Russia’s Old Tricks Against New Targets
US President Barack Obama talks about cyber hacking during the US presidential election as he holds his final news conference of the year at the White House in Washington, DC, December 16, 2016. (Reuters/Carlos Barria)
While Washington continues to debate the deeper implications of the cybersecurity breaches and leaks that marred this election season, intelligence agencies and cybersecurity companies alike are confident that Russian hackers are the culprits. As the United States gears up for congressional investigations into the accusations, several European countries up for presidential and parliamentary elections next year—Germany, France, and the Netherlands—worry they will become the Kremlin’s next target. The shift from stuffing the ballots, as repeatedly seen in elections in Russia, to manipulating cyberspace and social media has given the Kremlin alarming powers to not only help choose foreign leaders, but also to catalyze the breakdown of Western democracies’ liberal values.
While Russia’s interference in the presidential election shocked many in the United States, hacking and the spreading of fake news—or “disinformation,” a term coined by Joseph Stalin in the 1960s—have been part of the Kremlin’s arsenal for decades in Russia’s “near-abroad,” in countries that gained their independence after the fall of the Soviet Union. Over the last four years, it has disrupted several of its neighbors’ elections and propped up pro-Russian candidates by exploiting cyber vulnerabilities and spreading anti-Western narratives.
In 2012, Georgia’s parliamentary election debate was shaped by a disturbing prison-abuse video leaked by the Moscow-friendly Georgian mafia. This event, which closely resembles the WikiLeaks release of Democratic presidential nominee and former Secretary of State Hillary Clinton’s e-mails, helped a pro-Russian oligarch with opaque personal wealth to rise and lead the opposition. Two years later, a wave of cyberattacks hit Ukraine’s presidential elections, infiltrating the central election computers, destroying key files, and rendering the vote-tallying system inoperable. Election officials also discovered malware installed in their computers, aimed at portraying an ultra-nationalist politician as the winner of the election and supporting the Kremlin’s narrative of post-revolution Ukraine as a hotbed of fascism.
More recently, in October of 2016, Montenegro’s pro-European Union and pro-NATO ruling party, the Democratic Party of Socialists, staved off a stiff challenge by the opposition party funded by Russia during its presidential and parliamentarian elections. In the days leading up to the election, Russia launched a disinformation campaign utilizing both social media and traditional print and TV outlets to question the legitimacy of the election. The incumbent party managed to win the election by a thin margin.
As discussed, Russia has a history of targeting countries in its immediate sphere of influence. However, the revelation that Russia has interfered in the US elections signals a giant leap in the brazenness of its influence operations. The Kremlin is unlikely to slow down as Europe prepares for key elections next year. In fact, several successful network intrusions have already hit European political organizations since the Democratic National Committee (DNC) hack last summer, according to the same experts who uncovered Russian involvement in the DNC breach. Most notably, the German intelligence chief recently cited “increasingly aggressive cyber espionage” by Russian hackers against German politicians and parties. The same group is believed to be behind the 2015 cyberattack against the German Bundestag. This has raised fears that the hackers will use the information to damage German Chancellor Angela Merkel’s fourth term bid next September.
The flood of right-wing fake news, aided by Russia’s sophisticated propaganda machinery, took a central role in the US election. Similarly, the Kremlin has built large networks of influence around Europe, comprised of Russian-funded politicians and political parties, a well-established and funded media machine, and strong business dependencies in the energy sector—the Kremlin’s “Trojan horses”—while also using technology as a means to extract information and manipulate it in a way that is subtle, almost undetectable, in order to influence election outcomes.
European leaders have begun taking active measures to counter these threats. In late November, the European Parliament sounded the alarm on anti-EU propaganda, approving a resolution that cited Russia’s attempts to perpetuate and shape the political climate so as to challenge Western values, and called for an information literacy campaign. In the United States, Senators Rob Portman (R-OH) and Chris Murphy (D-CT), passed their Countering Disinformation and Propaganda Act two days before the CIA released its report on Russia’s intent to tip the election. The bill establishes a new center at the State Department to detect, counter, and inform on attempts by foreign agents to influence US politics.
These are crucial first steps. However, if the CIA is correct in its estimate of the Russian intent behind the breaches, the transatlantic community must recognize that these attacks pose an existential threat to the Western democratic process. Beyond mere privacy concerns for leaked e-mails or data loss for tampered computers, the electoral sabotage has already successfully shattered citizens’ trust in the legitimacy of the electoral process, mainstream political candidates, and liberal Western values. US President Barack Obama has already sworn to take action against Russia for its interference in the elections, and the US government should continue conducting thorough investigations into the breaches to hold the Kremlin accountable. To safeguard next year’s elections, European governments should not shy away from doing the same.
Anni Piiparinen is an assistant director for the Cyber Statecraft Initiative in the Brent Scowcroft Center on International Security at the Atlantic Council. You can follow her on Twitter @AnniPiiparinen.
Geysha Gonzalez is an assistant director in the Dinu Patriciu Eurasia Center at the Atlantic Council. You can follow her on Twitter at @geyshapaola.