Ahead of the 2018 midterms, the threat of Russia-linked cyber and disinformation campaigns still looms large.
Two weeks before the inauguration of President Donald Trump, the U.S. intelligence community released a declassified version of its report on Russia’s interference in the 2016 election. It detailed the activities of a network of hackers who infiltrated voting systems and stole documents from the Democratic National Committee and Hillary Clinton’s presidential campaign. It also issued a stark warning: “Moscow will apply lessons learned from its Putin-ordered campaign aimed at the U.S. presidential election to future influence efforts worldwide, including against U.S. allies and their election processes.” Since then, current and former officials, including former Pentagon official Michael Vickers and former CIA deputy director Michael Morell have said that the Russians will interfere in U.S. elections again, in potentially new and sophisticated ways.
How disinformation will be deployed in 2018 and beyond is unclear. What is clear, however, is that the Kremlin believes its efforts to sow chaos in the American political process, which it has continued to hone in Europe, have worked and are poised for a return.
So far, Washington’s response to all this has been muted. Facing a criminal probe into possible ties between his campaign and the Kremlin, Trump has tried to discredit the case that Russian election interference poses an ongoing national-security risk. Earlier this month, The Washington Post reported that the president has held no cabinet-level meetings on Russian interference. And while other parts of the U.S. government have taken a strong line against Moscow, continuing to support Kiev and codifying sanctions against Moscow for its intervention in Ukraine, the White House has explored ways to undo those sanctions. There is little to deter the Kremlin from deploying its arsenal of cyber and psychological warfare to wage another campaign in the United States, setting the stage for a protracted, ever-evolving conflict just as another election approaches.
Russian and American officials have discussed how to stabilize the situation. According to BuzzFeed News, Moscow has floated proposals to normalize relations and impose a mutual ban on foreign political interference. But the deals were shot down by U.S. officials, reportedly over Washington’s long-growing mistrust of Moscow. Following decades of failed rapprochement between the United States and Russia, relations between them hit a new low after Russia’s annexation of Crimea and outbreak of war in Ukraine in 2014. Things deteriorated further with Russia’s intervention in Syria and 2016 election meddling. “It’s highly unlikely that you’ll get a breakthrough in relations and even if you did, I wouldn’t assume that interference would stop,” Angela Stent, a former U.S. national intelligence officer on Russia and a professor at Georgetown University, told me. “Right now, the only real answer is better defenses.”
Devising those defenses is no simple task. Fact-checking measures adopted by major tech and social-media companies are unlikely to stop Russia from seeking out new vulnerabilities in Western democracies. Despite the fact that the United States possesses what experts call the most advanced cyber capabilities in the world, former senior officials have said that the country was ill-prepared for Russia’s election meddling. Political hesitancy from the White House, they say, will prevent the implementation of necessary measures. Michael Hayden, the former director of the CIA and the NSA, said in December that preparation for another attack would be impossible without “a coordinated response” across all levels of government, especially the White House.
Michael Sulmeyer, a former senior cyber policy official in the U.S. Defense Department, told me that the 2018 midterm election will present the Kremlin with an opportunity to assess how or whether the United States has stiffened its defenses. Russia “may not need to become more sophisticated” in order to intervene again, given the relatively simple techniques (like a phishing email) it has already used. Aggressive ad hoc attacks, from targeted hacks to diverse disinformation campaigns, formed the core of Russian intervention efforts. “They were able to push on so many different unlocked doors at the same time in order to achieve their goal,” Sulmeyer said.
Andrei Soldatov, a Russian journalist and expert on the Kremlin’s cybertools, told me that Russia’s emboldened leaders could expand their ambitions. “My biggest concern is that in the near future we’re going to get a combination of attacks,” Soldatov said, “say, an attack on critical infrastructure combined with a massive disinformation campaign, aimed to define the public's perception of the attack.”
While such an attack would mark a major escalation for Russia, it would not be unprecedented. Attacks on at least a dozen electric facilities in America—including one nuclear plant—have been traced back to a Russian-linked group. Russia is also thought to be behind an increasing number of cyberattacks against private corporations and government agencies in Ukraine. Similarly, Moscow waged a massive disinformation and propaganda campaign alongside its annexation of Crimea in 2014.
None of these attacks, however, constitute a definitive Russian disinformation playbook. Instead, they suggest an opportunist, ever-changing array of weapons. “This is a new generation of warfare that is continuous and ongoing,” Elina Lange-Ionatamishvili, a senior expert at the NATO Strategic Communications Centre of Excellence in Riga, told me. “The goal is to confuse, distract, and blur the lines between war and peace.”
In recent years, Kremlin-linked cyber and disinformation campaigns of varying ambition have hit several European countries. In Germany, Russian state news spread a fake story about the rape of an underage girl by migrants during the height of Europe’s refugee crisis in 2016 that led to dozens of protests across the country. Similarly, Russian-backed broadcasters targeted Germany’s Russian emigrant community allegedly to bolster support for the country’s right-wing Alternative for Germany party in its bid to enter parliament for the first time. In France, Russian-linked hackers were believed to have stolen and leaked emails from French President Emmanuel Macron’s campaign. Moscow also recently launched a French version of RT, the public broadcaster formerly known as Russia Today. Spanish investigators found that both private and state-led Russian-based groups disseminated information on social media to try to sway public opinion ahead of Catalonia’s independence referendum in October.
Many experts said that such campaigns are attempts to discern what sort of tactics can work in different countries. But they also said that none of the attacks have had the same impact as interference around the U.S. election. “Disinformation only really works if you have other problems,” Harvard’s Jed Willard, who has consulted the Finnish and Swedish governments on how to counter disinformation, told me. Through their Facebook groups, ads, and other targeted social-media posts centered around race relations, immigration, and income equality, the Russian campaigns reflected an uncanny understanding of America’s deepest political and social fault lines, in an effort to feed the public’s already declining trust in government institutions and the media. Surveys have also shown that false election stories from hyper-partisan blogs and news sites outperformed real stories, and that most Americans tended to believe them. “The battlefield that we’re playing on here is the human mind,” Willard said, “and the human mind is not built to have an instinctive appreciation for truth.”
The Baltic countries were an early frontline in Russia’s new information war against the West. In 2007, Estonia suffered a series of debilitating cyberattacks that took down critical pieces of the government, banking, and media infrastructure in what is regarded as the Kremlin’s first major use of its 21st-century war capabilities. Similarly, neighboring Finland and Sweden have been hit with fake stories about the war in Ukraine, the abuse of ethnic Russians, and threats from the Kremlin over pursuing NATO membership. “We always need to be learning from each other,” Linas Linkevicius, Lithuania’s foreign minister, told me. “The shift comes from experience.”
In response, regional governments are developing defensive countermeasures. That includes temporary solutions like exposing propaganda and disinformation and raising awareness among the public and policymakers about their origins, along with longer-term initiatives, like investing in media-literacy education to help people distinguish fake stories from real ones. In October, Germany passed a law to combat the spread of hate speech and fake news on the internet. The following month, the European Union allocated one million euros toward its special anti-disinformation unit. “It seems that the Kremlin feeds on being demonized,” Maria Belovas, the director of communications for the Estonian foreign ministry, told me. That’s why, she said, investing in “a population that can recognize what a fake story is and [is able] to understand the wider context of why it is taking place” is a smart step.
But such countermeasures are unlikely to change the core geopolitical dynamics shaping the Kremlin’s behavior. “The problem is that in Europe we don’t have enough political will to respond effectively,” Jakub Janda, deputy director of the Prague-based think tank European Values. Janda, who has advised the Czech government on dealing with Russia, argued that without tougher and more targeted sanctions against Russian leadership, the Kremlin has “no reason to stop” interfering in Europe or elsewhere.
Looking ahead to America’s 2018 midterm elections, state and federal lawmakers face a rapidly closing window to better secure their voting systems. U.S. intelligence officials found that Russian hackers targeted 21 states during the 2016 election, although they did not interfere with the voting machinery itself. While there is no central U.S. electronic database to hack and election systems vary from state to state, the vulnerabilities still exist: At a cybersecurity conference this summer, 30 voting machines of various types were hacked by attendees; those types of machines are in use across the United States.
Still, some progress has been made. Virginia phased out the more vulnerable paperless touchscreen voting machines prior to its gubernatorial race in November. Lawmakers are also scrambling to push a bipartisan bill through Congress that would improve and modernize the nation’s voting machines. But with polls set to open in Texas and Illinois in nearly three months for the country’s first 2018 primaries, time is running out.
“On the security side, there are some improvements that can happen without the [Trump] administration,” Sulmeyer, the former cyber official, said. “But without a greater counterweight or cost for Russia, none of this is going to stop.”