12 June 2019

The 25-26th of May 2019 European parliamentary elections - Russia’s possible strategic influence operations

Sergiu Medar

Image source: Mediafax

In May 2019, it will take place the elections for the European Parliament in the entire European Union, a special occasion for Russia and other interested states to try to influence the European policy by sending in the European Parliament some new members to support the political decisions favoring the aggressor states. These states will develop strategic influences actions over the EU member states during the campaign, but also during the electoral scrutiny. The development of some complex actions to establish a psychological group profile, the manipulation of voters through “fake news”, as well as the penetration of intelligence systems are operations the EU states must face to organize and develop free and correct elections. 

The strategic influence operations, along with cyber-attacks to ensure an efficient penetration are, in the digital era, some of the most effective hybrid and asymmetrical methods to succeed in non-kinetical aggressive actions. Therefore, the definition of success is influencing leaders’ decisions or the development of some national or international political activities by manipulating people and/or masses by using a communication adapted to targets’ profile. By entering the private or official intelligence systems one can get information to be used for establishing the strategic influence opportunity, as well as the physiological and behavioral profile of the targets.

To that end, it can be used, especially by the dictatorial states, the vulnerabilities of all world’s democratic states. Included in the cyber aggressors category is listed not only Russia, but also China, Iran, states of the Gulf and maybe some European states, depending on their interests.  

The US, alike other states from the “old continent” were, during the last years, targets of some strategic influence operations. These have been manifested through hackers’ illegal attacks over governmental or bank intelligence systems, the spread of “fake news” with pre-established targets based on the individual or group “profiling” actions, falsification of elections’ results, and other actions. Recent history shows those responsible with ensuring the development of a free and correct electoral process various examples which are learned lessons for the fight against illiberalism, authoritarianism, fakes and fraud.

Starting with the cyber-attack over Estonia from 2007, ended with huge financial loses and continuing with the ones against Georgia and Poland, most of these aggressive actions were speculated to be Russia’s. It is also known the cyber-attack over the intelligence systems of the German Parliament from 2015. Then, also, the German intelligence services have blamed some Russian hackers for the cyber aggression, without actually being able to prove it.

A relevant example is Russia’s interference in the strategic influence operations on US’s territory around the 2016 presidential elections. The arrest of 12 Russian GRU officers by the US authorities is a first measure taken in this complex combat process of operation’s effects. On 18th of July 2018, they were sent to court. The accusations are perfectly defining the nature of these cyber operations developed in behalf, at the order and in favor of Russia, as publicly made across international media.

The Russian officers were part of the 26165 and 74455 units, hired in computers penetration operations to collect documents which were afterwards offered to the media. The unauthorized access to these systems was made against some people involved in the 2016 presidential electoral campaign. This way, starting with March 2016, there were penetrated the computers of the Democratic Party candidate, Mrs. Hillary Clinton, her electoral chairman, as well as of some volunteers and employees. In the same period, the cyber aggressors have collected files from the work computers of Democratic Party’s employees. The simple fact that the data was offered to the media, it meant that the result of the presidential campaign was vitiated. The current investigation in the US has the headline for nearly 2 years in the Washington mass media.

Although world’s states are in the era of digitalization, for the results of the elections in Netherlands and Norway, 2017, to not be vitiated, these countries authorities have decided for the counting to be hand-made, in order to avoid any kind of intelligence systems penetration by hackers. Emmanuel Macron’s electoral campaign was also the “victim of a massive and coordinated cyber-attack”, the cyber aggressor supporting the Le Pen group. In Germany, 2017, it took place other cyber-attacks over some think-tanks belonging to both governmental parties. In 2018, a group of Russian intelligence officers tried to penetrate the computers of Organization for Chemical Weapons Prohibition, having the head office to Hague. The attempt failed. Microsoft has recently revealed that there were found attacks of the Russian APT28 hackers group, known also as Fancy Bear, over some European think-tanks.

In May 2019, it will take place the elections for the European Parliament, an extremely tempting target for the cyber-attacks coordinated or effectuated by governmental organizations, but also by individuals or non-state groups.

Talking about strategic influence operations, Julian King, the European security commissioner, was mentioning in a public statement that there is a “great possibility for the debates and results of European elections to be falsified”.

For four days, the elections for the positions of each EU member state in the new European Parliament will be held in 27 countries and, depending on them, it will be shaped the European policy for the next five years.

There will be participating hundreds of political parties to this electoral campaign, thousands of candidates, tens of thousands of ballots and counting centers and, not least, 400 million voters. The involvement in such a process and its influence are extremely tempting for, at least, states likes Russia and China, if not also for some Arab states.

The participation at the vote for the European Parliament elections is, in almost all Union’s states, much more decreased than for the national parliament’s elections. For those deciding Europe’s destiny there are around 90% people voting in Belgium, where the participation is mandatory and 13% in Slovakia. The expectations are, on average, under 50%.

The decreased participation to the polls is an advantage for the extremist, populist, whether right or left parties. These are exactly the political directions that Russia supports.

In order to identify the way Russia would react in this European electoral campaign it is necessary to define its objectives:

  • Attacking liberal democracy and multilateralism and replacing it with illiberalism, authoritarianism and radical nationalism;
  • Discrediting, dividing and eroding the European Union;
  • Increasing the anti-American and pro-Russian feelings among the European population
  • Undermining the transatlantic relation;
  • Increasing Europe’s dependency on Russia’s energy;
  • Cancelling EU’s sanctions over Moscow.

Starting from these objectives, we can identify the directions of some EU messages and, consequently, of some decisions to materialize them. Given the current circumstances, in Europe, the Euro-skeptical tendencies, the populist parties, the radical nationalist, as well as the rightist or leftists’ ones are seen by Russia as targets that must be supported. The “fake news” messages addressed to undecided groups aim at orienting them towards supporting the above mentioned parties.

In order to prevent Russia’s cyber-attack across the European Parliament electoral campaign, a group of US companies, Google and Microsoft partners, have launched the European edition of Campaign Cybersecurity Playbook, which is dedicated to support the European authorities which are organizing the European electoral campaign to prevent the cyber-attacks like the ones which were targeting the American electorate in the 2016 presidential elections. With a bipartisan participation, the publication offers examples as the actions developed during the US 2012 electoral campaigns for Mitt Romney and Hillary Clinton’s 2016 ones. There are offered solutions to protect the European parliamentary elections, but also important steps to follow for the early warning against this type of unconventional threats.

In order to deter hackers’ attacks during the European Parliament elections, the European Union has introduced sanctions, proposed by Great Britain, Netherland, Finland, Denmark, Lithuania, Estonia, Latvia and Romania, for those who illegally aim and participate at falsifying the European scrutiny, as well as the national elections. The consequences of these sanctions are still small, given that, according with the European legislation, not all cyber-offensive actions can be incriminated. According with the European legislation regarding personal data protection it can be even disproved the proliferation of fake news introduced and spread in the virtual space. EU proposes to take measures to identify some companies that could develop activities alike the ones the Cambridge Analitica company developed in the past. The European Commission will support the implementation of a code of good practices to face disinformation.

There are subjected to sanctions the individual or governmental hackers, identified and demonstrated, who are attacking governmental data bases and those who belong or are associated to electoral processes. These sanctions can go from not issuing visa, for restricting the circulation in European states, up to incrimination in court of those proved to be guilty.

Not all the European states are agreeing on this reaction against Russian hackers. The leader of the Italian right party, Northern League, Matteo Salvini, has criticized this measure calling it a “crazy” reaction of the West against Russia.

But this is just a situational exception, as when Salvini stated that he was visiting Russia. Actually, we should notice the European solidarity in their efforts to decrease or even eliminate the cyber-attacks danger associated to the electoral campaign for the European Parliament, as well as for the national elections to take place this year in East of Europe.

Translated by Andreea Soare