The DISARM Files #1
Unveiling a Covert Information Warfare Strategy
The DISARM Revelation: Unmasking a Hidden War on Information
December 9th, 2023: By, Walter Curt
After the CTIL Files' explosive release by Schellenberger and Matt Taibbi, a widespread investigative effort was ignited among internet researchers. Key players in this endeavor included America Mission, The W.C. Dispatch, and TrashDiscourse, all diving deep into the layers of an extensive censorship regime. This collaborative effort, bolstered by the expertise of cybersecurity authorities like Nate Cain and numerous Open-Source Intelligence (OSI) specialists, transformed the CTIL files into a cornerstone for extensive research. This collective venture, involving over a dozen diverse research groups, has laid the groundwork for this comprehensive series of articles, shedding light on the intricate mechanisms of information control and censorship.
Before we delve into the intricacies of the DISARM Framework, it's crucial to address some fundamental questions. Primarily, what exactly is DISARM, and who are the key players behind it? To uncover these details, we turned to DISARM's own documents, seeking clarity directly from the source:
“Q1: What is the DISARM Foundation and its purpose?
The DISARM Foundation is a non-partisan, non-profit organization, incorporated in the US and also working across Europe. Its purpose is to develop a small team to maintain and enhance the DISARM Framework on behalf of its users.
Q2: What is the purpose of the DISARM Framework?
The purpose of the DISARM Framework is to provide a ‘common language’ for the many people around the world working to mitigate the harms caused by disinformation, by enabling them to track, describe, and share their analyses using the common language.
Q3: Who funds DISARM?
The DISARM Framework has been developed largely by volunteers, since it first began its life as the AMITT 1 Framework in 2019. Our first financial support came from the Alfred Landecker Foundation in Europe in 2022. We continue to operate with very limited resources, whilst looking for further financial support to ensure our sustainability. We receive no financial support from governments.”
Key figures in the DISARM group, notably including SJ Terp and Pablo Breuer, are also prominent in the CTIL files. A cursory examination reveals striking similarities between the DISARM and CTIL initiatives, particularly their reliance on volunteer efforts and ‘lack’ of substantial funding.
What distinctly sets the DISARM files apart from the CTIL files is the evolution and detail of the framework they reference. The AMITT Blue Countermeasures Framework, mentioned in these documents, is an earlier iteration of what has now developed into the current DISARM Framework.
These DISARM Files unveil a comprehensive and startling strategy of information warfare, seemingly developed and potentially implemented by the US government. Termed the DISARM framework, the documents detail a range of both offensive and defensive tactics, all aimed at controlling and manipulating the information space. The prospect of employing such strategies domestically against American citizens raises grave concerns, touching upon the very essence of civil liberties and potential constitutional violations.
→The Framework
The most consequential aspect of this release is the revelation that the AMITT Blue Countermeasures, initially detailed in the CTIL file release, have undergone significant expansion. This expansion notably enhances the offensive capabilities of the censorship apparatus. Below are the most notable enhancements, each accompanied by a summary of the action intended for offensive use:
C00172:
Social Media Source Removal:
Metatechnique: M005
Summary: Removing accounts, pages, groups, e.g. Facebook page removal.
Metatechnique: M013
Summary: Detect and degrade
C00067:
Denigrate the Recipient/ Project of Online Funding:
Metatechnique: M013
Summary: Reduce the credibility of groups behind misinformation-linked funding campaigns.
C00189:
Ensure That Platforms are Taking Down Flagged Accounts:
Metatechnique: M003
Summary: Use ongoing analysis/monitoring of "flagged" profiles. Confirm whether platforms are actively removing flagged accounts and raise pressure via e.g. government organizations to encourage removal.
C00160:
Find and Train Influencers:
Metatechnique: M001
Summary: Identify key influencers (e.g. use network analysis), then reach out to identified users and offer support, through either training or resources.
C00197:
Remove Suspicious Accounts:
Metatechnique: M005
Summary: Standard reporting for false profiles (identity issues). Includes detecting hijacked accounts and reallocating them - if possible, back to original owners.
C00058:
Report Crowdfunder as Violator:
Metatechnique: M005
Summary: counters crowdfunding. Includes ‘Expose online funding as fake”.
C00034:
Create More Friction at Account Creation:
Metatechnique: M004
Summary: Counters fake account
C00044:
Keep People from Posting to Social Media Immediately:
Metatechnique: M004
Summary: Platforms can introduce friction to slow down activities, force a small delay between posts, or replies to posts.
C00042:
Address Truth Contained in Narratives:
Metatechnique: M010
Summary: Focus on and boost truths in misinformation narratives, removing misinformation from them.
C00046:
Marginalize and Discredit Extremist Groups:
Metatechnique: M013
Summary: Reduce the credibility of extremist groups posting misinformation.
C00077:
Active Defense: Run TA15 "develop people” - Not Recommended:
Metatechnique: M013
Summary: Develop networks of communities and influencers around counter-misinformation. Match them to misinformation creators.
In our investigation, we discovered that the DISARM framework is not merely a set of guidelines, but an automated system already employed by Special Operations and intelligence agencies, as revealed by internal military documents from a confidential source. This system's sophistication enables advanced tactics like social media source removal and platform infiltration with minimal human intervention.
The DISARM system, detailed in SOCOM internal documents, merges offensive (red team) and defensive (blue team) strategies in information warfare, ensuring a comprehensive approach to operations. This integration is bolstered by its ability to automate threat intelligence processing using the STIX/TAXII framework, rapidly analyzing and sharing data across platforms in real-time. Additionally, DISARM enables high-level threat information sharing across organizations with access to top-secret TS/SCI levels. This development highlights the framework's advanced operational system and raises serious concerns about its impact on public discourse and individual rights due to its automated, far-reaching nature.
→Militarization of Information:
The DISARM framework's tactics not only threaten fundamental freedoms but also mirror military information and cyber operations, indicating a shift towards militaristic information control within the United States. This blurring of lines between international warfare tactics and domestic information governance represents a significant departure from traditional approaches, requiring urgent scrutiny and public debate to protect democratic values and civil liberties.
These military influences within the DISARM framework are evident in various aspects:
Its structure and phrasing, such as "find, fix, finish," mirror methodologies used in special operations targeting.
Tactics are divided into offensive ("red team") and defensive ("blue team") operations, reflecting military exercises.
References to use by military commands and high classification levels indicate its application in classified military contexts.
The detailed tactics and emphasis on scaling up indicator sharing are reminiscent of military "playbooks" against adversary tactics, techniques, and procedures (TTPs).
Military planning language, including terms like "kill chains," is adapted for information and cyber warfare missions.
The overall framework and coordination level between agencies and allies suggest a model similar to how the military conducts joint information and influence activities in foreign strategic operations.
The DISARM framework seemingly repurposes military information warfare strategies, typically used in foreign contexts, for domestic application. This adaptation blurs the line between international combat tactics and domestic information control, raising serious concerns about their use within the United States. Such a shift could significantly impact democratic values, governmental transparency, and public trust, presenting deeply troubling implications.
In light of these revelations, America Mission is only beginning its investigation into the DISARM framework. We will expose the operational use of these strategies against U.S. citizens, revealing just a fraction of the extensive tactics and methods involved. Through ongoing research and public discussion, we seek to address the challenges these findings pose to our constitutional rights.
Important work!