Analysts watch for heightened cyber, disinformation campaigns following Venezuela raid
Gwengoat/Getty Images
Disinformation operations have been spotted, but there are no signs the efforts are being coordinated through a foreign government, one observer told Nextgov/FCW.
Various groups are keeping their eyes peeled for hacking and information warfare efforts launched in response to an unprecedented U.S. operation conducted over the weekend that captured Venezuelan leader Nicolás Maduro and brought him to New York to face criminal charges.
The Cybersecurity and Infrastructure Security Agency is continuing to monitor the cyber landscape in the raid's aftermath. In a written statement, CISA acting Director Madhu Gottumukkala did not acknowledge any disinformation tracking, but said that the recent events in Venezuela demand “heightened vigilance” across sectors.
The Maduro capture has raised concerns that foreign adversaries aligned with Venezuela, like China or Russia, may launch retaliatory cyberattacks on U.S. soil in response to the operation.
“While CISA has not identified a specific threat at this time, we remain steadfast in monitoring for any indicators of malicious activity and are working shoulder-to-shoulder with our government and industry partners to defend against today’s risks and strengthen resilience for the future,” Gottumukkala said.
CISA has removed employees doing much of its work tracking false information online, amid a broader effort launched under Trump 2.0 to rework the agency after GOP accusations that the cyber agency had used its counter-disinformation resources to censor Americans’ free speech.
Following the raid, regional experts anticipated a high volume of synthetic and inaccurate content. Adrián González, co-founder of the Venezuela-based nonprofit news and messaging monitor Cazadores de Fake News, said that much of the content generated by AI tools is coming from users in Venezuela and other Latin American countries, as opposed to more major U.S. adversaries.
“There has been a wave of hoaxes created with AI, there is a lot of synthetic content on social media,” González said in an interview. “But it is spontaneous: it is content generated by the same users, which confuses a lot of other users.”
The authors of this content are not linked to any foreign campaigns, despite previous documented coordination between Venezuela and Russia to amplify their individual preferred narratives, González added.
“These videos are generated in a spontaneous way and are not coordinated by a large number of users,” he said. “They don’t form part of coordinated disinformation operations.”
Some of the most viral images created with AI have displayed a fictional version of Maduro’s imprisonment, content which Cazadores de Fake News and others have worked to discredit. Although the group closely monitors online campaigns and digital attacks helmed by Russian and Chinese actors in Venezuela, content following Maduro’s capture is originating from different, unrelated users.
They are “creating images of Maduro detained that don’t exist, creating videos of Maduro dancing, uniformed in jail, or of the destruction of military or iconic installations of Chavismo that, in reality, were never destroyed,” said González.
Chavismo is a left-wing populist political movement in Venezuela named after the nation’s founder, former president Hugo Chávez, and associated with Maduro.
BforeAI, a firm that uses predictive AI tools to identify and stop cyber threats, has observed an increase in website domain registrations around high-profile figures related to the Venezuela operation, said Rishika Desai, a company threat researcher.
In the case of Maduro, “we identified over 140 domains in various stages of preparation in the past three days, referencing alleged ‘releases’ or sites claiming as his official narrative,” she said.
A similar trend was observed with President Donald Trump in recent days. Over 460 domains leveraging themes such as Nobel Peace Prize claims and petition-based campaigns against political figures were tracked, Desai added.
She said the team “also noted the emergence of coin-branded narratives, including so-called ‘Venezuelan libre’ tokens and ‘Crypto Maduro,’ which are commonly used for fraudulent investments and pump and dump schemes.”
Venezuela is no stranger to information warfare, with its government having spent years promoting state-aligned narratives through official media and online supporters. Those efforts have typically lacked the scale, sophistication and global reach seen with more robust influence operations from nations like Russia and China.