Microsoft 1984: advertizing antinarrative software "because Ukraine!"

Microsoft published a rather interesting report on "Russian propaganda", Russian cyberwar, et al. https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE50KOK

Among other things, it’s important to base these assessments on accurate data and not be misled into an unwarranted sense of tranquility from the external perception that the cyberwar in Ukraine has not been as destructive as some feared.

This really begs a question, where did that Microsoft, all so publicly committed to privacy, got that accurate data (or did them not?).

Then they go on with sing wr in Ukraine as a tool to advertise Microsoft and other western "public clouds" to keep and process aboriginal nations crytical data.

Prior to the war, Ukraine had a longstanding Data Protection Law prohibiting government authorities from processing and storing data in the public cloud. This meant that the country’s public-sector digital infrastructure was run locally on servers physically located within the country’s borders. A week before the Russian invasion, the Ukrainian government was running entirely on servers located within government buildings—locations that were vulnerable to missile attacks and artillery bombardment.

Ukraine’s Minister of Digital Transformation, Mykhailo Fedorov, and his colleagues in Parliament recognized the need to address this vulnerability. On February 17, just days before Russian troops invaded, Ukraine’s Parliament took action to amend its data protection law to allow government data to move off existing on-premises servers and into the public cloud. This in effect enabled it to “evacuate” critical government data outside the country and into data centers across Europe. Several tech companies rallied to help. At Microsoft, we witnessed and supported the speed required for this transition. Within 10 weeks, Ukraine’s Ministry of Digital Transformation and more than 90 chief digital transformation officers across the Ukrainian government worked with the company to transfer to the cloud many of the central government’s most important digital operations and data. Microsoft has committed at no charge a total of $107 million of technology services to support this effort, which has reached 20 ministries and more than 100 state agencies and state-owned enterprises. (In total, Microsoft has provided $239 million in financial and technology assistance to support Ukraine, including support for the government, businesses, nonprofits, and humanitarian assistance for refugees.)

Fedorov’s urgency was prophetic. An early target of Russian missile attacks was a Ukrainian government data center. And as discussed further below, the Russian military has targeted the government’s on-premises computer networks with its destructive cyber “wiper” attacks. One reason these kinetic and cyberattacks have had limited operational impact is because digital operations and data have been disbursed into the public cloud. This highlights a critical difference between protecting public-sector data in a time of war instead of peace. Some governments around the world have pursued initiatives in recent years to centralize government digital operations in so-called sovereign data centers that are more specialized, locally controlled, and located within a country’s borders. While there are some factors that make this appealing from a national security perspective in times of peace, the last few months in Ukraine illustrate the very different defense needs that prevail during a war.

Notes:

1. Fedorov was "prophetic" to predict the war as early as February 17th. Well, it is easy to predict what you kickstart yourself, isn't it?
2. The propaganda vehicle to copy all Ukrainian national data to Microsoft cloud was "prophetically" predicted "missile attacks and artillery bombardment", however that prophecy was not fullfilled and instead they had untraceable and almost unproveable "destructive cyber “wiper” attacks". So very prophetic...
3. It is then just assumed (good citizens do not ask questions) that is was Microsoft public clowd that defeate those cyberattacks, and that Ukraine won't be able to twart those attacks on her own. I can only recall that Microsoft (GitHub) and Amazon (S3) unleashed massive DDoS attack on Amazon competitors (like DHL) and Russian media and Russian gov't sites. That attack was very effective in the first two weeks, but after 4 weeks Russian infrastructure was reconfigured/increased and (from inside Russia at least) that cyberattack is hardly noticeable any more. So i assume Ukraine also could adapt to cyberwar on their own, and that is why Microsoft advertized "missiles and artillery", to misguide readers from the actual events.
4. i also want to remind about "Internet2" - it is a common point that thewre is a "public perimeter" of any network, and there is internal, secure volume. While DDoS attacks coming from public internet can indeed overwhelm "public gates" it does not necessarily have any effect upon *internal* network. There is no unavoidable translation from inaccessability of public e-government to people and foreign media (goal and effect of any succesfull DDoS attack, like one being run by Microsoft and Amazon against Russia) to paralysis of *internal work* of government (or any other targeted entity).
5. Now that ALL of Ukro-government data was, on the false pretext of "missile bombardment", donated to Microsoft cloud, we can only guess what use Western governments would make of that data trove.

Russian malware families used for destructive attacks • SonicVote, aka HermeticRansom • CaddyWiper • FiberLake, aka DoubleZero WhisperGate, FoxBlade, DesertBlade, and CaddyWiper are all malware families that overwrite data and render machines unbootable. FiberLake is a .NET capability being used for data deletion. SonicVote is a file encryptor sometimes used together with FoxBlade

Now, this is one (more) big pile of shit. 1. "render machines unbootable" is what "script kiddies" do against illiterate home users. Serious attackers do not do this, because for any serious target it would only mean an hour or two of disruption (until the machine is restored from a regular backup copy). This "sophisticated" attack is akin to WW2 era spies coming out of the dark and starting an overt killing spree, with rubber bullets. The only effect this can have is exposure and elimination of malware/spy. 2. "Ransomware" and "file encryptor" (which is the same, goal and method) is absolutely an army toolbox. Because what else do nations need armies than wriggling ransom out of panicking home users, who did not bother to backup their stoves of home porn. for any remotely serious target this would be the same as above: consider encrypted data destroyed and recover it from an hour-ago backup copy. Frankly, this equation "army = ransom" is so western an idea that i can not help thinking "projection". 3. Furthermore, ".Net capability" to double-delete files is so absurd, it clearly is "из пушки по воробьям" or Rupy Goldberg machine. Military weapon has to be self-sufficient and rugged. Depending on very complex (thus, fragile) .Net infrastructure (and then of a specific certain version - and there are many - which can be NOT installed on a specific machines) is akinf to "Nigerian virus" joke (e-mail: i am Nigerian hacker, i am almost illiterate so i could not make program deleting your files, so please delete your files yourself and then send this letter to all your friends. Thank you.). Even USA DoD grade multi-pass deleting does NOT require any .Net (see "Eraser" FLOSS for home use, if needed).

Microsoft’s Threat Intelligence Center (MSTIC)... In the private sector, an organization such as MSTIC now has the benefit of visibility created by 24 trillion signals that Microsoft receives daily from devices and cloud services across a global ecosystem.

What "private sector" even means here is opaque to me. But "24 trillions of data uploads Microsoft gets every day without scrutiny" is an interesting figure. I can only remind, that starting with Microsaoft Office 2016 (or was it 2019) all the documents you edit in Word or Excel; are automatically uploaded to Microsoft servers "for compatibility checking". User can find and tick a checkbox prohibiting this documents donations, but that requires to know about it in advance. Also it was shown that Windows 10 ignores some prohibitions of "telemetery" uploading, so those privacy checkboxes in Microsoft products are are often "make belief", placebo.

Since the start of the war in Ukraine, MSTIC’s detections have found that Russian actors have been successful 29 percent of the time. In a quarter of these successful intrusions, MSTIC identified incidents that led to the successful exfiltration of an organization’s data. ...and in particular the extent of data exfiltration, likely understates the extent of Russian cyber espionage success.

So, Microsoft - by their own words - gets 24T documents (auto-generated briefs or copied verbatim from naive users) daily, promising in exchange give their users security. Microsoft says "we would spy on you but in exchange we make sure no one else will". But then Microsoft says "more than 29%" - as much as 1/3 !!! - non-Microsoft attacks are succesfull. How can this be considered a fair deal is beyond me.

Like the patient pre-positioning of malware within an organization’s computer network, Russian cyber influence operations pre-position false narratives in the public domain on the internet. This pre-positioning has long helped more traditional Russian cyber activities, especially if IT administrators scan their most recent network activity. Malware that sits dormant for an extended time on a network therefore can make its subsequent use more effective. And false narratives that sit unnoticed on the internet can make subsequent references to them seem more credible.

That was pure bliss.

Microsoft LITERALLY CLAIM that publishing Russian point of view and uncomfortable for the West facts - "pre-position false narratives in the public domain on the internet" - somehow defeats "IT administrators scan their most recent network activity".

This is beyond absurd.

I would casually mention that West was "planting false narratives to sit unnoticed" centuries before Internet was conceived (Internet was designed as US Army military device against a swiping USSR nuclear attack, so it could not be even envisioned before 1970-s). I would also mention that West used to say that existing of false narratives is a necessary price for freedom of speech and freedom of scientific inquery, because there is no any "a priori" formal ditinction between true and false narratives, but only "a posteriory" crytical review.

So basically Microsoft just added to the propaganda that censorship in the West should be automatic, all-encompassing, and retro-active like "antivirus" engines. I wonder how long it would take for similar retroactively censoring "antinarrative" engines to become part of Microsoft Windows Defender. If publishing "Putin's propaganda" was LITERALLY claimed to disrupt "IT administrators" work, then the logical implication is to make the censorship mandatory.

As illustrated in an additional example, on March 7, 2022, the Russians published online with the Permanent Mission of the Russian Federation to the UN a claim that a maternity hospital in Mariupol had been emptied and was now being used as a military site. On March 9, two days later, the Russian military bombed the hospital. When UN officials reacted with concern, a Russian representative immediately tweeted that the concern was “fake news,” citing the prior report.

This long debunked hoax is still promoted. With the typical Western twist "we would discuss where the hospital was empty or not after you accede to the bombing event and to it being done by Russia". And with the demand to retroactively destoy any counter-arguments, because any references to "false" history in perfectly Orweilian modus opoerandi are retconned as "pre-planted false narratives" literally equal to "unnotices computer viruses".

Looking beyond these examples, it’s possible to track and calculate the creation and consumption of Russian propaganda more broadly. Microsoft’s AI for Good Lab has created a Russian Propaganda Index (RPI) to monitor the flow of of news from Russian state-controlled and -sponsored news outlets and amplifiers. This index measures the proportion of this propaganda flow to overall news traffic on the internet, and is enabled for geographical regions, online channels, and infrastructure providers such as registrars and webhosts. The Lab has also developed AI tools to detect new propaganda sites as they appear, using data from a wide variety of internet sources and other identifying characteristics to determine and forecast which new domains may be candidates for foreign cyber influence operations. This technology is used in conjunction with sources from third-party reviewers, such as NewsGuard, and the Global Disinformation Index (GDI) to help us define which sites are known purveyors of state-sponsored media

Here it goes. Microsoft advertises their automatic "antinarrative" software, ready to proactively destroy backup copies of "wrong history" before public has chance to find and read and save it.

I can only yet futily again repeat the need for automatic "copy-on-read" serverless (p2p) networks (real ones like i2p and maybe ZeroNet and maybe Matrix) and the need to distinguish it from gatekeepers-based "Web 3.0" hoax.

Using internet data and these techniques, it’s also possible to identify the social media, search, and other sites that are being used to encourage and channel traffic to these stories.

Exactly. Microsoft uses the opportunity of war in Ukraine to sell their global anti-dissent services to TPTB.

Using these techniques, the RPI can be used to chart the consumption of Russian propaganda across the internet and in different geographies on a precise timeline. The two graphs below show that consumption of narratives from Russian-controlled and -sponsored sites across the internet rose sharply in both Ukraine and the United States in the initial weeks after the war began. The surge in Ukraine represents an increase of 216 percent, while the spread of Russian propaganda in the United States increased by 82 percent.

The interesting thing here is the implicit definition of "consumption", which actually means "reposting", "retweeting", archiving, backing up, copying and re-publishing. It is not "reading" or "watching" or "lisening" as a layman idea of "consumer" would suggest. It is - "aplificating". It is about "enablers" and "influencerS" not about "sheeple".

Page 16 features "Top 5 Russian propaganda articles in the US based on visits (February)" and that is presented as a proof of "pre-planted narrative". Microsoft: And it’s possible to identify, as shown below, the specific reports and narratives that attain the highest consumption levels...

None of those 5 articles were given a specific date attribute, which should be required to proof they were "pre-planted" whatever that meant. None of those 5 articles were given hyperlink or any other exact attribution, only a selective quote and blurred out "screenshot".

The expanded use of public data illuminates the extraordinary contrast in vaccine messaging on a site like RT. For example, the most widely accessed relevant story on RT in Russian suggested that lockdowns and booster shots prevent COVID-19 transmission, while the most widely accessed story in English asserted that vaccinations fail to curb transmission and are ineffective against new strains. While democratic societies rely on the public to discern what is true and what is false, logic makes plain that both these stories cannot possibly be true at the same time.

Sounds damned, until we recall that in the Orweilian newspeak Microsoft chosen to use instead of English "accessed" means "reposted" and "discussed" by public.

What Microsoft actualyl said was that * Russian-speaking audience was most attracted - to repost and/or discuss - with pro-lockdowns articles, while * English-speaking audience was most attracted - to repost and/or discuss - with anti-lockdowns articles. How should one interprete it is an interesting question, for example it can be interpreted that lockdowns in Russia were too soft and too much ignored (as perceived by Russian-speaking online active strata), while lockdowns in "anglo-saxon world" were on contrary perceived too harsh and too much enforced.

There can be other interpretations of course, but none of them include "Putin's evil machinations" implied. Whatever Putin's plans could be, Microsoft reports on PUBLIC ACTIVITY of reposting and dicussing, whilke using NewSpeak to conceal it and misdirect readers.

For example, this reflects an estimated average American consumption of Russian propaganda 60 million to 80 million page views per month, enough to make the collective placement resulting from Russian cyber influence on par with a major publication like the Wall Street Journal in the United States

Microsoft again compares apples to.. to something they do not specify. Microsoft compares RETWEETS and DISCUSSIONS of "Russian narratives" to WSJ... what? reads? reposts? somethign else? Microsoft chosen to conceal it.

Microsoft’s data found that four of the five most widely read internet-based propaganda stories in Canada in this period focused on COVID-related protests in Ottawa. These reflected in part on a propaganda narrative suggesting that mainstream media coverage of these protests was inadequate or biased. The start of this surge preceded the arrival of a large convoy of protestors in trucks in Ottawa on January 28. Protestors then occupied areas around the Parliament building the last week of January and the first week of February, and the protests expanded to the Canadian-US border and disrupted trade on February 8, just after propaganda dissemination reached its peak.

Of course, Microsoft swaps cause and effect. People's growing grievances naturally manifested themselves to pro-active search of information, then later to discussing the information found, then later to direct action influenced by this discussion. Microsoft advertisement's target audience of course prefers to read chronicles upside down, to be comforted with inversed idea that public protests were caused by their discussions of imaginary grievances "pre-planted by evil overloard Putin himself".

More interestingly, Microsoft covertly changed the language here, from "consumed" and "accessed" they moved to "read". Which seems to put us against a choice.

1. Microsoft lied. They still measure (by the means of RPI antinarrative engine they described above) what was reposted and discussed, not what was read.
2. Microsoft did monitor private lives of Canadians and does know what they were, privately, reading. Microsoft did not want to admit it, but got a Freudian slip.

Chose your poison.