The CSE report, Cyber Threats to Canada’s Democratic Process, highlights three aspects of the democratic process that are likely to be targeted: Elections, political parties and politicians, and media.
While election processes vary across federal, provincial/territorial, and municipal jurisdictions, the report examines three essential and common phases: registering voters, voting, and disseminating results. While some of these processes are still paper-based, others rely on electronic systems. Key threats detailed in the report include preventing citizens from registering, preventing voters from voting, tampering with election results, and stealing the voter database.
According the report, “While there is a risk that cyber capabilities could be used to covertly change the vote count and lead to a different election winner, we assess that this would be very challenging for an adversary to accomplish if elections were conducted in a manner that includes cybersecurity best practices and paper processes that occur in parallel. In general, it is likelier that adversaries would use cyber capabilities to disrupt the voting process in order to sow doubt among voters about the fairness of the election.”
More specifically, with respect to the upcoming 2019 federal election, the report points to areas of higher risk: “Federal elections are largely paper-based and Elections Canada has a number of legal, procedural, and information technology measures in place, which mitigate cyber threats. We assess that it is nearly certain that, regarding Canada’s democratic process at the federal level, political parties and politicians, and the media are more vulnerable than the elections themselves.”
Political parties and politicians are obvious targets. In the US, hackers believed to be associated with Russia compromised DNC computers and released private emails. Similar scenario played out during the final days of the recent French election.
“During the electoral process, voters are judging and assessing political parties and politicians as they decide who will get their vote. Political parties and politicians try to persuade voters using specific messages and ideas. Adversaries may try to obtain damaging information to gain control over individuals and/or sway public opinion against them.”
According to the report, the primary threats against politicians are: cyberespionage, blackmail, embarrassing or discrediting a political target, and stealing or manipulating the voter or party database. An almost unlimited number of attack scenarios are possible. For example, if emails are stolen, blackmail may be attempted and it is trivial to alter emails or mix fabricated emails amongst real ones prior to releasing them to the media. Journalists, and sites such as Wikileaks, may be leveraged in an attempt to increase the perceived legitimacy of the information.
Traditional and social media are also targets. While hacking the voter list or compromising political party computers remain serious threats, manipulating the media could be easier, less risky, and more effective. The report explains:
“Meaningful political participation in Canada’s democratic process depends on the public having access to a broad spectrum of information and competing political viewpoints. Nowadays, Canadians mostly get their information online – either through traditional media establishments, social media, or both. It is also online where most Canadians contribute their own views on the political issues of the day.
The concern arises if foreign adversaries use cyber capabilities to try to covertly influence Canada’s media environment. Adversaries could achieve this through a thorough understanding of how traditional media and social media work and how Canadians consume information. The existence of foreign influence, or the perception of such, could shape the opinions of voters and reduce the trust that Canadians have in the information they are getting.
Adversaries could use social media to spread lies and propaganda to a mass audience at a low cost. Adversaries could masquerade as legitimate information providers, blurring the line between what is real and what is disinformation. They could do so by hijacking social media accounts, or they could create websites or new social media accounts that purport to be trustworthy producers or disseminators of news and information.”
For example, “According to media reports, French intelligence believes that social botnets were used to influence the presidential election. Certain social media accounts, the same ones that were active during last year’s US election, were promoting false and defamatory information against a leading candidate.”
Botnets and troll farms are of particular concern due to their ability to amplify messages on social media. “Some adversaries will use ‘troll farms’ – groups of people who are paid to spread propaganda on comment sections of traditional media websites, as well as Twitter, Facebook, and anywhere else they can reach their audience. In a similar manner, adversaries use social botnets – a series of computers that are all coordinated by one user. A single individual can harness hundreds or even thousands of accounts in order to amplify his/her message, artificially giving rise to the appearance of public consensus in support of a particular view.”
CSE should be commended on this report; it objectively examines threats to the Canadian democratic process and explains various cyber attack scenarios in non-technical terms. Effectively addressing cyber threats requires a multi-pronged, multi-layered approach. Public awareness, including this report, is an excellent first step.
Have a security question you’d like answered in a future column? Eric would love to hear from you.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…