SUMMARY
Cyber-terrorists working for Russia, China or North Korea seek to destabilise Western political systems. In a year in which more than 4 billion people will go to the polls around the world, the presidential elections in the United States and those that will decide the future composition of the European Parliament will be their main targets. In Spain, experts warn of the spread of fake news on social networks with the aim of favouring Catalan and Basque independence.
Antonio M. Figueras / Escudo Digital
This year, more than 4 billion people, half of the world’s population, are called to the polls: more than 70 countries, including Russia (with elections already held and the results already known), the United States, the European Union, Indonesia, Mexico and Taiwan. If we add to this the two regional elections in Spain in the coming weeks (Basque and Catalan elections) and the celebration of the Olympic Games in Paris, it can be said without a doubt that we are facing the perfect storm for hackers to redouble their cyber-attacks and their spread of fake news.
Cybersecurity expert Ramón Rodríguez believes that we are facing “a year of goods for hackers”. “It’s a business model in which you can recruit talent anywhere on the planet,” he says. These soldiers of fortune serve governments and institutions, they do not act as lone wolves but are part of orchestrated campaigns in what some call World War III.
Cosme Ojeda Puig, lecturer in the degrees of Communication and International Relations at the San Pablo CEU University (Madrid), explains to Escudo Digital that “unfortunately, technologies are becoming more and more effective and can be used in very sophisticated ways”. “At the same time, everyone believes that they are not manipulable and that others are, but then reality shows otherwise,” he adds. The expert believes that different committees of the British Parliament, the US Government and Congress and the European Parliament are investigating these issues in the face of “the intensity of cyber attacks”.
Destabilising the political system
Scholars point out that cyberterrorists working for Russia, China, Iran or North Korea seek to destabilise Western political systems. While Russian hacker activism takes the lead, China is not far behind. It concentrates a large army of computer scientists in a Shanghai neighbourhood, intruding into universities and companies, with the United States as their main target. The risk is amplified by the possibilities offered by artificial intelligence and the lack of control of social networks such as TikTok (of Chinese origin) and Telegram (of Russian origin).
Cyber-attacks are not incompatible with traditional forms. Last Friday it emerged that Belgium has opened an investigation into suspicions of Russian interference in the European Parliament elections on 9 June. Intelligence services have confirmed “pro-Russian interference networks”, said Belgian Prime Minister Alexander De Croo. The Kremlin’s aim is to “help elect more pro-Russian candidates to the European Parliament” in order to weaken EU support for Ukraine, De Croo told journalists. Another recent investigation by the Czech Republic has uncovered a pro-Russian influence operation, including payments to promote a Russian agenda among members of the EU Parliament.
Focus on Spain
Spain, with regional elections in the Basque Country (21 April), Catalonia (12 May) and the European Parliament, faces the challenge of minimising cyber-attacks and disinformation campaigns in a very specific context. We are in Europe,” says Rodríguez, “in NATO, immersed in the war in Ukraine, with a government policy of decisive support for the creation of a Palestinian state. These are circumstances that generate open fronts in a very tense world”.
The Russians, for their part, have put the spotlight on independence, especially in Catalonia. The disloyalties, previously Basque with terrorism and now Catalan, the so-called post-modern coup d’état, are very serious events in a success story such as the Spanish transition,” Ojeda argues. The Putin government is interested in anything that destabilises the international order, the system of values and alliances established in the Western world after the Second World War”.
The most stable countries in the world have been experiencing economic problems since 2008, and are experiencing situations of public disenchantment with the traditional parties. Ojeda recalls that of all the regions of Europe, “the only one that does not respect the framework of the rule of law is Catalonia. It is a good place for hackers to use leverage and seek to destabilise. The institutions in Catalonia have been frankly irresponsible. Russia is very interested in this”, he points out.
Rodriguez points out how easy it is to carry out an initiative to spread fake news: “You can design a campaign against the Catalan elections from a laptop in a Starbucks in Manila (Philippines). The 5G has opened up many attack vectors, as before a very high bandwidth was needed for these actions. Regarding Carles Puigdemont’s relations with the Russians, it is not always easy to distinguish truth from lies, information from hoaxes. Some of our media also do not contribute to the dissemination of verified news”.
Nor is special expertise required in all cases, says the cybersecurity expert: “You don’t need to be a cracker, a top hacker, to be able to launch a disinformation campaign on social networks. In fact you can be hired on the Darknet, even on some forums. So with technical resources, the danger is even greater”.
A cyber attack on a company or infrastructure may be easier to detect, but hoaxes are more diffuse in nature: “The public lacks the perception of insecurity. Moreover, in Europe, one out of four voters is opting for radical parties, which was not the case two decades ago. This is the case in Finland, Sweden, Denmark and the Netherlands, countries that were very much in favour of agreements,” says Professor Ojeda.
“There is also a breeding ground for criticism of corrupt politicians, of institutions, and of far-fetched ideas, such as the independence referendum; all of this undermines the shared values that we had. Spain has done very well in building institutions over the last forty years, but unfortunately it is very easy to destroy them,” he said.
Electronic voting
One of the fears is that cyber-terrorists will move on from spreading fake news to attacking the computerised election counting system. Ojeda believes that this is not possible, neither here nor in the United States, despite minor problems with some ballots: “The ballot boxes, the polling stations, the system… cannot be manipulated, nor can there be any intrusion”.
In last year’s elections in Spain, the Coordination Network for Security in Electoral Processes was activated, with a group dedicated to the fight against disinformation campaigns coordinated by the Department of Homeland Security and formed by the agencies of the Permanent Commission against disinformation. The most common method employed by cyberterrorists on election days is to seek the collapse of certain websites in order to block information, as the pro-Russian group known as NoName057 did in the elections of 23J 2023.
On the ability of cyber-terrorists to influence the count, Rodríguez is sceptical, but leaves the possibility open: “Big IT companies detect security flaws because they get into the kitchen. Nobody is exempt from problems, especially if there is collaboration with the enemy from within. In any case, the percentage of an attack taking effect and bringing down the platform is minimal. Everything is audited and the control methods are very advanced with code checks, but no system is invulnerable.
Rodriguez is committed to electronic voting to increase security in elections: “The usual thing in electronic voting is to use the Shamir algorithm. It is based on the fact that it has several certificates and a certain number of them are needed to be able to decrypt the information, in this case the votes. Nowadays it is more secure to vote electronically than on paper, because there are more control methods. Among these increased methods of control is the passwordless system, which relies on biometric systems. You create a key on your computer that you share with the server that requires this type of authentication.
Ukraine war in the spotlight
The invasion of Ukraine has spurred hacker activity in the battle for disinformation. Traffic from Russia and related countries has increased,” says Rodríguez. And they are not always the actions of a hacker who knows how to look for the guts; sometimes all they need are certain applications to stop state resources, such as official websites”.
This change in the security paradigm is attested to by detailed research, such as A Spanish Vision of the EU: 2024-2029, an exhaustive study carried out by European policy experts and directed by Javier Elorza, Spain’s ambassador to the EU, which includes the analysis Spain, at the forefront of the Europe of Defence, carried out by Spanish ambassador Nicolás Pascual de la Parte.
This text addresses the consequences of Russia’s aggression against Ukraine on the international order and the need to deepen Europe’s common defence policy as part of a global strategy, with an emphasis on the fight against cyber-attacks: “Beyond supporting Ukraine as far as necessary and providing it with all the material assistance it needs as the best response to Russia’s warmongering revisionism, Defence Europe must equip itself with the means to prevent, mitigate and repel cyber attacks and disinformation campaigns; strengthen its military and civilian resilience to respond to threats in the ‘grey zone’ of the spectrum; coordinate its fight against international terrorism; stabilise its near neighbourhood; manage irregular migration flows; secure supplies of essential commodities and services; maintain an open trading system; and lead the international regulation of new technologies, especially artificial intelligence”.
The report concludes that to ensure security the actions envisaged would be: “Improving intelligence services, developing tools and response teams against hybrid threats, establishing a cyber defence and cyber diplomacy policy, tackling disinformation and interference by foreign actors, creating an EU space strategy for security and defence, and strengthening maritime security.
NATO’s leading role
The Western world is defending itself from all sides. NATO’s Steering Committee for Excellence in Cyber Defence Cooperation is dedicated to the research and study of cyber warfare and cyber security. It is headquartered in Tallinn, Estonia, and includes, among others, Spanish experts. In 2022, NATO made it clear that cyberattacks can be considered armed attacks and could lead to the activation of Article 5 on mutual defence between member countries.
In the United Nations, the creation of a new corps of “cyber blue helmets” has been proposed to protect citizens from cyberterrorism and cybercrime. In Spain, the National Cryptologic Centre, attached to the National Intelligence Centre, is the body in charge of overseeing cybersecurity, given the alarming increase in threats, as shown in the Department of Homeland Security’s report for 2023.
This report warns that the actions of hostile intelligence services increased in Spain. The analysis distinguishes between fake news and misinformation. It also explains the evolution of the campaigns: ‘In the context of the war in Ukraine and the conflict in the Gaza Strip, an increase in anti-Western, anti-European and sometimes anti-Spanish narratives has been detected in multilateral fora, particularly within the United Nations. Russia continues to opportunistically push disinformation campaigns. It has manipulated Spain’s support for Ukraine to launch disinformation campaigns aimed at introducing doubts about Spain’s NATO membership into the public debate.
The study also addresses the Chinese influence: “The official Chinese media and their propagandists on social networks in Spanish have amplified many of the pro-Russian narratives, in such a way that there has been a confluence of messages, based fundamentally on expressing a rejection of the United States and the current international order”.
US election
The world will watch expectantly as the US presidential election takes place on 5 November. Joe Biden and Donald Trump will measure their support after a campaign in which fake news is sure to play an important role. According to Ojeda, “their impact is not so much that people vote for a certain candidate, but that they don’t vote for their opponent”. “The constant questioning of institutions, of politicians, influences the fact that fewer people participate, for example, that young people, who support Biden more, do not vote”, he adds.
To stop destabilisation campaigns and cyber-attacks, Rodríguez favours two tools, the technical and the social, “which consists of evangelising”. “Apart from powerful security systems, you need a personal culture and training. A hacker can find a good attack vector when there is a lack of knowledge,” he stresses.
ANTONIO M. FIGUERAS
Journalist and writer
A graduate in Hispanic Philology and Journalism, he has worked as a journalist at the ABC newspaper (1985-2013), where he worked in the Culture and Entertainment, Television and Continuity sections. He was the Weekend Coordinator of Vozpópuli (2015-2016).
He has also worked in corporate communications in different fields. Since 2022 he has collaborated with Escudo Digital, where he writes on Interior and Defence issues. He has published the novel La coleta de Disney (2018).
