Cyber-enabled foreign interference in elections on the rise
29 Oct 2020|

Foreign governments’ efforts to interfere in the elections and referendums of other countries, and more broadly to undermine other political systems, are an enduring practice of statecraft. Over the past decade, the scale and methods through which such interference occurs has changed, with state actors exploiting the digitisation of election systems, election administration and election campaigns to influence voters and voter turnout, manipulate the information environment and weaken public trust in democratic processes.

The proliferation of actors involved in elections and the digitisation of election functions has dramatically widened the attack surface available to those who seek to disrupt democracy. This has in large part been facilitated by the pervasive and persistent growth of social media and networking platforms, which has made target populations more accessible to foreign state actors and exposed them ‘in a new, “neutral” medium, to the very old arts of persuasion or agitation’.

Our new research report, Cyber-enabled foreign interference in elections and referendums, published by ASPI’s International Cyber Policy Centre, identifies 41 elections and 7 referendums between January 2010 and October 2020 where cyber-enabled foreign interference has been reported, and it finds that there’s been a significant uptick in this activity since 2017.

Figure 1: Cases of cyber-enabled foreign interference, by year and type of political process

The data we collected (see our map) shows that Russia is the most prolific state actor engaging in cyber-enabled election interference, followed by China, Iran and North Korea. All four have sought to interfere in the 2020 US presidential election using differing cyber-enabled foreign interference tactics.

Their activity can be divided into two attack vectors:

  • cyber operations—covert activities carried out via digital infrastructure to gain access to a server or system in order to compromise its service, identify or introduce vulnerabilities, manipulate information, or perform espionage
  • online information operations—information operations carried out online to covertly distort, confuse, mislead and manipulate targets through the dissemination of deceptive or inaccurate information.

Together, these two attack vectors have been used to disrupt voting infrastructure and target electronic and online voting, including vote tabulation, as well as exploit the digital presence of election campaigns, politicians, journalists and voters. The concern with the strategic use of both attack vectors is that it further complicates the target’s ability to detect, attribute and respond.

While electronic and online voting, vote tabulation and voter registration systems are often presented as the main targets of cyber-enabled interference, it’s the level of trust the public has in the integrity of electoral systems, democratic processes and the information environment that is at stake. In Europe, a 2018 Eurobarometer survey, found that 68% of respondents were concerned about the potential for fraud or cyberattack with voting electronically and 61% were concerned about ‘elections being manipulated through cyberattacks’. This figure matched a similar survey conducted by the Pew Research Center in the US, which found that 61% of respondents believed it was likely that cyberattacks would be used in the future to interfere in their country’s elections.

The effectiveness of cyber-enabled interference in the lead-up to an election is overwhelmingly determined by the robustness and integrity of the country’s broader information environment and the extent to which the electoral process has been digitised. This means states vary in their vulnerability. The Netherlands, for example, reverted to using paper ballots to minimise its susceptibility to a cyber operation and help ensure that there wouldn’t be doubts about the electoral outcome.

While it’s difficult to assess the material impact that such efforts have had on the outcome of specific elections and referendums, our report highlights that the same foreign state actors continue to pursue this type of interference, and that for many states cyber-enabled interference has become an expected part of the political process. This perceived threat on its own has the potential to undermine the integrity of elections and referendums and voters’ trust in public and democratic institutions.

Cyber-enabled foreign interference in elections and referendums, or at least the perceived threat of such interference, will persist, and will likely accelerate as more of the world goes online. As the integrity of such processes is key to societal resilience, it’s vital that these events are better protected through greater international collaboration and stronger engagement between governments, the private sector and civil society. However, policymakers must respond to these challenges without adopting undue regulatory measures that could undermine their political systems and create ‘the kind of rigidly controlled environment autocrats seek’.