Twitter discloses removal of state-linked information operations

Twitter disclosed 32,242 accounts in its unique archive of state-linked information operations.

The permanently removed account sets and related content include operations linked to the People's Republic of China (PRC), Russia and Turkey. Twitter suspended the accounts for violations of its platform manipulation policies. It also shared key data from the disclosure with the Australian Strategic Policy Institute (ASPI) and Stanford Internet Observatory (SIO).

People’s Republic of China (PRC)

Twitter first identified PRC’s activity in August 2019, and technical links in the new network remain consistent with this activity. The proactive removal of these accounts relates to its technical efforts following the study and investigation of the PRC’s past coordinated information operations.

The current PRC disclosure involves two sets of interconnected accounts:

1. 23,750 accounts from the network’s highly-engaged core, which did not gain traction on Twitter, and have low follower accounts and low engagement
2. About 150,000 amplifier accounts, which have little to no follower accounts and artificially inflate impression metrics by engaging with core accounts; these accounts were not included in the public archive

Accounts in this network engaged in manipulative and coordinated activities, tweeting mostly in Chinese to promote geopolitical narratives about the Communist Party of China and to publish falsehoods about Hong Kong politics.

Russia

Twitter investigated accounts tied to Current Policy, a media website that engages in Russian state-supported political propaganda. It suspended and disclosed 1,152 accounts and associated media for violating Twitter’s platform manipulation policy by cross-posting and amplifying politically motivated content in an inauthentic, coordinated way.

Turkey

Twitter detected this network of accounts in early 2020, which used coordinated inauthentic activity to target mostly domestic audiences. Analysis of the network’s technical indicators and account behaviors determined that 7,340 accounts were being used to promote the AK Parti (a conservative political party, also known as the Justice and Development Party) and show support for President Erdogan.

Accounts were determined to be associated with the AK Parti’s youth wing and a centralized network with compromised accounts. The network includes compromised accounts tied to organizations critical of President Erdogan and the Turkish government.

The aforementioned state actors have repeatedly targeted compromised accounts through account hacking and takeover efforts. Commercial activities, including cryptocurrency spam, also took place across the network.