Hacktivism on the rise: how politicised cyber-attacks are undermining democracy

This month news surfaced that key UK infrastructure – including the Post Office and banks – had been subject to an attack by Iranian hackers. And while the story undoubtedly grabbed headlines, the attack was far from a one-off. Instead, it was the latest in a series of politically motivated cyber assaults, and as the tactic gains rapid traction, world leaders and governments are being forced to rethink their cyber strategies.

Political turmoil powering cyber attacks

Political disruption provides a ripe ground for cyber-attacks against governments and international institutions; according to NETSCOUT, political and ideological disputes represent the third greatest motivation for launching distributed denial of service (DDoS) attacks. With the current political turmoil fueled by events such as Brexit, coupled with greater availability of tools to take down websites and attack infrastructure, political hacktivism has become rife. DDoS attacks against the International Affairs sector – which includes the United Nations, the International Monetary Fund, and foreign consulates and embassies –  for example, increased by almost 200% H2 2017 and H2 2018.

Destabalising democracy

Major incidents include the purported attack surrounding the EU referendum, with MPs suggesting that the “register to vote” site crashing could have been the result of a foreign cyber-attack. Russian infiltration in the 2016 US Presidential elections meanwhile wielded significant harm to Hillary Clinton’s campaign through the theft of over 150,000 emails and documents which led to the indictment of 12 Russian intelligence officers.

The attacks against Clinton and the Democratic party in particular highlight the huge scale damage that can be brought about by political cyber-attacks; writing in The Guardian, Professor Kathleen Hall Jamieson argues that “the theft and leaking of Democratic emails were key to Clinton’s election defeat,” and resulted in the media being dominated by anti-Clinton news that swayed public opinion. Alongside the huge risks associated with sensitive data being exposed, polticised cyber attacks can prevent the public from accessing information, and can hamper voter registration, ultimately presenting a major challenge to democracy, election integrity and nation states’ sovereignty.

Cyber challenges fueling government policy

Against this landscape, political leaders are understandably concerned and are being forced to adopt a more hardline approach to cybersecurity. Writing earlier in the year, the Washington Post asserts that “election security will be the hot new Democratic campaign issue” in the upcoming 2020 candidate race, and notes a major shift from 2016 when cybersecurity only played a minor role. On the other side of the Atlantic, the UK government has been forced to respond to growing instances of political hacktivism from Iran and Russia, announcing in a statement that:

“The UK and its allies are once again united in demonstrating that the international community will stand up against cyber-attacks by other governments and that we will work together to respond to them.”

However, with the threat increasing, and potentially our entire democratic process at stake, words alone aren’t enough; it is critical that governments continue to educate themselves about evolving political threats, and work together to protect their country, their citizens and their sovereignty. To support this, closer cooperation with the private sector will be key. In 2018, a number of tech firms offered free products to help secure the US midterm elections, with greater collaboration between the public and private sector likely to take place in the future. From a PR standpoint, such initiatives, if well-coordinated, can both drive media traction and demonstrate corporate social responsibility in protecting democracy, as we saw last year. Although the companies received some media flack for their lack of coordination, the overall sentiment was positive.

As May’s European elections approach and America counts down to the Democratic primaries, observers will be keenly watching to see how attacks manifest themselves, and whether lessons have been learned from past assaults. While the attacks themselves might not be predictable, one thing is clear: the risk is both real, and escalating, and governments and businesses must work together to combat political hacktivism, and protect democracy.

At Babel, we recognise that in a world where hackers can be motivated by political or financial incentives – or just simply want to cause disruption – businesses need to know how to protect their organisation, stakeholders, reputations and bottom line. We work with clients across the technology sector to help them prepare for crises, and manage communications should a crisis occur. For more information, or to speak to a member of the Babel team about your businesses’ crisis strategy please get in touch.