CRC Spotlight: Exposing Digital Hostile Influence with Honeypots

 A recent X poll regarding a water crisis in Iran, displayed voting irregularities indicative of Coordinated Inauthentic Behaviour (CIB) attributed to regime-backed actors.

In this CRC spotlight we use this incident as a case study to explore a new perspective on counter Foreign Information Manipulation & Interference (FIMI) tactics.

We examine how interactive online content, such as polls on controversial topics, can provide defenders and researchers alike with an intelligence windfall. And that by baiting threat actors into action, knowledge of their Tactics, Techniques, and Procedures (TTPs) can be leveraged as part of a defensive strategy.  

While there is no indication this poll was a deliberate trap, it does suggest further study is required on the potential for concepts such as an ‘Influence Honeypot’ to be included in existing defensive frameworks, such as DISARM Blue.

[Download Full Report here]