12 June 2018

Russian Election Interference: Europe’s Counter to Fake News and Cyber Attacks

RIK BRATTBERG, TIM MAURER

Summary: Russia’s election interference reflects a trend that blends premeditation with opportunism. To bolster resilience, countries must urgently share best practices and lessons learned. Russia’s aggressive campaign targeting the 2016 U.S. election revealed not only the extent to which information and communications technologies are being used to undermine democratic processes but also the weaknesses of protection measures. The U.S. government was effectively caught off guard, once again highlighting that such interference presents a rising global threat. Comprehensive strategies and tools are clearly needed as part of a long-term, holistic approach to building resilience, but to be effective, they should be informed by the regular sharing of best practices and lessons learned between countries.


In reaction to Russia’s disruptive campaigns in Europe and the United States, European governments took steps before and during their 2017 elections to better protect against disinformation campaigns and cyber attacks. Unsurprisingly, an examination of their efforts shows the importance of identifying risks at the local, regional, and national levels and actively engaging political parties and traditional and social media outlets. These lessons and others could provide the basis for a common, analytical framework to assess the different dimensions of risk and guide countries’ preparatory actions.

Lessons From European Efforts 

Consider electoral systems as part of critical infrastructure, institutionalize preparations to protect election processes, and broaden activities to the subnational levels. 

Focus on resilience measures, for example, by conducting regular vulnerability analyses and developing contingency plans. Legal measures should be explored through an inclusive process. 

Issue public statements to deter threat actors and educate voters about disinformation campaigns. 

Train and educate political parties and campaigns to better protect against potential interference. 

Conduct government-media dialogue, encourage media to take voluntary protective measures, and engage social media companies in mitigating potential threats. 

Support international cooperation, particularly the sharing of lessons learned and best practices. 

Preparing for the 2018 U.S. Midterm Elections 

Issue a clear warning that interference in the 2018 elections by Russia or any other actor will result in severe consequences. 

Coordinate government efforts to protect against cyber attacks and disinformation. 

Provide more training and support to state and local election officials. 

Regularly assess election infrastructure. 

Encourage states to reevaluate the use of electronic voting machines. 

Encourage political parties and their candidates, staff, and volunteers to follow basic cybersecurity practices. 

Encourage donors to require that political parties and campaigns implement basic cyber hygiene for their candidates, staff, and volunteers. 

Urge political parties and campaigns to explicitly state that they will not use or support social media bots. 

Increase society’s resilience by clearly communicating the risks of foreign interference in U.S. democracy. 

Promote independent citizen fact-checking and investigative journalistic initiatives. 
Improve media literacy among the public. 

INTRODUCTION

In 2016, Moscow brought a threat that has long plagued many Central and Eastern European capitals to the heart of Washington, DC. Russia hacked the U.S. Democratic National Committee’s system and subsequently released the confidential material to the public in a clear attempt to influence the outcome of the 2016 U.S. presidential election.1 The cyber attack was paired with a disinformation campaign whose scope and reach is still being assessed more than a year later. The administration of then president Barack Obama was certainly concerned about potential hacking—especially given the malware attack during Ukraine’s 2014 presidential election—but all evidence to date suggests that the Russian government achieved significant success without actually hacking election infrastructure. The U.S. government was essentially caught off guard.

After witnessing the events in the United States, a number of European leaders scrambled to protect their countries against similar interference in their 2017 elections. Some of their actions appear to have been successful, but given the urgency, they were likely hindered by ad hoc coordination and knowledge sharing. Systematically studying these efforts and others could proactively help to inform the development of long-term strategies and tools to improve countries’ resilience to future attacks. More importantly, such analysis could pave the way for sharing lessons learned and best practices across countries—an urgent effort considering that, in 2018 alone, elections will take place in Georgia, Latvia, Sweden, Brazil, and Mexico, among others. And in 2019, elections to the European Parliament will occur. Looking ahead to the November 2018 U.S. midterm elections and the next presidential election in 2020, U.S. officials are particularly worried about further meddling. According to U.S. Director for National Intelligence Daniel Coats, “there should be no doubt that Russia perceives its past efforts as successful and views the 2018 U.S. midterm elections as a potential target.”2 So as the United States and other countries ponder how to better prepare for interference,3 what can be drawn from Europe’s recent experiences?

Systematically studying these [Europe’s] efforts and others could proactively help to inform the development of longterm strategies and tools to improve countries’ resilience to future attacks.

An examination of the protection measures that Germany, France, the Netherlands, and the United Kingdom enacted in 2017 and prior offers a good starting point for assessing the dimensions of risk and the effectiveness of preparations for, and responses to, election interference. These countries are geopolitically important within Europe as well as with regard to Russia. Their specific experiences are also useful to compare. The hacking of French President Emmanuel Macron’s campaign during the presidential election arguably stands out as the Kremlin’s most brazen action. The elections in Germany, on the other hand, are remarkable because no significant attempts at interference were reported. The events of the past year and a half merit a closer look to determine what actually happened and why. Sweden, which will hold elections in September 2018, is also worth including, as it offers potential insights into how a country can prepare well ahead of time to protect its elections.

When studying Russian interference and country preparations and responses, it is important to differentiate between “fake news” and hacking operations. This ensures that the full range of vulnerable targets are accounted for—including the databases of political parties and campaigns, social media platforms and conventional news organizations, the personal accounts of candidates and their families, voter registration systems, voting machines and software, and transmission channels for voting results. Thus far, based on open-source information, government tools to protect such targets have largely included operational and policy changes, such as the banning of electronic vote counting; technical changes to election infrastructure; legal measures, such as new laws; and awareness-raising campaigns.

However, eliciting best practices—and, more importantly, a long-term, holistic approach to interference—cannot come from merely studying these targets and tools in isolation. And doing so would not be conducive to ongoing, systematic knowledge sharing. Thus, it could be helpful to combine their general dimensions within an analytical framework—to inform both future strategies and more in-depth research. Drawing on the experiences of Central and Eastern European countries in recent years and the United States during the 2016 election, a framework begins to take shape. It conceptualizes the different risk dimensions of disinformation campaigns and hacking operations, places them in the context of an election cycle, and lists the types of preparatory actions governments can take at all levels. Stakeholders in the United States and other countries could further develop this framework, perhaps as part of an internationally coordinated effort. Meanwhile, lessons learned and best practices garnered from case studies could inform stronger legal, technical, operational, policy, civil society, and educational measures against likely interference perpetrated by Russia and other actors. 

Following warnings from Dutch intelligence, officials in the Netherlands took the issue of potential Russian interference in its elections seriously. But because of either their active preparations or an apparent lack of Russian effort at interference, the elections were carried out successfully and without any noteworthy interference. 
Preparatory Actions

Reports of Russian activities during the U.S. election placed The Hague on high alert. It was already concerned about potential interference due to two major incidents: the alleged hacking of the Dutch Safety Board’s computers in October 2015 by a group of Russian hackers known as Pawn Storm (also known as APT28 and Fancy Bear) and the alleged meddling leading up to the April 2016 Dutch referendum on a European Union (EU)–Ukraine trade deal by either Netherlands-based, pro-Russian sympathizers or activists.4 The timing of the former incident made the objective clear: it occurred both before and after the board published its report investigating the downing of flight MH17 in eastern Ukraine. Despite the apparent failure, Moscow’s activities had a significant impact. Local pro-Russian voices in the Netherlands actively tried to counter the hacking accusations.5

Interference leading up to the referendum was perhaps more blatant. The Kremlin was vehemently against the EU-Ukraine trade deal. A consortium of local pro-Russian, anti-Ukraine expats—led by a left-wing Dutch parliamentarian, Harry van Bommel—vocally opposed the deal and referred to Ukraine’s pro-Western government as a “bloodthirsty kleptocracy.”6 The opposition used in-person meetings, television, and social media to echo their views. In addition, pro-Russian agents passed themselves off as Ukrainians to infiltrate town hall meetings and Dutch groups akin to U.S. political action committees, such as the conservative Forum for Democracy, which became a major political party in 2016.7During the referendum, the party repeated the Kremlin’s talking points and shared Moscow’s propaganda videos.8

Of course, Russian interference was not the only factor that influenced the referendum; the referendum also reflected the Dutch population’s growing antipathy toward the EU.9 The Hague has been particularly concerned about the more amorphous threat of local populists who, knowingly or unknowingly, champion Russia’s agenda in their attempts to disrupt the political status quo.

No comments: