Facebook shut down Russian APT28 trolls before the 2016 U.S. election – TechCrunch
The most interesting part of Mark Zuckerberg’s prepared testimony for congress that was released today shows that Facebook has been fighting Russian election interferences since before the 2016 U.S. presidential race. Facebook shut down accounts related to Russian military intelligence-linked group APT28, which had created an organization called DC Leaks run by fake personas to seed stolen information to journalists.
The Washington Post reported in 2017 that Facebook had detected the APT28 accounts and reported their activity to the FBI, but didn’t detail that Facebook had fought back directly by shutting down their accounts.
Here’s Zuckerberg’s full explanation of the situation:
“Elections have always been especially sensitive times for our security team, and the 2016 U.S. presidential election was no exception. Our security team has been aware of traditional Russian cyber threats — like hacking and malware — for years. Leading up to Election Day in November 2016, we detected and dealt with several threats with ties to Russia. This included activity by a group called APT28, that the U.S. government has publicly linked to Russian military intelligence services. But while our primary focus was on traditional threats, we also saw some new behavior in the summer of 2016 when APT28-related accounts, under the banner of DC Leaks, created fake personas that were used to seed stolen information to journalists. We shut these accounts down for violating our policies.”
This information could give Facebook and Zuckerberg a better defense as he’s questioned by the U.S. Senate Judiciary and Commerce committees Tuesday, then the U.S. House Energy and Commerce Committee on Wednesday. If Facebook can demonstrate that it wasn’t completely asleep at the wheel regarding election interference, it could get softer treatment than if Congress thinks it was caught completely off-guard.