DISARM: a Framework for Analysis of Disinformation Campaigns

State actors, private influence operators and grassroots groups are exploiting the openness and reach of the Internet to manipulate populations at a distance. They are extending a decades-long struggle for "hearts and minds" via propaganda, influence operations and information warfare, often in the form of coordinated incidents that are part of longer-timescale narrative-based campaigns. Our work on cognitive security extends information security principles, practices, and tools, to the detection and management of information harms including disinformation and disinformation. Specifically, we have adapted and extended frameworks used to describe information security incidents, to create the DISARM series of frameworks for understanding and responding to organized disinformation incidents; these have been in continuous use since 2019 for analysis, simulations, training, and country-level disinformation risk assessments. In this paper, we describe how and why the DISARM frameworks were created, and discuss their components and uses, including analysis of ways, means, and ends to achieve influence goals.