The U.S. Military has purchased software designed to create and control false online personas in an attempt to use social media and other websites to counter anti-U.S. messaging.
According to the contract between US Central Command (Centcom) and California company Ntrepid, the software would let each user control 10 personas, each "replete with background, history, supporting details, and cyber presences that are technically, culturally and geographically consistent." The software would also be able to let personas "appear to originate in nearly any part of the world" and interact through "conventional online services and social media platforms," while using a static IP address for each persona to maintain a consistent online identity.
These false online personas, also known as "sock puppets," would be equipped to seem like real people while entering online discussion through blogs, message boards, chats, and more. With a false persona, a user could discredit opponents, or create the semblance of consensus.
Centcom spokesman Commander Bill Speaks told The Guardian that the software "supports classified blogging activities on foreign-language websites to enable Centcom to counter violent extremist and enemy propaganda outside the US."
The technology would not be used in America, or by American owned companies--which include major social media sites like Facebook and Twitter. "We do not target U.S. audiences, and we do not conduct these activities on sites owned by U.S. companies," Speaks told the Washington Times.
At a senate hearing March 1, Centcom commander James N. Mattis said, "Our enemies operate within cyberspace (and its associated relevant physical infrastructure) to plan, coordinate, recruit, train, equip, execute and garner support for operations against the U.S., its allies and interests. Clearly, in the information age, our military must adapt to this new domain of warfare."
The online persona project is thought to fall under the domain of Operation Earnest Voice, which oversees Centcom's Information Operations, and in the words of Mattis, "seeks to disrupt recruitment and training of suicide bombers; deny safe havens for our adversaries; and counter extremist ideology and propaganda."
The users controlling the personas would be hidden in a variety of ways, including randomizing the IP addresses they accessed the software with, and "traffic mixing," or blending web traffic with that outside of Centcom to provide "excellent cover and powerful deniability."
The strategy may sound familiar. Last month, hacker group Anonymous unloaded a batch of 50,000 emails from security firm HBGary, where documents indicated that the firm was in the process of developing their own persona management software. The document outlined some of the proposed strategies for creating verisimilitude:
Using hashtags and gaming some location based check-in services we can make it appear as if a persona was actually at a conference and introduce himself/herself to key individuals as part of the exercise, as one example. There are a variety of social media tricks we can use to add a level of realness to all fictitious personas