We are not done with state-sponsored hacking. Far from it.
It seems every election is likely to be disrupted by some form of hacking and the subsequent spread of fake news and stolen documents. Unfortunately, the problem won’t go away.
Last Friday, a few hours before the end of the French presidential campaign, and right at the start of the mandatory “quiet period” before the vote, Twitter erupted: A big dump of documents had just been released. It contained 9 gigabytes of emails and various documents from the Emmanuel Macron's campaign. (Unbelievable stuff: the Macron campaign has a budget, it pays its suppliers and its staff uses emails and spreadsheets…)
The campaign originated from the American alt-right message board 4chan message and from the former Trump operative Jack Prosobiec. In a matter of hours, #macronleaks became a dominant trending hashtag on Twitter. Wikileaks played its usual and murky game, initially boosting the spread of the dump as shown here in this visualization from the data scientist Nicolas Vanderbiest:
…before backpedaling as it became obvious the fingerprints on this last-hour offensive were only too well-known:
… and because even the most basic digital forensic work would find Cyrillic characters in several documents doctored to compromise Macron’s team (that was the fake news factory part of the attack, for instance the alleged meth purchase with bitcoin).
But, as expected, the damage was done as shown in this poll hastily put by Wikileaks:
The Macron hacking did not really come as a surprise. First, early January, the French Directorate for Intelligence (DGSE) detected attempts originating in Russia aimed at attacking Macron’s information system. Then, last Friday, during the vicious television debate, Marine Le Pen hinted that something was brewing when she warned her opponent: “I hope for you that before the end of the week, nothing will surface about, for instance, a secret bank account of yours…” As Donald Trump did, Marine Le Pen maintains strong connections with Vladimir Putin, they both share anti-EU views.
As it turned out, this incident had no visible impact on the election's outcome: Emmanuel Macron won yesterday with 66.1% of the vote (3 points more than in the latest polls), vs. 33.9% for Marine Le Pen.
Which brings us to the subject of this column: we are not done with fake news, hacking and electoral manipulations. Quite the contrary. In less than a year, we had at least half dozen electoral processes affected to some degree by various forms of hacking and fake news propagation. I can see at least four factors that will continue to fuel the phenomenon:
1. The rise of state-sponsored cyberwarfare. Three countries have gone on the offensive: China (scores of hacks, mostly on private corporations), North Korea (remember the giant Sony Picture hack), and Russia. The latter differs slightly from the two others: for one, in order to cover its tracks, the Kremlin relies largely on private hacking outlets to do the dirty work; two, hacking offensives are designed to serve precise foreign policy objectives.
2. The Russian Agenda. A few weeks ago here at Stanford, I chatted with a gentleman for whom I have the utmost consideration. His name is Toomas Hendrik Ilves; he is the former president of the republic of Estonia and currently Fellow at Stanford’s Freeman Spogli Institute. In 2013, I wrote a piece about the spectacular modernisation conducted at the time by Ilves:
Estonia knows first hand what a large scale cyber attack means. In 2007 in retaliation of the removal of a local Soviet symbol, Moscow launched a full-blown attack on Estonia’s infrastructure. Not only did the small Baltic state get over it, but it became so good at cybersecurity that Tallin became NATO’s hub for cybersecurity.
When I asked Toomas Hendrik Ilves about the motives behind Russia’s relentlessness in disrupting electoral processes, his reply was straightforward:
“I think it’s clearly the idea of splitting up the European Union and NATO. As long as you have the European Union, you have 440 million people and a GDP that completely dwarfs Russia’s. The combined military of NATO also dwarfs Russia’s. On the other hand, if you split up EU, the largest country there is Germany, certainly richer but with 80 million people. It has been since the 1990’s, Russia’s political line: We don’t like the European Union and we prefer to have bilateral relation with EU states. Why? Well, NATO is a collective defense organization, the EU has imposed sanctions on Russia. Once that falls apart, it is in Russia’s interest.”
Put another way, Putin’s anti-EU agenda warrants a systematic interference in each election in Europe to support the candidate who will be the most likely to break-up the Union. Elsewhere in the world, Russia or China might have similar aims.
2. Technological leverage. Hackers and fake news promoters have access to a tremendous amount of tech tools to propagate their messages. In the minutes following the Macron hacking, legions of bots took over. In his analysis, data scientist Kris Shaffer notes:
5% of users accounted for a full 40% of the tweets. The most prolific account tweeted 1668 times in the roughly 24 hours of data ― that’s faster than a single (re)tweet per minute, all day with no sleep.
The ability to harness such power will grow exponentially. Today, deploying servers and bandwidth can be done with a few keystrokes. In the next four to five years, the propagation of hacked material won’t look like today’s carpet-bombing, but more like surgical strikes. Last winter, at a lecture at Stanford, an executive of Cambridge Analytica — the most advanced firm in high-tech political campaigning — explained that the next decisive step will be the ability to use bots and AI to address tailored political messages directly to each individual. Without a doubt, sophisticated hackers will have this capability in the future. (More on bots and targeting in a next Monday Note).
3. Receding Democracy. The common trait of the most active countries in state-sponsored hacks is the absence of a democratic process. Recently, Europe narrowly escaped such drift: close calls in Germany, Netherlands and France. But elsewhere, democracy is indeed receding: Turkey and Philippines are recent examples. Given the favorable cost/benefit ratio of large-scale hacking, it is therefore certain that a growing number of authoritarian regimes will attempt to hack their rivals.
4. Delicate response. All democratic states have developed comprehensive cyberwarfare capabilities. The United States created a dedicated section called the US Cyber Command, with a staff of 6000. France, UK, Germany have similar (albeit smaller) units. However, all the people I spoke with in this field point out the same paradox. If a targeted state is willing to retaliate on the same ground, it will have no choice but to reveal its weapons. And it is likely to work only once: hypothetically, if the United States wants to disable a Moscow power plant, the Russians will get a precious indication of USCYBERCOM’s targeting tactics; better preserve this bullet for an all-out cyber conflict. Practically, as seen in the Russian interference in the American election, retaliation is likely to be insignificant, which will further encourage rogue states to weaponize the internet.
In a future Monday Note, I will come back more specifically to the fake news issue and look into the current and largely inadequate response by distribution platforms.
