Attack on democracy – cybercriminals and elections

Blog Cybersecurity Data Protection Phishing

Hacked servers, leaked emails, millions of fabricated social media contents and attacks on voting computers – these are the digital ways in which attempts were made to influence the last two US elections from the outside. For the Bundestag elections, the question is also being asked in Germany: Can cybercriminals manipulate our elections? And if so, how? What are their strategies? And who can protect themselves and how? We provide a brief overview here.

How do you hack a paper ballot?

There are no voting computers in Germany. Whether in the voting booth or by mail, voting is done on paper. This means that the election itself cannot be manipulated by cybercriminals. The crosses on our ballots stay where we put them.

The count of the official final result cannot be manipulated by cybercriminals either. This is because it is also recorded and transmitted in paper form. Moreover, because the ballots are physically present, the result is verifiable.

Since the election itself cannot be hacked, cybercriminals primarily target before and after the vote is cast. They try to influence who gets more or fewer votes. In addition, their goal is to shake confidence in the candidates, the election and its results.

Important strategies of cybercriminals at a glance

It can be assumed that other states or their intelligence services are behind many cybercriminal attempts to manipulate elections. These acts of manipulation are not so much about a particular person winning or losing the election. Rather, the system behind the election – democracy – is to be attacked and weakened.

Very, very briefly, the overarching strategy here is that if democracy is the rule of the people, you can bring it down by dividing the people. By exacerbating existing social conflicts and undermining the credibility of democratic processes and those standing for election. This strategy of political sabotage is not new. But the digital world offers it new means:

  • Disinformation of voters, e.g. through rumors, fake news, allegations, conspiracy theories and targeted misinformation in social media
  • Discrediting those standing for election, e.g. by publishing incriminating allegedly authentic documents
  • Sabotage, e.g. of digital election events, to convey a greater than existing vulnerability to attack

Disinformation: Creating Confusion, Fueling Conflict

Lies spread at incredible speed, while the truth lags behind. Jonathan Swift had this insight as early as 1710, and in the digital world it applies more than ever. Lies, fake news and misinformation spread particularly quickly in social media. Fact checks and corrections, on the other hand, take time. They must be formulated responsibly and often start with basic knowledge about certain processes.

Regardless of the corrections, misinformation continues to circulate. They achieve their goal by confirming people’s extreme attitudes, sowing doubts or even just causing confusion, expressed, for example, in sentences like “Who should we believe anymore?

Attack targets: Each and every one

Protective strategies: common sense and targeted distrust. In the case of specific misinformation about the Bundestag election, look for a correction from the Federal Election Commissioner, for example. Further information for voters, especially on the subject of fake news, is provided by the Federal Office for Information Security (BSI).

Discrediting: credibility deliberately undermined

Candidates are also targeted by cybercriminals. Currently, many attempts are being observed to access the computers, data or e-mail accounts of candidates through phishing e-mails. This is typical of so-called “hack & leak” operations. Data is stolen and later published with the aim of discrediting. The published content can be authentic, placed in misleading contexts, mixed with fake content or be complete fakes such as deep fakes. The goal is not to disclose, but to undermine the credibility of the candidates.

The same applies if fake messages are published in the name of the candidates, e.g. in a hacked Twitter account.

Attack targets: Candidates.

Protection strategies: Special attention to cybersecurity and especially phishing emails. Candidates are warned by the security authorities about specific waves of attacks.

Further advice on increasing IT security for candidates is provided by the BSI.

Attention: Relatives, partners, friends and acquaintances of candidates can also be attacked by cybercriminals. If you are one of them, we recommend increased vigilance.

Sabotage: Stirring up fears

As said before, the election itself can’t be hacked because it’s entirely paper-based. But who knows for sure? In this regard, cybercriminal acts of sabotage can fuel existing fears and uncertainties. For example, if cybercriminals manage to hack or disrupt virtual election campaign events.

Acts of sabotage by cybercriminals are also possible, at least in theory, when the preliminary results are announced immediately after the election. This is because for the preliminary election results, the counts from the polling stations are not transmitted by mail, but as quickly as possible – for example, by telephone or e-mail. To bring all the results together, the counts from the individual polling stations are first pooled at the municipal level, then at the district level, then at the state level. Wherever electronic transmission takes place in this multi-stage process, attacks by cybercriminals are theoretically possible. But even if they were successful in doing so, they cannot change the official final result, which is transmitted and determined by mail and paper.

Attack targets: The electronic infrastructure of the election process. Phishing e-mails can also be used to steal access data, for example.

Protection strategies: Increased attention by all parties involved, technical measures, and education of the population to eliminate uncertainties.

Conclusion: Cybersecurity also protects a functioning democracy

As an IT security company, we at Perseus are committed to improving cybersecurity every day. This usually involves protecting companies and their clientele. However, the federal election shows once again that raising awareness about phishing attacks, updates, security vulnerabilities and co. also has a political dimension. Not only when it comes to defending against industrial espionage and blackmail, but also when it comes to attacks on democracy.

The protective measures of personal and corporate cybersecurity are similar in many respects to the protective measures that are now important for candidates in the Bundestag elections. We also advise everyone who is not currently running for political office to familiarize themselves with these measures and use them for their own benefit.