Tools of Election Interference: From Fake News to Deepfakes

Election interference predates the internet. However, rapid technological advancements introduced multiple new frontiers through which elections can be manipulated.

The 448-page Mueller report, which was released in April 2019, offers some insight into how state actors work to mold the opinions of voters in the digital age. The report sums up the results of a 674-day investigation and describes efforts by the Russian government to meddle in the 2016 US presidential election.

According to Mueller’s findings, Russian interference in the 2016 U.S. election consisted of a social media propaganda campaign as well as so-called “hacking and dumping operations”. The latter involved the hacking of accounts linked to the Hillary Clinton campaign and the Democratic Party. The information seized was later disseminated online by the Russians themselves and WikiLeaks.

Fast forward to 2020, and most experts agree that the integrity of the American ballot box is still at risk of being hijacked. The 2020 election is just around the corner, and the country is bracing for yet another potential round of foreign electoral intervention.

Key Takeaways

• Experts agree that potential cyber-interfering in the 2020 election will be more sophisticated than in 2016.
• The increase in ransomware targeting public institutions suggests that this might be vector-of-choice for politically-motivated hackers in the upcoming election.
• Deep Fake videos are expected to replace massive fake news campaigns used as part of the Russian influence on the U.S. election in 2016.
• In the meantime, the cyber security market size is projected to reach $258.99 billion by 2025, with a 11.9% CAGR according to a 2019 report by Allied Market Research.

Cyberattacks

The most visible feature of Moscow’s 2016 election interference was the hacking and release of the Democratic National Committee’s emails as well as those of Hillary Clinton’s campaign chairman John Podesta. Special Counsel Robert Muelller indicted a dozen Russian intelligence officials over the hack, which was attributed to a group known as Fancy Bear.

The leaked emails painted an unflattering picture of both the Democratic Party and its presidential candidate, suggesting that Clinton had rigged the DNC nomination process against her main rival Bernie Sanders. The stolen emails also exposed other potentially embarrassing practices by the Clinton clan, which may have swayed a certain percentage of voters.

However, the extent of the damage remains a subject of heated debate. Experts agree that interfering  directly was never part of Moscow’s plan since it could be easily traced. In addition, Russia’s efforts weren’t designed to produce a clear winner and loser.

Instead, the end-goal of the foreign involvement was to instill a lack of faith in the electoral system on a nation-wide level by affecting the very unit upon which democracy is built － the voter.

The main tools used to gain election influence  were fake news, potentially embarrassing leaks and accounts promoting fringe ideological discourse.

As for 2020, there is a buffet of hacking vectors on the table. Our focus is on the ones most likely to be used as part of any future foreign election interference.

Distributed Denial of Service (DDoS)

DDoS is one of the most attractive options when it comes to using hacking in the pursuit of a political agenda. Easy to deploy, cheap and highly effective, this vector basically makes a network or an individual device inoperable for a certain period of time. This type of cyberattack is popular because of its use of botnets as well as often obscure, and always encrypted, methods of communication that make the perpetrators extremely hard to trace. Needless to say, this feature is imperative when a state actor plans to engage in election interference or any other illegal cyber activity.

Botnet operates as a network of malware-infected consumer PCs that are managed remotely. The devices can be used to gain access to the user’s personal and financial data as well as act together to help conduct a cyber attack. In this case, the IP address becomes irrelevant because it leads back to the manipulated device instead of the source location.

In August 2018, the Swedish Social Democratic Party experienced a DDoS attack when their website was put out of service by attackers linked to North Korea and Russia. That same year, three Democratic campaigns in California fell victim to coordinated DDoS cyberattacks, which were attributed to election interference by a foreign entity.

Apart from disrupting the information channels available on political parties’ websites in crucial moments, hacking interference can discourage potential donors from making donations.

Ransomware

Ransomware directed against local governments has been on the rise throughout 2019. During the course of the year, various ransomware attacks impacted around 966 government agencies, causing an estimated $7.5 billion in damages. At least 113 of the ransomware attacks reported in 2019 targeted state and municipal governments and agencies.

Other institutions, including schools, police stations and hospitals, are working to secure their computer networks. According to The Cybersecurity Infrastructure Security Agency, ransomware will likely be used in this election year.

A potential well-timed ransomware attack could lock up computers processing voter registration databases, causing delays and possible data corruption. Meanwhile, local election officials could be prevented from verifying the votes. Such scenarios could result in numerous complications that would certainly affect the final outcome.

Power Grid Cyberattacks

Successful cyberattacks against power grids are rare. But that didn’t stop the US government from issuing an alert in 2018, which alleges that Russian hackers were behind a two-year-long campaign of probing and testing cyberattacks against the US grid.

The campaign allegedly included phishing attacks aimed at tricking utility operators to change their password and thus provide access to third-party computers. Meanwhile, reported malware infiltration was designed to gain control of so-called  Supervisory Control and Data Acquisition systems that are used by power generation and distribution companies.

One interference theory  centers on the power grid and potential blackouts during the elections that could cause damage to voter databases. Moreover, blackouts tend to create general public disturbances that could simply discourage people from taking part in the voting process.

Social Engineering and Hacking

Various phishing techniques were used prior to Donald Trump’s election, and many more are expected during this election year. Analysts agree that phishing campaigns featured prominently during the elections, although the array of motives still remains a subject of debate.

In April 2016, hackers running fake email accounts and targeting more than thirty members of Hillary Clinton’s staff managed to get their hands on credentials that allowed them access to the  DNC computer network. Using malware, the hackers managed to steal data from 33 DNC computers.

Another infamous spear-phishing attack related to the 2016 election was released in June 2017 by The Intercept. The website received a leaked memo from the National Security Agency via a whistleblower. The memo reported that the Russian government sponsored and coordinated a large-scale spear-phishing attack on an American voting machine company.

Furthermore, the NSA reported that at least one email account was compromised as a result of the action. Just hours after the article was published, the NSA identified the source of the leak. The 25-year old government contractor Reality Leigh Winner was sentenced to five years in prison in 2018.

Spear Phishing

Although phishing is the most common form of social hacking, its less known subcategory spear phishing was the most used vector during the Russian interference in the 2016 election.

According to a 2019 Symantec survey, spear-phishing emails remain the most popular avenue for attacks by more than half of all known groups. Symantec found that the most likely reason for an organization to come under a spear phishing attack was intelligence gathering.

The benefits to gaining access to the personal data of thousands of government employees are obvious. Spear phishing campaigns targeting military personnel and government officials have been going on for several years. Although it’s usually hard to prove these practices, several cases ended before the Supreme Court in 2018, linking spear phishers with foreign intelligence operatives in China and Russia.

Furthermore, the DNC announced in 2018 that they had been targeted by phishing emails a week after the midterm election date.

The campaign was allegedly linked to another hacker group under the command of Russia’s GRU military intelligence agency. The DNC claims that the attacks were part of a wider campaign reported by CrowdStrike, a cybersecurity firm that dealt extensively with investigating Russian interference in the 2016 election.

Whaling

Whaling is another form of phishing. Although rarely used in the context of foreign election interference , it targets high-profile figures instead of low and mid level employees. In other words, whaling is going after the big fish. CEOs in the corporate world as well as senators and presidential candidates in the public sphere are all potential targets of state-sponsored cybercriminals.

While leaking confidential data regarding electoral campaigns can arguably damage the reputation of an entire party, it can certainly divert or passivize a number of voters. If foreign hackers were able to interfere once in 2016, chances are they will try to do it again.

Social Networks and Fake Media Outlets

News of Trump’s impeachment on CNN  and other mainstream media outlets coincided with heightened concerns over the prospects of further election meddling in November 2020.

Democrats and Republicans both said that their positions on impeachment were meant to protect the integrity of the upcoming presidential elections. But the outcome of the process, which saw Republican lawmakers clear president Trump of any wrongdoing, only fueled debates about foreign meddling and political corruption.

Many downplay the significance of cyberattacks and feel that social media campaigns played an instrumental role in shaping public opinion in 2016. Fake news distributed through various blogs and channels questioned mainstream media outlets. Meanwhile, Russia’s infamous troll farm is believed to have orchestrated a campaign involving countless fake Facebook and Twitter accounts that were peddling conspiracy theories and other propaganda. However, it’s a matter of debate as to what extent the campaign contributed to the current level of polarization in the US.

According to Mueller’s investigation, the social media campaign spilled over into the streets as early as November 2015 in the form of dozens of rallies promoting rival causes and opinions.

One conservative commentator, Rush Limbaugh, summed up the nation’s political divide as the “Cold Civil War”.  Such sentiments emphasize the dangers that divisive and misleading social media campaigns pose to the country.

Fake Accounts on Social Media

Another prominent example of Russian interference involves the establishment of the so-called DC Leaks website in June 2016. The site that was responsible for publishing leaked emails from numerous American government and military officials is believed to be a front for Russian intelligence.

Cybersecurity researchers claim the site is the product of the GRU-linked Fancy Bear hacker group. A phony Facebook account under the name Melvin Redick was the first to share a link to the DC Leaks website. The New York Times would later describe the post as the “first public signs” of foreign intervention in the US election process.

Meanwhile, Russia’s state-owned media outlets, Russia Today and Sputnik, made sure the news circles the globe.

Facebook disclosed in 2017 that it pinpointed around 3,000 ads, which were bankrolled by more than $100,000 and linked to the Internet Research Agency － a company with strong ties to the Kremlin and Russian intelligence. The ads didn’t necessarily favor any of the candidates but promoted divisive views on sensitive social issues, including gun control, LGBTQ rights, race, women’s rights and immigration. The campaign lasted from 2015 to 2017 and was linked to around 470 fake accounts and social media pages, all of which have since been shut down by Facebook. Twitter followed suit by removing more than 50,000 accounts created solely for the purpose of promoting political dissent.

But the measures taken by social media giants faced significant backlash. The campaign of removing all content that goes against the company’s rules and regulations angered some users. Many feel that Facebook is restricting free speech in its efforts to contain Russia’s election interference in the future.

So will social media play a key role in any potential 2020 election interference by foreign actors? This theory is entirely plausible. Although companies like Google, Facebook and Twitter have taken measures to reduce the presence of troll accounts, social media users are known for their adaptability.

Fake News

Fake news has become synonymous with Russian election interference. In the months leading up to the 2016 elections, articles posing as news became the main source of information for millions. On the one hand, Donald Trump adopted the term as a way of discrediting the mainstream media. But in other instances, he fueled conspiracy theories and helped delete the thin line between fact and fiction for millions of Americans.

This gave rise to a new political culture known as post-truth politics. The term was coined to describe how the internet influenced the pace of information distribution by appealing to the reader’s emotions rather than providing facts. According to data from the Pew Research Center, 83% of Americans get at least some portion of their news through social media. It was statistics like this that encouraged foreign actors to interfere by fueling the fake media campaign and an increasingly toxic political discourse.

Analysts are warning that Russian influence on U.S. elections will likely come in more sophisticated forms in the future because internet users are more likely to check for credible sources. But while articles and photoshopped images are losing their allure, Artificial intelligence is expected to feature prominently in the upcoming elections.

Deepfakes

Fake news is old news. The new kid on the block is an AI-generated video forgery, better known as Deepfake. The technology can enable anyone to generate a video of a politician and literally put words in their mouth. Needless to say, this could affect how the general public perceives their candidates and ultimately disrupt the voting process.

What started out as an AI-based face-swapping tool commonly seen on social media, gained a political dimension in April 2018. Comedian Jordan Peele created a deep fake video that shows former President Barack Obama openly criticizing Donald Trump in a public speech. The video caused immediate confusion even though it was debunked soon after its release.

Another example of a politically-charged and dangerously misleading deepfake video surfaced in May 2019. It depicted US House Speaker Nancy Pelosi as being impaired, creating a convincing deception about a person in power stuttering through her speech.

Cybersecurity experts are concerned about the fact that the technology is very easy to master and can be manufactured by anyone with a computer, and interested in influencing an election.

The second major issue regarding deepfake videos is that they tend to go viral in seconds. These videos are extremely easy to share, and since the content is often packaged to appear as breaking news, an average deepfake can circle the globe in a matter of minutes. Experts fear that deepfakes will eventually dethrone fake news on social media.

Misinformation has proven to be a powerful tool in the game of  interference, influencing the masses that are unable to tell the difference between real and doctored content.

Epilogue

The list of tools for election interference is certain to expand in the coming months as hackers work to stay one step ahead of cybersecurity experts.

But previous instances of election interference and existing threats have led to the introduction of a series of laws designed to ensure better cooperation between law enforcement agencies like the FBI and local administrations that handle the elections.

Despite efforts by the Trump administration to downplay the extent of foreign interference in U.S. elections, the posture of the FBI and the Department of Homeland Security hints at a looming threat of cyberattacks.

The Mueller investigation laid the groundwork for understanding the model of Russian interference in the election, but other players have since entered the fray. China has both the capabilities and the motives -  fueled largely by the ongoing trade war with Washington - to disrupt the electoral process. Then there are countries like North Korea and Iran that have drastically enhanced their cyberwarfare capabilities in the last few years.