President Donald Trump and ally Elon Musk are misleadingly depicting a Pentagon defense contract that was awarded during Trump’s first presidency.
The $9.1 million contract was awarded to Thomson Reuters Special Services, a company that provides “data-driven solutions” to the federal government and other clients, to work on defenses against “social engineering” cyberattacks, which use “social deception” tactics to trick humans. In a Wednesday social media post that didn’t explain what the contract was actually for, Musk insinuated that the Reuters news agency, which has the same parent company as Thomson Reuters Special Services, was paid by the government to engage in deception.
And neither Musk nor Trump, who made a Thursday post amplifying Musk’s claim, noted that the contract began under Trump in 2018.
Asked for comment, Thomson Reuters Special Services chief executive Steve Rubley said in a Thursday statement to CNN that “recent public discourse” has “inaccurately represented the nature of the business between TRSS and the Department of Defense,” and has incorrectly conflated Reuters News with TRSS, a separate legal entity that has its own board of directors and “operates independently from Reuters News.”
“TRSS has provided software and information services to U.S. government agencies across successive administrations for decades, to assist in identifying and preventing fraud, supporting public safety, and advancing justice,” Rubley said.
Musk continued to post misleadingly about the contract on Thursday even after his misleading Wednesday post was fact-checked by CNN, The Washington Post and others. On Friday, Defense Department spokesperson Lt. Chelsea Dietlin provided CNN with a detailed explanation of the 2018 contract – saying that TRSS was “competitively selected to serve as the evaluator (i.e., red team) to test the defensive tools we were developing” as part of an Active Social Engineering Defense (ASED) program that attempted to combat spear phishing and other social engineering attacks.
Specifically, Dietlin said, “TRSS created tools to credibly test the ASED defenses in large-scale, realistic testbed environments. Large-scale Social Deception (LSD) was the name of TRSS’ red team proposal.”
What Musk and Trump claimed
Musk, the billionaire businessman who is leading the sweeping cost-cutting initiative known as the Department of Government Efficiency (DOGE), has repeatedly described federal spending in misleading or false ways. This latest example came just one day after he backed away from a false claim that his initiative had thwarted a plan to spend $50 million on condoms for Gaza, conceding that “some of the things that I say will be incorrect.”
Musk has previously criticized the Reuters news agency over its coverage of his business ventures. He wrote on his X social media platform on Wednesday night: “Reuters was paid millions of dollars by the US government for ‘large scale social deception’. That is literally what it says on the purchase order! They’re a total scam. Just wow.”
Trump then delivered a version of the claim on social media on Thursday morning, adding a demand for repayment: “DOGE: Looks like Radical Left Reuters was paid $9,000,000 by the Department of Defense to study ‘large scale social deception.’ GIVE BACK THE MONEY, NOW!”
When CNN asked the White House for comment, an official who spoke on condition of anonymity argued that Trump’s post was not accusing Reuters of engaging in social deception. The official said in a Thursday email, using bold type, that Trump “specifically mentioned the money was used for a study.”
Even in the most generous reading of the president’s post, though, his demand for repayment baselessly suggested that the contract was improper – and his use of “Reuters” at the very least left open the impression that the money went to the well-known news agency rather than the lesser-known Thomson Reuters Special Services, the company name listed on the public document Musk shared.
What the contract was actually for
Washington Post technology reporter Drew Harwell offered a thorough debunking on Thursday morning in response to Musk’s post.
As Harwell noted, detailed information about the contract has long been publicly available on the US government’s spending disclosure website. The contract, which was awarded after a public bidding process, was funded by the Department of Defense’s Defense Advanced Research Projects Agency (DARPA), which develops new technologies for the military.
The nature of the contract was described, in the brief and vague manner typical of federal contract descriptions, as “ACTIVE SOCIAL ENGINEERING DEFENSE (ASED) LARGE SCALE SOCIAL DECEPTION (LSD).” Those words might sound nefarious to someone who did no further research – but even before the Defense Department provided its Friday comment, there was ample public information on what the contract was about.
DARPA explained on its website that it was seeking to develop technology to “automatically identify, disrupt, and investigate social engineering attacks” – attacks known as “social engineering” because they try to deceive or “engineer” humans into performing certain actions, like clicking on links to malicious software, divulging sensitive information or giving up money.
For example, a foreign adversary might have operatives posing online as attractive potential dating matches to lure members of the US military into revealing information to them or granting them access to sensitive systems. While seeking competitive bids in 2017, the Pentagon publicly outlined its desire to create its own highly sophisticated bots to figure out who is behind these kinds of attacks.
A program description posted online by DARPA in 2017 explained that “the core technology to be developed in this program is the capability to automatically elicit information from a malicious adversary in order to identify, disrupt, and investigate social engineering attacks.” The description said that the Active Social Engineering Defense (ASED) “will do this by mediating communications between users and potential attackers with bots that actively detect attacks and coordinate investigations to discover the identity of the attacker.”
The document said that “when an attack is detected, the ASED program envisions the use of automated, virtual, alter-ego bots to coordinate active investigation and tracing of the attacker’s identity.”
This article has been updated with additional information.
For more CNN news and newsletters create an account at CNN.com
