There is a general consensus that Russia interfered in the 2016 US Presidential Elections. According to the US intelligence community, it has been assessed with ‘high confidence’ that Russia used nation state proxy groups to influence the outcome of the presidential election in favour of Donald Trump.
The report concluded that Russia used a combination of disinformation, data thefts, and leaks to denigrate and harm Hilary Clinton’s chances of potential presidency. More recently, Russia has been accused of attempting to sway the result of the French Presidential Election, as well as the upcoming German, Dutch, and UK elections.
Despite these specific tactics, hacking an election is not fundamentally a cyber issue. Nation states have always sought to influence elections through a number of means, ranging from diplomacy and lobbying, to interference through overt and covert means in other nations’ internal affairs. From conventional espionage, assassinations, and bribery, to military missions and regime change operations – this is an old game. The cyber domain simply offers new opportunities to complement old strategies, especially for countries like Russia, the US and China – today’s cyber leaders.
Cyber, also known as the fifth domain in the theatre of war (the others being land, sea, air and space), is where threat actors (both state and non-state), can flex their muscles with almost no repercussions - legal or otherwise. The asymmetric nature of the cyber domain combined with the anonymity and challenges of attribution, offer threat actors an attractive platform to conduct ‘influence campaigns’.
In addition, the cyber realm offers an abundance of tools for conducting a ‘cold war’ against an adversary which can involve disruption attacks (e.g. DDoS attacks), destructive attacks (e.g. use of wiper malware), system compromises through physical means, or a plethora of other options such as spear-phishing, network tapping, phone rooting and so on.
Perhaps most significantly, cyber changes the risk/reward ratio associated with other forms of physical or overt operations – it’s generally accepted that cyber presents fewer risks whilst offering greater rewards.
Nation states are the most common perpetrators of election hacking for the very simple reason that they have a vested interest in power. Power is the primary end of political action, domestic or international, and as such ‘hacking’ an election in order to influence the outcome enables a greater assertion of power, in service of national self-interest, over the wider geopolitical arena. This of course, is highly reminiscent of how Cold War power politics played out.
The intent of a nation state actor must always be viewed and analysed in the particular geopolitical context in which the action takes place. There is almost always a direct purpose, and it’s usually to obtain information that provides a strategic advantage over the target. This can involve the theft of intellectual property, military information, insight into government and market intelligence, as well as personally identifiable information. Nation states also seek to deploy techniques that disrupt and degrade the target’s system in order to help achieve a particular military or political objective – an example of the latter being election hacking for instance.
Although nation state attacks (which can be attacks designed to compromise either the availability, integrity and confidentiality of a system) often involve advanced techniques and tools, individual capabilities and TTPs vary significantly between different nation state actors. For example, where some nation state groups write their own malware, others employ the use of relatively unsophisticated ‘off-the-shelf’ malware; where some actors take special precautions to mask their presence with anti-analysis and anti-detection techniques, others are less sensitive to risk.
Given this prevalence and clear motive, the question isn’t “why would nation states hack elections?”, but rather, “what do individual states stand to gain by hacking specific elections, and do they have the intent and capability to do so?” This is a bigger question, but in light of recent examples, it’s essential to answer.
The recent Russian case is not the first time a country has tried to influence the outcome of the US election (the UK tried to influence the US election in 1940), or another country’s election. The US itself has done so multiple times throughout history. According to Dov Levin, a postdoctoral fellow as the Institute for Politics and Strategy at Carnegie-Mellon University, the US has attempted to meddle in other countries’ elections as many 81 times between 1946 and 2000.
Typically covert in their execution, these efforts included everything from CIA operatives running presidential campaigns in the Philippines during the 1950s, to leaking damaging information on Marxist Sandinistas in Nicaragua in 1990. In other countries, such as Japan, Lebanon and Italy, the US attempted to intervene in four or more separate elections. The database is said to exclude military coups and regime change operations, notably in Iran, Guatemala, Chile, and Honduras. This is all to say nothing of the most recent interventions in Iran, Libya, and Egypt.
The majority of the US’s meddling, according to Levin, occurred throughout the Cold War as a response to contain Soviet influence through spreading of alleged ‘leftist’ proxies. However, it was not only the US who was trying to sway foreign elections. Russia also attempted to interfere in other countries’ elections 36 times between the examined period. Therefore, the two superpowers engaged in 117 electoral influence campaigns in total during this period.
Whilst the Soviet Union has since collapsed (1991), the US maintains an assertive foreign policy abroad – including ‘hacking’ elections in Israel, former Czechoslovakia, and even Russia in 1996. More recently, the US has attempted to meddle in the elections of the Ukraine, Kenya, Lebanon, and Afghanistan, among others.
So does this mean the impending UK general election is going to be ‘hacked’ by Russia? Possibly. The UK’s recent active stance on pushing new sanctions against Russia with regards to Syria has exacerbated tensions between the two countries.
Since Theresa May took office in July 2016, UK policy has changed in multiple areas – developments which are likely to push Russia to try and stop the Conservative party from winning in the upcoming elections. Given Russia’s recent attempts to destabilise the US, it is highly likely that Russia will engage in some form of ‘influence campaign’ against the UK. As both the biggest US ally and a great European power, destabilisation would impact both Europe in general and the EU as an institution, and the cyber domain provides the perfect means of achieving this with a large degree of deniability.