Domain of Deception: How China's GLASSBRIDGE Campaign Manipulates the Web
This presentation delves into the evolving landscape of Chinese Information Operations (IO), focusing on the tactics and techniques employed by GLASSBRIDGE, a recently uncovered threat actor. We begin by examining the broader trends in Chinese IO, setting the stage for a detailed exploration of GLASSBRIDGE's unique modus operandi. We will discuss the discovery of this group and their distinctive use of domains to spread disinformation and manipulate public opinion.
The core of the presentation will feature a deep dive into GLASSBRIDGE's operational infrastructure. Through real-world examples and screenshots, we will dissect the anatomy of their typical web pages, highlighting the telltale signs of their influence campaign. We will demonstrate how meticulous domain analysis, including cross-referencing registration details, content similarities, and technical infrastructure, can be used to definitively link seemingly disparate online entities to this specific actor.
Moving beyond technical analysis, we will examine past enforcement actions taken against GLASSBRIDGE and similar groups, drawing on insights from Google's Threat Analysis Group (TAG). This section will feature exclusive information from an upcoming Google TAG blog post, providing unique insights into the challenges and successes of disrupting such operations.
Finally, we will analyze the implications of GLASSBRIDGE's activities for the future of Chinese IO. We will assess the effectiveness of their current tactics, discuss potential adaptations in their strategies, and explore the broader impact on the global information environment. This presentation will equip attendees with a deeper understanding of Chinese influence operations and the crucial role of domain analysis in countering these threats.