Department of Justice and National Intelligence Center reports on active cyber measures (ACMs) carried out by U.S. adversaries on social media display a staggering manipulation of American conversations, journalism, and electoral processes. Unlike Cold War active measures conducted through human intelligence (HUMINT) operations, creating or manipulating an online intelligence asset requires exponentially fewer resources and yields results with far greater scale. However, the U.S. responded to Cold War active measures through defensive counterintelligence and misinformation-debunking programs and through offensive, active HUMINT deterrents, and that same strategy can be used to combat ACMs today.
The Intelligence Community (IC) must work defensively using signals intelligence (SIGINT) and open-source intelligence (OSINT) to detect and neutralize enemy social media accounts, and Congress must create a bipartisan committee (the “Committee”) to communicate declassified information to the American public to expose manipulation of online conversations. At the same time, USCYBERCOM and CIA must work in tandem offensively through a new blend of cyber warfare and HUMINT to deter ACM proliferation and respond in kind, and once again set global military and intelligence standards on U.S. terms.
I. Defensive Posture: Congress Must Create a Bipartisan Committee to Counter Active Cyber Measures
Given that U.S. adversaries are successfully laying siege to the fabric of American political conversations, the U.S. needs to adopt a Cold War-era defensive posture consisting of counterintelligence efforts and increased transparency with the electorate about manipulated conversations. Historically, CIA has collaborated with FBI on counterintelligence efforts to remove compromised and planted HUMINT assets. NSA, CIA, and the Office of the Director of National Intelligence (ODNI) must similarly identify active personas and botnets through a combination of SIGINT and OSINT and collaborate with the social media industry to remove these accounts.
Congress must also establish a bipartisan Committee that receives all-source intelligence from ODNI and CIA and regularly reports foreign ACMs to the American people. According to a Wilson Center report, “during the Cold War, the [IC-based] Active Measures Working Group (AMWG) acted as a fact-checking organization that successfully debunked misinformation and accurately and unbiasedly attributed its sources to governments and the public with well-established authority.” Because “replicating the [AMWG’s] success is unlikely without significant restructuring of the United States intelligence apparatus,” such an effort must instead now rest with Congress. A dynamic Committee declassification and reporting schema for specific, illegitimate social media accounts may risk compromising sources and methods, yet weighing disclosure with asset exposure is a balancing question that policymakers are precisely elected to make. Vesting disclosure power in Congress, as opposed to an IC element, (a) eliminates the need for IC restructuring to accommodate another AMWG, (b) allows the Committee to directly engage in questions of policy and weigh risks with benefits, and (c) enables the Committee to be dynamic and time-sensitive in debunking illegitimate conversations. With the rapid migration of American discourse to a new, politically segregated online medium, manipulated conversations undetectable to the average American pose a severe threat to American cohesiveness and democracy. No longer can IC entities afford to disclose manipulations years after the fact—a more dynamic disclosure system is needed.
Because foreign ACMs promote both far-left and far-right extremists—sowing discontent with government and political processes—it is essential that the Congressional Committee be bipartisan. The elected, bipartisan Committee would be more trusted than the politicized and unelected IC, and it could give itself greater legitimacy by implementing a committee practice requiring that for every illegitimate far-right active persona, botnet, or political rally disclosed by the Committee, a far-left equivalent must also be disclosed. If a Russia-based pro-Trump or anti-Biden active persona were to be disclosed, e.g., a manipulated Russia-based Black Lives Matter or Iranian-based anti-Trump persona would have to be disclosed in turn. Even if the overall quantity of ACMs disproportionately supports one political party, disclosure must remain equal in partisan weight, otherwise the commission would lack legitimacy and contribute towards adversary divisiveness goals. IC elements could then infrequently issue declassified reports like Report on the Investigation into Russian Interference and Foreign Threats to the 2020 U.S. Federal Elections disclosing statistical discrepancies.
II. Offensive Posture: USCYBERCOM Must Deter Active Cyber Measure Proliferation
The U.S. also needs to adopt a Cold War-era offensive posture. Given that ACMs will be used by global intelligence services and militaries for the next century, the U.S. must execute their own deterrent ACMs and give the State Department the upper hand in negotiating international agreements restricting the use and proliferation of such ACMs.
This offensive posture would be paradigmatic of past U.S. active measures strategy. Specifically, CIA must apply its historical work in HUMINT to work with USCYBERCOM to launch social media manipulation aimed at U.S. adversaries. The 2024 Russian presidential election and the 2025 Iranian presidential election are both potential targets for election influence. For example, “Moscow’s authoritarian political system and attempt to control access to information . . . make it vulnerable [and] . . . it may make sense to release information on Russian activity through third parties . . . as Russia did with the e-mails from the Democratic National Committee during the 2016 U.S. elections.” While an aggressive offense may be scary and painfully reminiscent of the Cold War, deterrence and proliferation strategy may very well be permanent paradigms in dealing with the continued introduction of novel weapons and technologies into the world.
In short, the lessons the U.S. has learned in becoming a global superpower can be applied to combat foreign active cyber measures through the establishment of a new Congressional committee and through proven deterrence strategies.