Cyber ​​risks and electoral destabilization [Partie 1/2]

In democratic states, recent elections have for the most part been marked by events of varying importance in the immaterial field, ranging from the attempt at major destabilization to demonstrations of a much smaller scale. Each of these events raised awareness on the part of those involved in the electoral process. However, this statement must be put into perspective in view of the still marginal place occupied by the topic of cybersecurity, whether in the political programs of candidates or in the operational management of electoral campaigns by their various protagonists: States, political parties, media and social networks or polling institutes.

The various threats are not intended to destabilize the cyber environment itself. The latter is only a vector, a means and not an end. Either it’s about leaks of data obtained following phishing, defacement, DDOS attack, etc., the primary goal of attackers is never to compromise the technical infrastructure itself. The final effect sought is systematically to undermine the normal course of the electoral process, whether it involves calling into question the sincerity of the ballot, discrediting one or more candidates or even, to a greater extent, destabilizing the democratic system. .

These elements call for a series of remarks, bearing first on the multiple threats and risks to which the elections in France are exposed, then on the imperative to take these dangers into account before, during and after the electoral deadline. Finally, the European aspect of cybersecurity issues, which is becoming increasingly important, should not be forgotten.

Diverse threats, multiple risks

The massive digitization of French society exposes its democratic practices to new risks arising from the exploitation of information and communication technologies. If the electoral process was previously the subject of particular threats, it is now necessary to take into account new ones, resulting from the use of cyber. Whether they affect the cognitive manipulation of voters, the reputation of candidates or the integrity of IT infrastructures, they constitute so many risks to which the State and society must respond.

In 2003, only 31% of French households were connected to the internet, against 93% today. In 20 years, the interconnection of populations has made a phenomenal leap, both in France and in the rest of the world. Dematerialization is observed in all spheres, both private and public, and the French electoral system is no exception to the trend. Although the polls are not yet conducted via the internet, unlike our American counterparts, the IT infrastructure used in the background remains colossal. The call for projects for the digital transition of the State carried out by the government in 2015 attests to this desire for widespread digitization.

Thus, television channels are in the front line during election periods, as they represent an important source of information for voters. The polls, the interviews of the candidates or even the announcement of the results are all critical information transmitted by television. Chains are highly affected by cyberattacks given the high IT dependency of all their processes. For example, the interruption of the broadcast represents a critical risk, as was the case for TV5 Monde in 2015. The Internet, and more specifically social networks, is today the preferred medium of communication of many political parties and a major source of information for the population. Cyberspace is therefore a strategic terrain for the various players in French democracy, making cyber risk a concern and a major threat to various aspects of the presidential election, whether cognitive manipulation of voters, discrediting of candidates or sabotage of the IT infrastructure of electoral actors.

The different cyber manipulation biases

The manipulation of voters’ thinking is perhaps the most formidable threat. It touches on the principle of data integrity. Its objective is to induce erroneous or distorted ideas in a voter in order to guide their vote. Manipulation is today massive on social media, it is the quickest and easiest way to reach voters directly. This disinformation can take several forms, including that of “fake news”, a term that comes up most often in the speeches of the candidates, as it threatens democracies. This was particularly observed during the american presidency of donald trump. According to a study conducted by the CSA in November 2020, the spread of false information is often much stronger than the spread of verified information. The fake news are generally more debated and generate a greater number of reactions, having the effect of increasing the visibility of these publications. Taking arguments out of context, posting false statements or rumors are all examples of fake news.

Another means of manipulating the electorate is the defacing the websites of institutions or political parties with propaganda messages. A more subtle method, fitting perfectly into an era when data processing has never been so important, is that of targeted advertising: the selection and adaptation of a candidate’s speech, following a careful data processing, in order to please everyone. This method can be very effective, because much more insidious.

Finally, with the emergence of artificial intelligence algorithms, the deepfake today represents a disturbing vector of manipulation. Many online services make it possible to carry out deepfakes more than convincing in just a few hours. This technology is becoming more and more accessible with increasingly realistic renderings, which makes it formidable. The manipulation of voters is therefore indeed a major threat to the elections. It has the particularity of using only cyberspace as a means of relaying information. Monitoring social networks, demystifying fake news and raising awareness of different practices are therefore areas on which it is absolutely necessary to be present to mitigate the risks and combat this threat.

Reputational attacks based on data leakage

The discrediting of candidates is a threat to all political parties and can occur at any time during the electoral campaign. It affects the principle of confidentiality of the data and in some cases to its integrity. It can take the form of an open disclosure of compromising data for the candidate, sometimes mixed with fake evidence. This data can be private exchanges, emails, compromising photos, the highlighting of relationships with cases of an illegal nature, etc. Unlike the first threat mentioned, this one uses all the existing means of dissemination to express itself. Its purpose is to discredit a candidate in order to hinder him in his campaign, or even to disqualify him.

These disclosures of information are mostly the result of cyberattacks on the information systems of political parties. Exploiting weak passwords or reusing them is very often the main security flaw in systems. According to a statistic study conducted by google, 66% of users use the same password multiple times for different sites and 20% have shared it through email. Multi-factor authentication is a good way to limit this risk, but only 37% have it activated. The importance of awareness of the risks associated with online authentication is still underestimated today, bad practices are still frequent. Social engineering and phishing attacks are also very common. They are more and more evolved and their number breaks records every year. The exploitation of purely technical flaws should not be overlooked either, especially since the recent geopolitical events between Ukraine and Russia. The simple update of the applications and operating systems used greatly reduces exposure to risks. Ensuring the awareness of members of political parties to the problems of passwords, unknown USB keys and phishing is an essential mission. Supervising the technical security of their information systems is also an aspect that should not be neglected given the considerable strategic interest that presidential elections represent.

the sabotage of the IT infrastructure of electoral actors also represents a worrying threat. It touches on the principle of data availability. Institutional websites, political party platforms and TV channels are all under the threat of technical unavailability. Attacks by denial of service (DDoS) are the most widespread and the most operational. The principle is to overload a server with requests in order to occupy 100% of its bandwidth, making it inaccessible and causing potential malfunctions on the network. These outages can last several hours or even days, depending on the scale of the attack. They are difficult to counter and very easy to implement. Many online services offer to rent Botnet for malicious purposes. The spread of ransomware also represents a major threat in terms of data availability and confidentiality. An interruption of broadcasting on the France Television channels on the evening of the announcement of the results would have a disastrous reputational effect both in France and internationally. The recent example of Russian TV channel suffered a broadcast interruption by the movement Anonymous shows that the threat is very real. Business recovery and continuity plans must absolutely be established by all electoral actors.

Between misinformation and cyberattacks, the presidential election concentrates all the 2.0 risks. How is France preparing for it? Find the answers in the second part of this analysis.

The second part of the analysis will be available on 7/04.

Raphael Barrasset and Guillaume Brechlerfor the cyber club AEGE

For further :

We want to say thanks to the writer of this post for this remarkable web content

Cyber ​​risks and electoral destabilization [Partie 1/2]

Discover our social media profiles , as well as the other related pages