Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Eyeing Russia, EU Girds for Cyberthreats to Parliament Vote

With campaigning for May’s European Parliament elections shifting into high gear, security officials are preparing for potential attempts by Russia-linked hackers to sway the vote — and potentially deepen divisions in the bloc.

With campaigning for May’s European Parliament elections shifting into high gear, security officials are preparing for potential attempts by Russia-linked hackers to sway the vote — and potentially deepen divisions in the bloc.

“There’s a strong likelihood that people will try to manipulate the debates and falsify the European election results,” the EU’s security commissioner Julian King told France’s Alsace newspaper last week.

The vote is shaping up as a continental clash between populist and eurosceptic movements on the one hand, and pro-European internationalists on the other.

“It is already clear this will be the most consequential parliamentary vote in the EU’s history,” the European Council on Foreign Relations wrote in a recent report.

Moscow has long denied allegations of hacking and meddling in foreign elections through social media disinformation campaigns thought to be piloted by Russia’s GRU military intelligence agency.

But suspicions are rife that Russia has much to gain by helping populist and eurosceptic movements, some of which want to end EU sanctions on Moscow over its annexation of Crimea from Ukraine.

The biggest threat, officials say, is a three-pronged attack seen in other high-stake votes: the hacking of a political party; targeted leaks of any sensitive data, either raw or manipulated; and surreptitious social media campaigns to keep the information in the headlines.

Advertisement. Scroll to continue reading.

That was the scenario that played out in the US presidential election of 2016, when Russian hackers are suspected of trying to tilt the outcome by hacking the Democratic Party.

Russian hands were also seen behind an 11th-hour hacking of Emmanuel Macron’s party ahead of the 2017 French presidential elections, when thousands of files were leaked online.

So-called “state actors” are also thought to have been involved in Britain’s Brexit vote, and in the hacking of Australian political parties last month.

“We stand a good chance of being hit with something big” ahead of the May 23-26 election, said a source in the French security services, who requested anonymity to discuss the risks.

– Bogus accounts –

In January the European Commission urged platforms like Google and Twitter, but also advertising firms, to make more progress on their pledge to fight “fake news” by removing bogus accounts and curbing suspect sites.

“Several actions are being taken or already implemented to allow the EU and member states to react quickly, efficiently and in coordination in case of attacks,” according to an internal report by a European security service seen by AFP.

“But for now they are mainly declarations of intent that have yet to be tested,” it said.

One cyber-spying group in particular — known as APT28, Pawn Storm, Fancy Bear or other monikers — is thought to have staged many of the recent attacks targeting European institutions and political groups, including NATO and the German parliament.

The common thread in all these attacks “is the exfiltration of information without being detected,” said Loic Guezo of the Japanese IT security firm Trend Micro.

“The group suspected in these operations always targets Western institutions involved in elections or political decision-making in Western countries that could have an impact on Russian government policy,” Guezo said.

The stolen data is then strategically leaked to discredit their target.

“The advantage is that because it’s intercepted information, it gives people the impression that they have access to the ‘truth’, to raw, unfiltered information,” according to a recent report by the French foreign and defence ministries.

While that may indeed be the case, often the stolen data is first tweaked or manipulated before being leaked and spread by viral social media campaigns.

– ‘Information arsenal’ –

“Russia has developed an information arsenal, with manipulation strategies that use bots and fake accounts” to propel the disinformation into the mainstream media, said Kevin Limonier, a researcher at the French Geopolitical Institute in Paris.

Media outlets and personalities are then charged with amplifying the leaked data or misinformation into the mainstream.

Limonier described “an ecosystem revolving around a few structures in Russia, hidden behind shell companies, that lead to Yevgeny Prigozhin,” a businessman with close ties to Russian President Vladimir Putin.

Such campaigns could be even more disruptive in an increasingly polarised Europe, where bitter divisions have emerged over the arrival of hundreds of thousands of migrants since 2015.

A recent French study, for example, found that “yellow vest” anti-government protesters are more prone than other citizens to conspiracy theories, including a belief that establishment elites are organising mass immigration to replace native populations.

Given the risks, French authorities in particular plan to move much more aggressively to keep potential interference efforts from crossing “red lines,” an intelligence agency source told AFP.

“But you have to be careful, because the more you publicise this war, the more you risk making the threat seem bigger than it is,” Limonier said.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.

Register

Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...