Russian Election Hacking Efforts to Influence Presidential Elections
Although the threats of the upcoming United States general elections differ from that experienced in 2016 and 2018, the threat actors or activity groups involved remain the same. Additionally, Russian hackers have successfully conducted various phishing and cyber-related attacks and operations that target the U.S. electoral process and democratic institutions, imply that this threat still exists. According to Gercke (2017), Russia has continued to target the United States in directed information operations attacks since 2016. Moreover, Gercke (2017) adds that the Russian threat activity organizations have continued to expand their infrastructure into developing various malware and exploits that target various election entities internationally. Although there have been no reported incidents of Russian states sponsored cybersecurity incidents or hacked operations this year, the likelihood of an attack cannot be ruled on the upcoming 2020 U.S. general election. As such, this discussion explores the Russian election hacking efforts to influence presidential elections and the tangible and intangible consequences of these incidents.
The Russia-Sponsored Elections Interference of 2016 and 2018
In the 2016 and 2018 U.S. elections, threat actors sponsored by the Russian state conducted unprecedented campaigns and attacks targeting candidates and their political parties and the infrastructure used in the electoral process. Berghel (2017) explains that an investigation about this intrusion done by the U.S. government revealed that these attacks efforts were mainly led by the Russian Main Intelligence Directorate, with a lot of support from associates such as the Information Research Agency. These two organizations often conduct tactical and foreign intelligence roles for the Russian government. According to Berghel (2017), the group comprises of several sub-units that are involved in various fields such as cryptography, intrusion activity and signal intelligence.
The Threat Actors
Before the 2016 U.S. presidential elections, three groups of advanced persistent threats (ATP) sponsored by the Russian government were involved in several targeted intrusion activities, with some of them acting as hybrid threats because of their engagements in information operations and targeted intrusions. The main threat actors for these intrusions were identified as 74455, APT28, and APT29. These ATPs engaged in various targeted intrusions activities against the Democratic National Congress and other individuals and organizations related to the electoral process (Berghel, 2017). Moreover, the U.S. Department of Justice indicted personnel from the GU Unit 26165 in association with the APT28 activity and engaging in various information operations efforts (Berghel, 2017). Additionally, the same group was indicted for interfering with the U.S. elections. Still, unfortunately, none of the customized malware associated with GU Unit 26165 was identified on the networks that were impacted by these intrusions.
Similarly, in 2018, the same threat activity organizations and influence operations were behind the attacks targeting the United States midterm elections. For example, the APT28 threat group was behind the spear-phishing operations targeting at least three candidates who at the time were running for a legislative office (Perlroth, Wines & Rosenberg, 2019. Although the success of these efforts remained unclear, Microsoft was able to release information that identified the most likely targets of these activities at the United States senate. The United States Depart of Justice also raised criminal complaints against the Russian influence operations entities responsible for social media advertisements, domain registrations, and the purchase of numerous proxies suffers that aimed to promote various news posting on different social networks and other related activities (Perlroth, Wines & Rosenberg, 2019. To deter these threat groups from inflicting more damage to the 2018 United States midterm elections process, the U.S was able to respond by targeting the Russian Information Research Agency, taking them offline temporarily (Perlroth, Wines & Rosenberg, 2019. However, although some of these threat organizations were successfully deterred from interfering with the past United States electoral process, their threats remain and cannot be ignored given the fact that state-sponsored actors are continuously adopting new strategies. As such, there is a serious need for authorities in the United States to be prepared for the potential of these threats being existent in the coming 2020 U.S. presidential elections.
Consequences both Tangible and Intangible
The tangible consequences associated with the Russian election hacking efforts were that some analysts suggest that influenced the opinion of the voters towards certain candidates in the electoral process. For example, the leaked emails affecting presidential candidate Hillary Clinton have swayed voters against her in favor of her opponent (Perlroth, Wines & Rosenberg, 2019. As a consequence, it is justifiable to argue that the Russian meddling in the U.S. electoral process, to some extent, influenced the overall electoral process in the 2016 U.D. presidential elections.
Additionally, these Russian electoral hacking efforts targeted candidates and their political parties and the infrastructure used in the electoral process. These efforts eroded the confidence in the entire electoral process, with some states reporting incidences of failure on their electoral voting machines, thus preventing a sizeable number of people from exercising their democratic rights (Perlroth, Wines & Rosenberg, 2019. As such, in the future, the U.S. government should do everything possible to safeguard the U.S. electoral process; these Russian attacks since it serves a duty to safeguard the sovereignty of the country from external influences.
Berghel, H. (2017). Oh, what a tangled web: Russian hacking, fake news, and the 2016 U.S. presidential election. Computer, 50(9), 87-91. doi:10.1109/mc.2017.3571054
Gercke, M. (2017). “Hacking an election.” Computer Law Review International, 18(5). doi:10.9785/cri-2017-0503
Perlroth, N., Wines, M., & Rosenberg, M. (2019, September 1). Russian election hacking efforts, wider than previously known, draw little scrutiny. Retrieved from https://www.nytimes.com/2017/09/01/us/politics/russia-election-hacking.html