The European Union is getting ready to slap sanctions on a group of Russian hackers, according to three diplomats involved — a move that would mark a turning point in the bloc’s efforts to address foreign hacking. The sanctions, expected later this year, come after the German government announced it “had evidence” tying members of a Russian hacking group to the cyberattack on the Bundestag in 2015. Diplomats gathered physically Wednesday in Brussels to discuss the Bundestag hack and whether they should respond using a new cyber sanctions regime. European countries have weighed sanctioning foreign nationals and entities involved in hacking for months, but talks were mired in secrecy as governments weighed their options. That changed when Chancellor Angela Merkel — previously reluctant to chide Russia over hacking — said last month that Berlin could not “simply ignore” an “outrageous” attack, and her government called for an EU response.
The European Parliament will temporarily allow electronic voting by email as MEPs are forced to work remotely during the coronavirus crisis. A spokeswoman for the parliament confirmed today that an “alternative electronic voting procedure” has been agree for the plenary session that will take place on March 26. “This voting procedure is temporary and valid until 31 July,” she added. Earlier this month the parliament moved the majority of its staff to teleworking. MEPs have since switch to full remote work as confirmed cases of COVID-19 have continued to step up across Europe. Though how to handle voting remotely has generated some debate in and of itself. “Based on public health grounds, the President decided to have a temporary derogation to enable the vote to take place by an alternative electronic voting procedure, with adequate safeguards to ensure that Members’ votes are individual, personal and free, in line with the provisions of the Electoral act and the Members’ Statute,” the EU parliament spokeswoman said today, when we asked for the latest on its process for voting during the COVID-19 pandemic.
Europe: On the front line in Europe’s war against Russian election interference | Ellie Zolfagharifard/The Telegraph
The hackers who fought against Russia in the first ever nationwide cyber attack are today hailed as heroes. “I’ve been to parties where people would discuss how they fought in the cyber war,” says Pactum’s Kristjan Korjus, with a combination of pride and envy. “They had to try to get to the main server rooms and hack for several days and nights… it was really cool.” It may not sound as dramatic as aiming a gun on a battlefield, but the work of these cyber warriors was crucial in thwarting a Russian assault that could have brought down a nation. Today, as the UK prepares for a General Election, Estonia believes Britain can learn from its efforts in defending against online attacks and misinformation. “This is a country that is on the front line of digital warfare,” says Scott Dodson, Lingvist’s chief growth officer, who moved from Seattle to Tallinn several years ago. “It’s kind of a fact of life that, you know, I don’t think people in the UK or the US really appreciate… essentially this region is kind of a firewall [against Russian attacks].” That’s partly thanks to Nato’s Cooperative Cyber Defence Centre of Excellence, codenamed K5, which sits in the shadow of grey Soviet high-rises in the suburbs of Tallinn. Surrounded by barbed wire and armoured trucks, K5 looks like something out of a spy film. “We get people asking if they can tour this as part of their stag party all the time,” laughs Aari Lemmik, who heads up the centre’s communications team.
MEPs have warned that foreign electoral interference seriously threatens European democratic societies to the benefit of anti-EU, right-wing extremist and populist forces. Attempts to influence decision-making in the EU will put European democratic societies at risk, the European Parliament declared in a resolution passed on October 10. Parliament points out that foreign interference has a systematic pattern, be it through campaigns on social media, cyber-attacks on infrastructure related to elections or financial support to political parties in the run-up to all major national and European elections. Much of this interference benefits anti-EU, extremist and populist candidates. Despite member states fully or partially banning foreign donations to political parties or candidates, foreign actors find ways to circumvent those rules, say MEPs, singling out cases of the Front National in France, and allegations reported by media on the Freedom Party in Austria, Lega in Italy and Leave.eu in the UK.
Europe’s cybersecurity authorities are struggling to pick their next chief of the beefed-up EU Cybersecurity Agency — and time is running out. The EU Agency for Cybersecurity, formerly known as ENISA, got more powers under the new “Cybersecurity Act,” a landmark cybersecurity regulation that came into force at the end of last month. The agency will in coming years draft certification schemes to better protect internet-connected devices, boost the security of 5G telecom networks and raise security standards for cloud providers, among other things. Current executive director Udo Helmbrecht’s second term ends in mid-October and his replacement is chosen by the management board, which includes the national EU cybersecurity authorities as well as representatives of the European Commission. But a selection procedure that should have ended last March has run into trouble.
Europe: Finland brings cybersecurity to the fore as EU presidency commences | Catherine Chapman/The Daily Swig
Finland is to hold exercises in cyber defense as part of the nation’s EU presidency term, which officially started this month. The so-called “hybrid exercises” will produce fictional cyber-attack scenarios for EU member states to participate in, with the aim of increasing awareness and cooperation between computer emergency response teams across the region. This includes activities to prepare for a wide range of threats directed at a country’s critical infrastructure or democratic processes, such as cyber-attacks, election interference, and disinformation campaigns. “Finland strives to build member states’ awareness of hybrid threats and of the existing EU instruments and policies to counter them,” reads the country’s presidency program.
The European Union was quick to report online interference in its recent elections, but the system designed to catch that interference apparently needs some improvement. The New York Times has learned through records and interviews that the EU’s Rapid Alert System hasn’t been very effective in aggregating meddling data or transmitting alerts. Most member states haven’t contributed to its database, and what data is there tends to be a “mishmash” that may go unanalyzed. Disagreements over the seriousness of interference attempts have also led officials to avoid issuing alerts. The political landscape is a significant problem by itself. Russia frequently exploits European websites and far-right political parties to further its agenda, but EU analysts aren’t allowed to send warnings or debunk campaigns when they come from European outlets. The restriction is billed as an attempt to protect free speech, but ultimately limits Rapid Alert System users to either monitoring official Russian outlets or running generic myth-busting initiatives. And then there are the disagreements between countries. When Hungarian leadership repeats Russia’s false claims about the Ukraine, for example, how does the EU go about chastising one of its own?
Europe: Europe Built a System to Fight Russian Meddling. It’s Struggling. | Matt Apuzzo/The New York Times
The European Union launched an ambitious effort earlier this year to combat election interference: an early-warning system that would sound alarms about Russian propaganda. Despite high expectations, however, records show that the system has become a repository for a mishmash of information, produced no alerts and is already at risk of becoming defunct. Indeed, even before the European Parliament elections this spring, an inside joke was circulating in Brussels about the Rapid Alert System: It’s not rapid. There are no alerts. And there’s no system. Europe’s early struggles offer lessons for other nations, including the United States, where intelligence officials expect Russia to try to interfere in next year’s presidential election. In many ways, the European Union has been more aggressive than Washington in demanding changes from social media companies and seeking novel ways to fight disinformation. But doing so has pushed the bloc into thorny areas where free speech, propaganda and national politics intersect. Efforts to identify and counter disinformation have proven not only deeply complicated, but also politically charged. The new Rapid Alert System — a highly touted network to notify governments about Russian efforts before they metastasized as they did during the 2016 American elections — is just the latest example.
Europe: How Europe’s smallest nations are battling Russia’s cyberattacks | Jenna McLaughlin/Yahoo News
Earlier this year, the country of Berylia came under a coordinated cyberattack. For two days, hackers targeted the island nation’s power grid and public-safety infrastructure, while cyber experts from across Europe worked to counter the attacks. Of course, the island nation of Berylia is imaginary, but the threat is not, and the exercise, known as Locked Shields, involved real network infrastructure provided by companies like Siemens and water-treatment systems from South Korea. Major Gabor Visky, a Hungarian researcher working for the NATO Center in Tallinn, Estonia, where the exercise took place, told Yahoo News during a tour last month that the simulation aims to get “as close as possible to real life.” It’s not surprising that a NATO cyber defense exercise would take place in Estonia, which has long been at the forefront of the digital revolution. The country took many services online years ago, including the 2002 introduction of its now famous digital ID card for accessing government services.
Problems that denied EU citizens their vote in last month’s European elections were evident five years ago, according to a leaked letter from the European commission. Many EU nationals were unable to vote in the European elections on 23 May, through a series of bureaucratic muddles and mistakes that experts decried as a fiasco that a democracy should not tolerate. A letter sent on Friday to the constitution minister, Chloe Smith, shows that some of the chaos at polling stations was foreshadowed in previous European elections in 2014. “The commission notes that the difficulties encountered were largely recurrences of the incidents and deficiencies that had previously arisen during the 2014 elections and which the United Kingdom had undertaken to remedy in time,” states a copy of the letter seen by the Guardian.
Europe: Trump Invited New Russian ‘Information’ About Opponents. Europe Knows Where That Leads. | Michael Weiss/Daily Beast
In his much-commented 60 Minutes interview this week, Donald Trump breezily dismissed the idea that accepting information on political rivals from foreign sources was untoward. “It’s not an interference, they have information,” he said. “I think I’d take it. If I thought there was something wrong, I’d go maybe to the FBI.” Thus the man who routinely indulges in the fantasy that a collective of American spies is arranging his downfall has no compunction about letting foreign spies arrange the downfall of his opponents. It all depends on what gifts they come bearing. But the trouble with inviting foreign countries into your political system is that once they accept the invitation they never leave. A new study I’ve co-edited, published by the Free Russia Foundation, offers a chilling tour d’horizon of how the Kremlin has walked right into the judiciaries, interior ministries, ballot boxes, campaign coffers and even spy services of Europe, all because domestic politicians initially waved them in. The broad conclusion of “Misrule of Law,” as the report is titled, is that instead of a Europe whole and free, we’ve got one partly subsidized and dangerously subservient to Vladimir Putin.
Europe: EU leaders gear up to counter Moscow on hacking threat | Lauren Bishop and Jacopo Barigazzi/Politico
European leaders are expected to call for a tougher “security culture” in the bloc to counter cyber threats, according to draft European Council conclusions dated Monday and seen by POLITICO. Days after news broke of a cybersecurity breach at the EU delegation in Moscow, the draft says that the EU needs more cooperation with international actors and institutions and a “coordinated response” to cyber threats. It backs the creation of a new strategy to deter and respond to cyberattacks. Earlier this month, news broke that the EU was investigating an apparent hack of its IT networks in its delegation offices in Moscow. An EU spokesperson said then it had “observed potential signs of compromised systems connected to our unclassified network.” Buzzfeed News reported on a leaked analysis of the hack that said information was stolen from at least two computers.
Europe: Russian disinformation campaign targeted voters during EU elections | Irene Kostaki/New Europe
The European Commission revealed that Russian sources attempted to suppress turnout and influence voters during last month’s EU elections that employed a continued and sustained disinformation activity by Russia that covered a broad range of topics ranging from challenging the European Union’s democratic legitimacy to exploiting divisive public debates on issues such as migration and political sovereignty. Online platforms will need to do more to combat disinformation, including sharing data, which will assist in tracking even more suspected attempts by a Russian or Chinese attempt to influence the democratic processes both in the EU and the US, particularly after Western intelligence agencies continue to uncover evidence of a sustained effort by Moscow to promote extremist views and polarise local debates through disinformation.
In many ways, the European Parliament elections in late May were calmer than expected. The more extreme political players, while gaining strength, did not do as well as many predicted. Cyber aggression and disinformation operations seem to not have been as dramatic as in 2016, when Russian hackers and disinformation campaigns targeted elections in the U.S., France and elsewhere around the world. However, there is no reason to be content. The dangers remain real. For one thing, the target societies might have internalized the cleavages and chaos from information operations or self-sabotaged with divisive political rhetoric. As a reaction, Russia may have scaled back its efforts, seeing an opportunity to benefit from lying low. Disinformation campaigns seek to sow chaos and disorder; in the run-up to the elections, the EU had plenty of that already, without any outside help. In the cybersecurity sphere, the defenders seem to have successfully changed the adversarial calculation for this time around.
Europe: Russia Sought to Use Social Media to Influence EU Vote, Report Finds | Adam Satariano/The New York Times
European authorities blamed Russian groups on Friday for disinformation campaigns designed to depress turnout and sway public opinion in last month’s European Union elections, an official accounting that underscored how Russian interference has not abated and that Facebook and other tech platforms remain vulnerable to meddling. The preliminary review by the European Commission and the bloc’s foreign policy and security arm found that Russian-linked groups and other nonstate actors had worked to undermine credibility in the European Union through Facebook, Twitter and YouTube. Officials said new regulations might be needed to force internet platforms to do more to stop the spread of deliberately false information. “The evidence collected revealed a continued and sustained disinformation activity by Russian sources aiming to suppress turnout and influence voter preferences,” the report said. The report was the first official substantiation by the European Commission of the role that Russians and other groups played in disinformation in the May elections, which many investigators, academics and advocacy groups had warned about. It was a reminder of how active Russians and others continue to be in spreading divisive content online to inflame and stoke electorates all over the world, a strategy that the Kremlin had pioneered in the 2016 American presidential election.
The European Union on Friday agreed to new rules that will grant it authority to impose travel bans and asset freezes against individuals responsible for cyber-attacks that pose a significant threat to the bloc. The new rules come amid concerns by European and U.S. officials over cyber-attacks related to election meddling or intellectual property theft by actors linked to Russia and China. The measures, which aim to “deter and respond to cyber-attacks which constitute an external threat to the EU,” would apply to actors responsible for attacks originating outside the bloc, the Council of EU member states said in a statement. The bloc said it would also consider measures in response to attacks targeted at countries outside the EU or international organizations.
Less than two weeks before pivotal elections for the European Parliament, a constellation of websites and social media accounts linked to Russia or far-right groups is spreading disinformation, encouraging discord and amplifying distrust in the centrist parties that have governed for decades. European Union investigators, academics and advocacy groups say the new disinformation efforts share many of the same digital fingerprints or tactics used in previous Russian attacks, including the Kremlin’s interference in the 2016 U.S. presidential campaign. Fringe political commentary sites in Italy, for instance, bear the same electronic signatures as pro-Kremlin websites, while a pair of German political groups share servers used by the Russian hackers who attacked the Democratic National Committee. The activity offers fresh evidence that despite indictments, expulsions and recriminations, Russia remains undeterred in its campaign to widen political divisions and weaken Western institutions. Despite online policing efforts by American technology companies, it remains far easier to spread false information than to stop it. Russia remains a driving force, but researchers also discovered numerous copycats, particularly on the far right. Those groups often echo Kremlin talking points, making it difficult to discern the lines between Russian propaganda, far-right disinformation and genuine political debate.
Inside a large room in Facebook’s European headquarters in Ireland’s capital, about 40 employees sit at rows of desks, many with two computer screens and a sign representing a country in the European Union. Large screens at the front display charts and other information about trends on the social network’s services, including Instagram and the messaging app WhatsApp. In the back, muted televisions broadcast BBC and other European news stations. The cramped space is home to Facebook’s newly opened operations center to oversee the European Union’s parliamentary election, which will be held May 23 to May 26 in 28 countries. Modeled after the “war room” that the Silicon Valley company created before last year’s midterm elections in the United States, the people inside are tasked with washing Facebook of misinformation, fake accounts and foreign meddling that could sway European voters. A similar command post was set up in Singapore for elections in India. Eager to show it is taking threats seriously as it faces pressure from governments across Europe to protect the integrity of the election, Facebook invited about two dozen journalists to visit its hub last week. “We are fundamentally dealing with a security challenge,” said Nathaniel Gleicher, Facebook’s head of cybersecurity policy. “There are a set of actors that want to manipulate public debate.”
The European Union is having a hard job building a sufficient firewall when it comes to election interference, experts have told CNBC. The European Parliament — the EU’s legislative arm — has launched a campaign to tackle online disinformation ahead of its elections in May. But there are certain loopholes that mean there could still be outside influence in the vote. “Russia will attempt to influence the parliamentary elections using its usual tool kit, including targeted propaganda, and the stealing and leaking of information,” Andrew Foxall, director of the Russia and Eurasia studies at the Henry Jackson Society, told CNBC via email. He added that there are a number of steps that European institutions should take to prevent such influence. EU countries could share information with each other on “fake news” stories or disinformation; make public any influence attempts — whether from Russia or elsewhere; pledge not to use stolen data in their campaigns and make campaign financing more transparent, Foxall said. The Russian government was not immediately available for comment when contacted by CNBC.
As the May’s European elections are slowly approaching, EU institution have been intensively testing their own cyber systems to help prevent any potential outside attacks or breaches into their systems. Together with observers from the European Parliament, the European Commission and the EU Agency for Cybersecurity, over 80 representatives from EU governments have participated in a recent (5 April) exercise. Rainer Wieland, Vice-President of the European Parliament and German EPP MEP and many others voiced their concern about the dependability of the upcoming elections should cybersecurity be compromised. “A cyber-attack on elections could dramatically undermine the legitimacy of our institutions,” Mr. Wieland said. “The legitimacy of elections is based on the understanding that we can trust in their results.”
Europe: Member states test their #CybersecurityPreparedness for fair and free 2019 EU elections | EU Reporter
The European Parliament, the EU member states, the European Commission and the EU Agency for cybersecurity (ENISA) have organized an exercise to test the EU’s response to and crisis plans for potential cybersecurity incidents affecting the EU elections. The objective of the exercise, which took place today in the European Parliament, was to test how effective EU member states and the EU’s response practices and crisis plans are and to identify ways to prevent, detect and mitigate cybersecurity incidents that may affect the upcoming EU elections. This exercise is part of the measures being implemented by the European Union to ensure free and fair elections in May 2019. Digital Single Market Vice President Andrus Ansip said:”We must protect our free and fair elections. This is the cornerstone of our democracy. To secure our democratic processes from manipulation or malicious cyber activities by private interests or third countries, the European Commission proposed in September 2018 a set of actions. Together with the EU Member States, and other EU institutions we are implementing these actions. We also decided to test our cybersecurity vigilance and readiness towards secure, fair and free EU elections 2019 by organising the first in its kind EU exercise on elections. I believe that this is an important step forward for more resilient EU elections in a connected society.”
Russian hackers have targeted European government systems ahead of the EU parliament election, cybersecurity firm FireEye said Thursday. The company found that two state-sponsored hacking groups, APT28 and Sandworm, used spear phishing — the practice of sending out emails designed to look like they’re from a trusted party — in an attempt to obtain government information. FireEye said European government institutions were sent emails with links to websites that appeared to be authentic, luring a person into changing their password and thus sharing their credentials with hackers. APT28, more popularly known as Fancy Bear, is believed to be linked to Russian military intelligence agency GRU and has been labeled as one of the malicious actors behind the 2016 Democratic National Convention hack.
“The online anarchy of election rules must end”: Věra Jourová, EU Commissioner for Justice, has good reasons to be nervous. From 23rd to 26th of May, all eyes will turn to Brussels as the next European elections will decide on the future trajectory almost half a billion EU citizens. But after the string of cyber attacks on elections from the USA to CEE countries Poland, Bulgaria, Latvia and the Czech Republic, it would be naive to assume that the EU elections would not be targeted. But is Brussels prepared? “With anti-Europeans on their way to winning more than one-third of seats in the next European Parliament, the stakes in the May 2019 election are unusually high”, warns a new report of the European Council of Foreign Relations published this month. The EU increasingly resembles a battleship drifting through a continent in crisis: Brexit looms over Europe, extreme right-wing and eurosceptic parties are mushrooming and political divisions seem to be digging its trenches deeper every week.
A regime for “cyber sanctions” is taking shape — and it could already hit mischievous election hackers in May. The European Union is closing in on a procedure that would allow it to sanction foreign hacker groups when they target the upcoming EU election. A plan drafted by the EU’s diplomatic service has been presented to national cyber experts and will be forwarded to foreign affairs attachés later this month, three officials briefed on the plan told POLITICO, asking not to be named because of the sensitivity of the ongoing talks. The measures would not only allow EU countries to slap sanctions on hacker groups that succeed in intruding into IT systems, but also those attempting to get in, like the suspected Russian intelligence officers who allegedly plotted but failed to hack into the Hague-based Organisation for the Prohibition of Chemical Weapons last year, the officials said.
Europe: To fight election meddling, Google’s cyber unit Jigsaw extends its anti-DDoS protections to European politicos | TechCrunch
Jigsaw, the cybersecurity-focused division owned by Google parent Alphabet, is now allowing political organizations in Europe to sign up for its anti-web-flooding technology for free. Until now, the free-to-use technology designed to protect political campaigns and websites against distributed denial-of-service (DDoS) attacks — dubbed Project Shield — was only available to news sites and journalists, human rights sites and elections monitoring sites in the U.S. Now, Jigsaw is extending those protections to European political operators ahead of contentious parliamentary elections later this year. The anti-DDoS technology aims to protect websites and services from being pummeled with tons of junk internet traffic from multiple sources at once. It protects against several types of DDoS attacks — and not just the traditional layer 3 or 4 protocol-based attacks but also the more powerful layer 7 attacks that involve large volume, often thanks to DNS amplification.
It could happen here. Three years after Russian disinformation campaigns disrupted the 2016 U.S. presidential election and possibly influenced the result of the Brexit vote, European officials are worried the European Parliament election in May is next. “In 2016 we stopped being naive,” said Liisa Past, a former chief research officer at the Estonian Information System Authority who coordinated security preparations across Europe last year. “Since then we have tested national systems for the security environment as we now know it. But the last European election was 2014 and that system hasn’t been tested in this new security environment.” The election — in which voters in 27 countries will install a new European Parliament and by extension a new crop of top EU officials — is uniquely vulnerable, officials say.
It was a treasure trove of information: nearly 20,000 emails and 8,000 attachments, sent by and to the Democratic National Committee (DNC), the body which runs the United States’ Democratic party, found its way into the hands of WikiLeaks and were unleashed on the world in late July 2016. The emails were siphoned off DNC servers over the course of a two-month period, but dated back to January 2015, and included private conversations that torpedoed the campaign of Democratic presidential nominee Hillary Clinton, and eventually helped elevate Donald Trump to the White House. It wasn’t just in the United States that the ramifications of this unprecedented leak of internal correspondence – which in July 2018 US special counsel Robert Mueller attributed to 12 members of the Russian military – were felt. Something seismic shifted underfoot. While nefarious nation states had been propping up or supporting campaigns aimed at promoting their goals in third countries for decades, this was the most overt attempt at changing the course of history in favour of a third party. And it worked.
With European Union elections closing in, EU leaders are calling for measures to tackle the deliberate spread of disinformation. EU leaders said Friday that the threat “is an acute and strategic challenge for our democratic systems.” In a statement from their summit in Brussels, the leaders call for “an urgent response that needs to be sustained over time, in full respect of fundamental rights.”
Madrid and London are negotiating a bilateral treaty to maintain local voting rights for the 280,000 British nationals living in Spain and the more than 115,000 Spaniards residing in the UK, said diplomatic sources. On March 30, 2019, the UK will exit the European Union and British migrants will lose their right to vote in municipal elections. Whether or not British Prime Minister Theresa May secures parliamentary approval for the Brexit deal, UK nationals will no longer be considered EU citizens after that date. If there is agreement on the transition period, UK citizens in Spain will preserve most of their rights intact until December 2020, but this does not extend to voting in the municipal and European elections of May 26, 2019.
UK voters are among the most concerned in Europe that elections could be sabotaged by cyber-attacks, according to a new European Commission study. The survey polled over 27,000 citizens across the EU with face-to-face interviews to better understand their concerns ahead of upcoming European elections in May 2019. While an average of 61% said they were worried about potential cyber-attacks manipulating the results of the election, the figure rose to 67% in the UK — one of the highest of any country. UK voters (64%) were also more likely than most Europeans (59%) to fear foreign actors and criminal groups influencing elections covertly. Across Europe, 67% said they were concerned that their personal data could be used to target the political messages they see — a reference to the Cambridge Analytica scandal that may have impacted the results of the US presidential election and Brexit referendum in 2016.