According to the Washington Post, that cites several U.S. officials, the operation conducted by the U.S. Cyber Command hit the Internet Research Agency in St. Petersburg, the company used by the Russian Government in propaganda and psyops operations.
“They basically took the IRA offline,” said an individual familiar with the events who spoke on the condition of anonymity. “They shut them down.”
“The operation marked the first muscle-flexing by U.S. Cyber Command, with intelligence from the National Security Agency, under new authorities it was granted by President Trump and Congress last year to bolster offensive capabilities.” states the Washington Post.
“The president approved of the general operation to prevent Russian interference in the midterms, officials said.”
The operation was led by Gen. Paul Nakasone, who in July formed the Russia Small Group, a team composed of 75 to 80 people from Cybercom and the NSA.
U.S. officials pointed out that this operation is part of a long-term campaign aimed at preventing further interference in the
“The fact that the 2018 election process moved forward without successful Russian intervention was not a coincidence,” said Sen. Mike Rounds (R-S.D.), who did not discuss the specific details of the operation targeting the St. Petersburg group. Without Cybercom’s efforts, he said, there “would have been some very serious cyber-incursions.”
The attack against the troll factory has happened the day Americans went to the polls and a day or so afterward as the votes were tallied. The timeline of attacks allowed the US government to prevent the Russians trolls from mounting a disinformation campaign that cast doubt on the results.
“The operation also was the first real test of Cybercom’s new strategy of “persistent engagement,” issued in April, involving continually confronting the adversary and sharing information with partners. Cybercom in fall 2018 sent troops to Montenegro, Macedonia and Ukraine to help shore up their network defenses, and the Americans were able to obtain unfamiliar malware samples that private security researchers traced to the GRU, according to officials.” concludes the Washington Post.
“The Cybercom campaign also was part of what Nakasone described in an interview with Joint Force Quarterly as “acting outside our borders, being outside our networks, to ensure that we understand what our adversaries are doing.”
(SecurityAffairs – Troll factory, US Cyber Command)