A young Moscovite steps out of the frigid Russian winter and sits down at his computer. Logging on to Twitter, he searches the online communication tool for the latest news about the public demonstrations forming in his city.
Like demonstrators in Iran, throughout the Arab Spring and even Occupy Wall Street before him, the young man searches with a certain keyword called a hashtag, in this case #Triumfalnaya for Moscow's Triumphal Square, to find out when and where his comrades are gathering to make their voices heard and what the police presence is like there.
But instead of reading the words of fellow protesters, the young man is inundated with hundreds of unrelated or sometimes angry, pro-government messages -- one calling an opposition leader a "headless freak" -- from unknown users inexplicably using the same hashtag. In the deluge, he can't find the information he needs.
That's a scenario that could be playing out today thanks to a simple but potentially devastating repressive Twitter tactic employed by pro-government forces in Russia and around the world meant to turn Twitter, an indispensible tool to would-be revolutionaries, against its own users, according to cyber security experts.
In the most recent case, senior threat researcher Maxim Goncharov of Trend Micro, said this week he discovered a massive Twitter spam campaign allegedly carried out by pro-Kremlin activists in Russia. At the height of the attack, Goncharov said anti-protester messages using the popular opposition hashtag #Triumfalnaya flew in at a blazing 10 messages per second, essentially burying tweets from actual protest organizers.
"People are doing this for the Kremlin. [They're] trying to bring down Twitter for a channel for communication," Goncharov told ABC News.
By flooding Twitter with a certain hashtag used by protesters, the tweets "pollute the stream" of useful information until very quickly, all relevant hashtags become "totally useless," Ethan Zuckerman, director for the MIT Center for Civic Media, told ABC News. Of course, opposition activists can simply switch to another hashtag, but with their original organizing hashtag already compromised, getting the word out about the new one would be practically impossible -- potentially dealing a strong blow to protesters trying to rally together at a certain place or time.
Goncharov said that in Russia's case, the sheer speed and quantity of the messages in Russia, along with a common limited vocabulary and irregular activity from many of the Twitter users, led him to believe many of the tweets did not come from humans, but from computers that had been taken over by an automatic bot network -- a series of computers infected with a virus, which essentially turns them into zombies at the mercy of hackers. Other experts said that perhaps most tellingly, many of the users were "eggs." (In Twitter-speak, "eggs" refer to users who have not bothered to change the profile picture, by default an egg, meaning the accounts could have been quickly created and then forgotten about until they're needed.)
Brian Krebs, a former Washington Post reporter and cyber security blogger, reported Thursday that after Goncharov posted his findings at the Trend Micro website, several internet security experts in Russia identified "thousands" of accounts rapidly posting "anti-protester or pro-Kremlin sentiments to more than a dozen hashtags and keywords that protesters are using to share news..."
"If there's real signal coming out from political dissidents in a channel I can't shut down, my goal is to make signal to noise of that channel so low that no one can bare to follow it anymore," Clay Shirky, arts professor at New York University's Interactive Telecommunications Program, told ABC News.