Wednesday, August 5, 2020

BH20: Hacking the Voter: Lessons from a Decade of Russian Military Operations

Nate Beach-Westmoreland, Head of Strategic Cyber Threat Intelligence, Booz Allen Hamilton

Nate has been involved in elections since a youth.  For background, read Russian's Military Doctrine that explains tactics, targets & timing of GRU operations.  Long story short: they've been doing what they said they would do!

This is not a new thing - been doing this at least since the 1970s.  Many of the strategies haven't changed, either. what has changed is the technology and who is doing it. In the 1980s, it was the KGB and the Propaganda department.

In the late 1990s, Russia switched to the tactic of Information Confrontation - the continuous competition over beliefs, opinions, perceptions and feelings to enable the furthering of states' agendas.  This has been adopted by the Russian Military and is even documented on their website!

The Information Confrontation has two sides: informational-psychological and informational-technical capabilities.  These are used for more than just swaying an election.  Moscow's preferred candidates have rarely won, but they did succeed at undermining the winner - making them weaker, less able to oppose Russia. 

Information conflict is both offensive and defensive - can demonstrate that "fair, free and democratic" societies are not desirable nor obtainable - So, Russians should stick with the status quo.

Look at what happened in the Ukraine in 2014.  Attacks against the Ukrainian election started a few days in advance, trying to destroy the vote counting system.   They took over websites of officials, creating fake announcements that the system had been breached and then attacked the vote reporting site to show a fringe candidate as winning - all to delegitimize the actual election results.

Similarly in Bulgaria, the GRU launched an DDOS on voter registrar sites, so voters could not find their polling place.

In France (2017), the GRU started phishing Macron's campaign, and started blasting Macron with all sorts of falsehoods about Macron's character.  Even though they were easy to debunk, they built a story that Macron may be a seedy character.  France has a ban on campaigning and commentary within 48 hours of the election, and released more falsehoods and private campaign documents right before.

Similar things happened in Montenegro in 2016.

Then in the US in 2016, similar tactics again: leaking internal campaign - time released to maximally inflame divisiveness. They started spreading fear about election infrastructure and threats of large scale fraud/vote rigging.

When Russia is caught, they go on a "whataboutism" campaign - 'So, what, our athletes were doping, your athletes have done the same thing - what about those athletes?" How can you be angry about us trying to interfere in your election, when US does it to other countries? 

As we've already seen Russia attack power grids, what would happen if they did it on an election day?  Either in the US or other nations?

No comments:

Post a Comment