cyberspace by offering incentives for internet service providers (ISPs) and cloud providers to reduce malicious activity within their infrastructure.
  • Address the domestic intelligence gap.
  • Promote the exchange of and collaboration among talent from trusted partners.
  • Develop the expertise for cyber foreign policy.

A free, global, and open internet was a worthy aspiration that helped guide U.S. policymakers for the internet’s first thirty years. The internet as it exists today, however, demands a reconsideration of U.S. cyber and foreign policies to confront these new realities. The Task Force believes that U.S. goals moving forward will be more limited and thus more attainable, but the United States needs to act quickly to design strategies and tactics that can ameliorate an urgent threat…(More)”.

EU digital diplomacy: Council agrees a more concerted European approach to the challenges posed by new digital technologies


Press Release: “The Council today approved conclusions on EU digital diplomacy.

Digital technologies have brought new opportunities and risks into the lives of EU citizens and people around the globe. They have also become key competitive parameters that can shift the geopolitical balance of power. The EU has a growing web of digital alliances and partnerships around the world. It is increasingly investing in digital infrastructure and, under the Global Gateway strategy, in supporting partners in defining their regulatory approach to technology based on a human-centric approach.

Against this background, the Council invites all relevant parties to ensure that digital diplomacy becomes a core component and an integral part of the EU external action, and is closely coordinated with other EU external policies on cyber and countering hybrid threats, including foreign information manipulation and interference.

In this context, to enhance the EU’s Digital Diplomacy in and with the US, the EU will soon open a dedicated office in San Francisco, a global centre for digital technology and innovation.

The conclusions stress the importance of capacity building and the strategic promotion of technological solutions and regulatory frameworks that respect democratic values and human rights.

For this reason, the EU will actively promote universal human rights and fundamental freedoms, the rule of law and democratic principles in the digital space and advance a human-centric approach to digital technologies in relevant multilateral fora and other platforms, promoting partnerships and coalitions with like-minded countries and strengthening cooperation in and with the UN system, the G7, the OSCE, the OECD, the WTO, NATO, the Council of Europe and other multilateral fora, striving to match the progress achieved with the EU’s Green Diplomacy and Cyber Diplomacy…(More)”

Are blockchains decentralized?


Trail of Bits report: “Blockchains can help push the boundaries of current technology in useful ways. However, to make good risk decisions involving exciting and innovative technologies, people need demonstrable facts that are arrived at through reproducible methods and open data.

We believe the risks inherent in blockchains and cryptocurrencies have been poorly described and are often ignored—or even mocked—by those seeking to cash in on this decade’s gold rush.

In response to recent market turmoil and plummeting prices, proponents of cryptocurrency point to the technology’s fundamentals as sound. Are they?

Over the past year, Trail of Bits was engaged by the Defense Advanced Research Projects Agency (DARPA) to examine the fundamental properties of blockchains and the cybersecurity risks associated with them. DARPA wanted to understand those security assumptions and determine to what degree blockchains are actually decentralized.

To answer DARPA’s question, Trail of Bits researchers performed analyses and meta-analyses of prior academic work and of real-world findings that had never before been aggregated, updating prior research with new data in some cases. They also did novel work, building new tools and pursuing original research.

The resulting report is a 30-thousand-foot view of what’s currently known about blockchain technology. Whether these findings affect financial markets is out of the scope of the report: our work at Trail of Bits is entirely about understanding and mitigating security risk.

The report also contains links to the substantial supporting and analytical materials. Our findings are reproducible, and our research is open-source and freely distributable. So you can dig in for yourself.

Key findings

  • Blockchain immutability can be broken not by exploiting cryptographic vulnerabilities, but instead by subverting the properties of a blockchain’s implementations, networking, and consensus protocols. We show that a subset of participants can garner undue, centralized control over the entire system:
    • While the encryption used within cryptocurrencies is for all intents and purposes secure, it does not guarantee security, as touted by proponents.
    • Bitcoin traffic is unencrypted; any third party on the network route between nodes (e.g., internet service providers, Wi-Fi access point operators, or governments) can observe and choose to drop any messages they wish.
    • Tor is now the largest network provider in Bitcoin; just about 55% of Bitcoin nodes were addressable only via Tor (as of March 2022). A malicious Tor exit node can modify or drop traffic….(More)”

How Secure Is Our Data, Really?


Essay by Michael Kende: “Stepping back, a 2019 study showed that 95 percent of such data breaches could have been prevented. There are two main causes of breaches that can be averted.

First, many breaches attack known vulnerabilities in online systems. We are all used to updating the operating system on our computer or phone. One of the reasons is to patch a defect that could allow a breach. But not all of us update each patch all of the time, and that leaves us exposed. Organizations operating hundreds or thousands of devices with different systems connecting them may not devote enough resources to security or may be worried about testing the compatibility of upgrades, and this leaves them exposed to hackers searching for systems that have not been updated. These challenges were exacerbated with employees working from home during pandemic restrictions, often on their own devices with less protected networks.

Second is the phenomenon known as social engineering in which an employee is tricked into providing their password. We have all received phishing emails asking us to log into a familiar site to address an urgent matter. Doing so allows the hacker to capture the user’s email address or user name and the associated password. The hacker can then use that information directly to enter the real version of the website or may find out where else the user may go and hope they use the same login details — which, human nature being what it is, is quite common. These phishing attacks highlight the asymmetric advantage held by the hackers. They can send out millions of emails and just need one person to click on the wrong link to start their attack.

Of course, if 95 percent of breaches are preventable, that means 5 percent are not. For instance, though many breaches result from known vulnerabilities in systems, a vulnerability is by definition unknown before it is discovered. Such a vulnerability, known as zero-day vulnerability, is valuable for hackers because it cannot be defended against, and they are often hoarded or sold, sometimes back to the company responsible so they can create a patch…(More)”.