Securing Democracy Dispatch

The United States lacks a comprehensive law to regulate Americans’ data, opening up vulnerabilities that foreign governments like China and Russia can use to surveil Americans, track intelligence assets or military personnel, develop targeted biothreats, perfect AI systems, and target influential figures, Media and Digital Disinformation Fellow Bret Schafer, Lindsay Gorman, and Non-Resident Fellow Clara Tsao write with Harvard’s Dipayan Ghosh in the second installment of our tech policy series. 

Congress should focus on three policy domains ripe for bipartisan action to secure future elections: limiting the influence of money in politics, modernizing election infrastructure to increase security, and preventing foreign interference in elections, Elections Integrity Fellow David Levine writes in The Fulcrum. 

Russian state-backed media outlets are attempting to undermine trust in the German government’s handling of the coronavirus pandemic ahead of Germany’s federal elections, GMF researchers Corinna Blutguth and David Metzger find in their analysis of data from our German Elections Dashboard.

Arizona’s politically motivated audit is an effort to subvert our election process until some people get a result that they are satisfied with, Elections Integrity Fellow David Levine explains in a Q&A blog post.

After Belarusian authorities forced a Ryanair plane to land in Minsk on May 23 to arrest opposition journalist Roman Protasevich, Russian state media and diplomats accused the West of being hypocritical and displaying “double standards”and claimed that Western media was omitting details about Protasevich’s past association with far-right groups in Ukraine. Russian state media and diplomats also continued to emphasize positive developments related to the Sputnik V coronavirus vaccine, while highlighting potential side effects and deaths following vaccinations using Western vaccines. State media repeatedly highlighted a “leaked” AstraZeneca report that apparently showed substantially more post-vaccination deaths for people who received the Pfizer vaccine as compared to those who received AstraZeneca. 

In response to President Biden’s request that U.S. intelligence agencies investigate the possibility that the coronavirus originated in a Chinese lab, Chinese diplomatic and state media Twitter accounts revived accusations that the virus originated in a U.S. research lab in Fort Detrick, Maryland. However, Xinjiang remained the most discussed topic among government and diplomatic accounts, with coverage including CGTN’s promotion of a New Zealand vlogger and a French author to “counter” foreign media reports of Chinese human rights abuses in the region. Relatedly, in celebration of the 70th anniversary of Tibet’s “peaceful liberation,” Chinese officials shared messaging about improved living standards and inter-ethnic harmony in the region, mirroring state-backed messaging around Xinjiang. 

The upcoming Iranian presidential elections dominated Tehran-linked Twitter last week, with candidates jockeying for attention even though Twitter is banned in Iran. Hardline candidate Saeed Jalili’s tweet that filtering Twitter in Iran “is not justified” was the most liked tweet of the week. The supreme leader took to Twitter to warn against making claims of election-rigging aimed at delegitimizing the winner. Continuing the election theme, Iranian media reported heavily on Bashar al-Assad’s victory in Syria’s sham elections. PressTV interviewed conspiracy theorist and RT contributor Marcus Papadopoulos, who credited Assad’s role as a “wartime president” for his victory at the polls.

Read the full report here.

Russian government hackers breach USAID email service, target civil society groups: On May 25, hackers linked to Russia’s Foreign Intelligence Service, or SVR, leveraged access to the mass-emailing service used by the U.S. Agency for International Development (USAID) in a spear-phishing campaign that targeted 3,000 individuals tied to international development, humanitarian work, human rights groups, and government organizations, according to Microsoft. The SVR hacking group, known as APT29, also carried out the SolarWinds intrusions discovered late last year that compromised at least nine U.S. federal agencies. The group gained access to USAID’s mass-emailing service, Constant Contact, to send emails that appeared to be a USAID special alert about new evidence of fraud in the 2020 election. The emails contained links to malware that would give the Russian operatives access to the recipient’s computer network. Most of the spear-phishing emails were blocked by threat detection systems, though some may have successfully reached their targets, Microsoft said. ASD Cybersecurity Fellow Maurice Turner argued that this cyber campaign highlights the need to improve U.S. cyber deterrence strategy. 

Facebook report shows increasing sophistication of disinformation operations: On May 26, Facebook released a report analyzing 150 disinformation operations that the platform has disrupted since 2017 and highlighting recent tactical shifts in foreign and domestic information campaigns. Over the last four years, threat actors have adjusted their information operations to be more targeted and harder to detect, including by focusing on narrower audiences, mimicking and co-opting real people to amplify their operations, and taking additional technical steps to hide their identities, the report found. Some media, marketing, and public relation firms have also begun offering disinformation as a service, adding a level of deniability for threat actors. The report notes that Russia and Iran are the top sources of coordinated inauthentic behavior on Facebook and that the United States is the primary target of disinformation campaigns. U.S. domestic actors are also increasingly responsible for disinformation on the platform, according to the report. ASD Head of Policy and Research Jessica Brandt and Research Assistant Amber Frankland have argued that Russia’s shift to more discrete and tailored disinformation campaigns is a response to social media platforms’ efforts to remove inauthentic behavior as well as the divisiveness of the U.S. information space, which allows Moscow to accelerate existing chaos rather than create it. 

French authorities investigate Russia’s role in campaign to discredit Pfizer vaccine: French counterintelligence officials are investigating the Russian government’s connection to a campaign to pay high-profile health and science bloggers to advance false claims about the safety of the Pfizer coronavirus vaccine. Multiple French bloggers have confirmed that they received emails from a marketing firm called Fazze, which offered to pay them to share videos on social media platforms that criticized the Pfizer vaccine with talking points similar to those spread by Russia’s official Twitter account for the country’s Sputnik V vaccine. A social media influencer in Germany was also approached by the firm to participate in the campaign. Fazze’s website claims it is a public relations agency based in London, but Fazze is not registered in the United Kingdom, according to multiple reports. The Wall Street Journal found that Fazze is a subsidiary of a Moscow-based marketing agency, and reporting by Radio Free Europe/Radio Liberty shows Fazze is part of a larger network of Russian marketing companies known for selling malware and nutritional supplements. ASD Research Assistant Etienne Soula discussed the similarities between this disinformation campaign against the Pfizer vaccine and attacks leveled against the vaccine company by Russian diplomats and state media in an interview with L’Express. 

In Case You Missed It

• Federal prosecutors launched a criminal investigation into whether several Ukrainian officials attempted to interfere in the 2020 U.S. elections, including by laundering disinformation through former President Trump’s personal attorney Rudolph Giuliani. 
• The European Court on Human Rights ruled that British and Swedish surveillance regimes violated human rights conventions by failing to safeguard privacy rights. 
• Messaging service WhatsApp sued the Indian government to block new regulations that would compel the company to make people’s messages “traceable” to outside parties.
• Belgium’s Federal Public Service Interior said it is investigating a cyber-espionage campaign dating back to 2019, which appears to be linked to the Chinese government. 
• The U.S. Transportation Security Administration issued a directive to strengthen federal oversight of pipelines, including by requiring pipeline companies to report breaches.
• President Biden’s upcoming budget request proposes $9.8 billion in federal civilian cybersecurity funding, including $750 million to help federal agencies recover from recent cyber incidents and improve their security capabilities. 

SolarWinds hackers are behind a widespread phishing campaign impersonating USAID, Microsoft says, CyberScoop. Comments from Cybersecurity Fellow Maurice Turner

Windham election auditor says there’s no evidence of fraud or machine manipulation, WMURG. Comments from Elections Integrity Fellow David Levine 

Abigail Bellows and Josh Rudolph on Alternative Measures for Combating Corruption, Making A Killing podcast. Interview with Malign Finance Fellow Josh Rudolph 

Election in Portugal during the pandemic: Lessons learned, Minsait. Written by Program Manager and Fellow Nad’a Kovalcikova and Elections Integrity Fellow David Levine

Désinformation : ‘Le vaccin Pfizer subit les attaques des diplomates et médias d’Etat russes’ (Disinformation: The Pfizer vaccine comes under attack from Russian diplomats and state media), L’Express. Interview with Research Assistant Etienne Soula

The Cybersecurity 202: The government is making progress on securing pipelines. Not so much on its own cyber weaknesses, The Washington Post. Comments from Cybersecurity Fellow Maurice Turner

Beijing Is Social Media Trolling Biden Over Gaza, Foreign Policy. Cites Hamilton 2.0 data

“We want the [social media] platforms to enable people to leave the bubble. We would like the people to be aware, to be informed that they are in a system which determines a lot of the communication that they are seeing online, and that they can leave if they want.” 

• Věra Jourová, European Commission Vice-President for Values and Transparency, told Politico on May 27.

The views expressed in GMF publications and commentary are the views of the author alone.