Twitter discloses removal of state-linked information operations
Includes accounts from People’s Republic of China, Russia and Turkey
The permanently removed account sets and related content include operations linked to the People's Republic of China (PRC), Russia and Turkey. Twitter suspended the accounts for violations of its platform manipulation policies. It also shared key data from the disclosure with the Australian Strategic Policy Institute (ASPI) and Stanford Internet Observatory (SIO).
People’s Republic of China (PRC)
Twitter first identified PRC’s activity in August 2019, and technical links in the new network remain consistent with this activity. The proactive removal of these accounts relates to its technical efforts following the study and investigation of the PRC’s past coordinated information operations.
The current PRC disclosure involves two sets of interconnected accounts:
- 23,750 accounts from the network’s highly-engaged core, which did not gain traction on Twitter, and have low follower accounts and low engagement
- About 150,000 amplifier accounts, which have little to no follower accounts and artificially inflate impression metrics by engaging with core accounts; these accounts were not included in the public archive
Accounts in this network engaged in manipulative and coordinated activities, tweeting mostly in Chinese to promote geopolitical narratives about the Communist Party of China and to publish falsehoods about Hong Kong politics.
Twitter investigated accounts tied to Current Policy, a media website that engages in Russian state-supported political propaganda. It suspended and disclosed 1,152 accounts and associated media for violating Twitter’s platform manipulation policy by cross-posting and amplifying politically motivated content in an inauthentic, coordinated way.
Twitter detected this network of accounts in early 2020, which used coordinated inauthentic activity to target mostly domestic audiences. Analysis of the network’s technical indicators and account behaviors determined that 7,340 accounts were being used to promote the AK Parti (a conservative political party, also known as the Justice and Development Party) and show support for President Erdogan.
Accounts were determined to be associated with the AK Parti’s youth wing and a centralized network with compromised accounts. The network includes compromised accounts tied to organizations critical of President Erdogan and the Turkish government.
The aforementioned state actors have repeatedly targeted compromised accounts through account hacking and takeover efforts. Commercial activities, including cryptocurrency spam, also took place across the network.
Consumer choice and the payment experience
A software provider's guide to getting, growing, and keeping customersDownload now
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and conformance for email securityDownload now
Business in the new economy landscape
How we coped with 2020 and looking ahead to a brighter 2021Download now
How to increase cyber resilience within your organisation
Cyber resilience for dummiesDownload now