Preventing hacking and interference is beginning to dominate the discourse around elections in the US.

In the fallout from the highly divisive US election campaign in 2016, it emerged that there had been significant interference from outside sources, most notably Russia. Beginning as early as September 2015 and continuing into November 2016, Russian hackers infiltrated the campaign emails of then-candidate Hilary Clinton, sent out phishing emails and obtained access to messages and data from the campaign. The contents of these were then published by WikiLeaks, all with the intention of harming Clinton and boosting the hopes of then-candidate Donald Trump.

Although the interference campaign did include hacks on John Podesta’s, chairman of Hillary Clinton’s presidential campaign, emails and a hack of the Democratic National Convention’s (DNC) computer network, the methods were more wide-ranging. Most prominently, social media was exploited to spread propaganda whilst also spreading misinformation about Clinton’s health.

This endured into 2020 as Russia attempted to denigrate now-President Biden’s candidacy. To that end, the task of protecting electoral integrity is now a prime concern. It is no longer simply a task of protecting servers against hacks, but combatting the spread of misinformation online.

From Russia with love

An important takeaway from the latest election cycle was that, despite Trump’s best efforts to claim voter fraud, there is no evidence that the technical aspect of the voting process was compromised, including voter registration, casting ballots, vote tabulation or reporting results. This will come as some comfort as it means that the overall integrity of the electoral mechanics was preserved. That said, there was not an absence of interference.

On March 10, the US National Intelligence Agency (NIA) released their findings from an investigation into the 2020 election. Among the discoveries was Vladimir Putin’s authorisation of influence operations to the advantage of then-President Trump. These efforts had the further agenda of deepening the sociopolitical divides in the US. To do this, Russia used online resources to disseminate misinformation and unsubstantiated claims about Biden. Although the NIA report stressed that there were not persistent efforts from Russia to gain access to the election infrastructure, it cannot be ignored that Russia managed to mount an interference campaign.

So how did Russia interfere with the 2020 election? The approach taken by Russia recalled their efforts in 2016 as they exerted an online influence to amplify mistrust in the electoral process. In an overview of the report, the following was said about Russian efforts during the election cycle:

‘Russia’s efforts were marked by extensive preparation and the use of trolls, agents of influence, and American influencers of the useful-idiot variety, with messaging amplified by online proxies and Russian official media outlets.’

Although the proxies employed by Russia can be identified, preventing the wider spread of the misinformation complicates the process of protecting the election. Once the information has become available online, even if it is only for a short period of time, it will be seen by users. Then it is just a question of how far it spreads before it can be removed.

Further to this, security forces must also deal with the fact that the misinformation is reaching media outlets. With their wider reach, media outlets have the potential to further Russian agendas through a failure to disregard and rebuke falsehoods. In the age of highly partisan media outlets and narratives, cybersecurity forces are tasked with an almost impossible task: they have to prevent misinformation from gaining traction online before they even come online.

Who else was involved?

Russia’s efforts to influence the outcome of the US election were the most persistent, but they were not alone in attempting to shape the election to their own benefit. Indeed, the NIA report found that China, Iran, Lebanese Hizballah, Cuba and Venezuela all carried out cyber operations.

What is noteworthy in regards to China is the lack of interference. As seen with the recent hack of Microsoft, China has the cyber capabilities to cause chaos, if they so choose. The intelligence indicated with high confidence that China did not deploy influence efforts to change the outcome of the election, although they did seek to undermine then-President Trump’s reelection chances.

Iran, conversely, mounted a campaign with similarities to that of Russia. Cyberwire described the methods used by Iran as “cyber tools and methods”, centred around social media. Further to this, cyberwire outlines how emails were employed to the detriment of Trump:

‘[Iran used] highly targeted email campaigns that spoofed rightwing groups like the Proud Boys and threatened the recipients, for the most part likely Democratic voters, with crude appeals to vote for Trump, evidently hoping thereby to provoke a backlash against the former President.’

As with Russia, the problems posed by this methodology is that it targets people on an individual level. Conducting these cyber operations may not have the same overt impact as the hacks of 2016, but it nevertheless endangers electoral integrity since the electorate are influenced by being fed misinformation.

What can be done?

The crux of the matter is determining how to protect against social media manipulation. Yet, although it is relatively simple to recognise the problem, combatting it is an entirely different matter. Work has been conducted with the hope of helping in this regard. For example, Sinan Aral and Dean Eckles have posited a methodology for rigorous analysis of social media manipulation. That said, it remains a challenge to prevent this information from becoming visible in the first place.

In this respect, it becomes the responsibility of social media companies to clamp down on the presence of misinformation on their sites. Without suitable measures to ensure that these stories are fact-checked and verified. If this is not possible, they must be removed.

To that end, ensuring that elections can be carried out safely is a question of having a multi-dimensional cyber security arsenal. Protecting against hacking is only one aspect. Social media is increasingly becoming a tool for interfering in elections, and so, it is now incumbent on social media to play a role in limiting the spread of misinformation.

About the Author: James Hingley

James Hingley is a contributing Features Writer with extensive expertise in International Relations, Politics and Culture.