Australian Facebook users have been targeted in four highly sophisticated, co-ordinated attacks on the platform, including one campaign that sought to spread disinformation about Covid-19 through fake news services, a Senate inquiry heard on Friday.
The world’s largest social network was also increasingly being attacked by malicious groups paying “disinfo-for-hire businesses,” Senators heard, to flood users with fraudulent news while hiding their own identities.
The revelations came during the fourth public hearing of the Foreign Interference Through Social Media Inquiry, with high-level Facebook employees presenting via video link after unexpectedly cancelling their appearance last year due to a “scheduling issue” thought to be the US election.
Facebook security policy global head Nathaniel Gleicher said the tech giant had identified four “co-ordinated inauthentic behaviour” campaigns targeting Australia recently, which he described as “the most sophisticated tool used by determined adversaries like (nation) states”.
The most recent attack, in August 2020, included posts in English and Chinese, he said, and targeted countries including Australia.
“It engaged on a range of topics — coronavirus was among the many topics they mentioned,” he said.
“(It) used a network of fake accounts to target public debate in the United States, in Australia, in Europe, and across Southeast Asia. They posed as local and regional media entities to make themselves appear more legitimate.”
Other campaigns identified as targeting Australian Facebook users included attacks on “public debate,” and a “financially motivated operation”.
The attacks represented four of 150 co-ordinated disinformation campaigns identified and removed from Facebook in recent years.
But Mr Gleicher said a new trend was emerging to for attackers to pay marketing firms to spread disinformation to Facebook users while hiding the source of the attacks.
“We’re seeing actors that otherwise wouldn’t have the resources or the skills to run an influence operation hiring a firm to do that for them,” he said.
“And in addition we’re seeing more sophisticated threat actors who use these PR firms basically as a way to launder their identity. We can’t always identify who’s behind it.”
Mr Gleicher said Facebook was committing greater resources to identifying security risks on the platform though, under questioning, admitted Facebook was “surprised and did not react fast enough” to Russian interference in the US election in 2016.
Facebook Australia public policy head Josh Machin said the company had “ample appetite” to increase its work with Australian government departments in relation to security threats, particularly in the lead-up to the next federal election.
Executives from Google also appeared before the Senate committee on Friday, but the internet giant’s executive law enforcement and information security matters director Richard Salgado said it had seen no evidence of foreign campaigns trying to influence Australian elections.
“Since 2016, we’ve not seen the co-ordinated foreign influence campaigns targeted at Australia that we have with other jurisdictions including the United States,” he said.
“Some of the disinformation campaigns that do go on originate outside Australia … may effect Australia but not as a target of the campaign.”
Google Australia government affairs director Lucinda Longcroft said misinformation and disinformation had been discovered on its platform and accessible to Australians, however, particularly related to the pandemic.
“Since the beginning of Covid, we have removed about 800,000 videos from YouTube and over 275 million Covid apps from our platform, violating our strict policies in this regard,” she said.
The Senate committee is due to report on its findings in May 2022.