Securing Democracy Dispatch

Applications for our U.S.-based fall 2021 internships are open! Apply for the communications internship here and the research internship here. 

Tune in this Friday at 5:30 p.m. EDT/ 11:30 p.m. CET as Cybersecurity Fellow Maurice Turner discusses how to tackle systematic discrimination in the tech industry at Def Con. Find more information here.

Russian, Chinese, and Iranian government officials and state media outlets have used the Tokyo Olympics as an opportunity to promote domestic and foreign achievements on a global stage, with Russian state-backed messengers using the country’s Olympic “ban” to push patriotic narratives and Chinese messengers attempting to rebut Western criticism over human rights abuses, our latest analysis of Hamilton 2.0 data finds.

The disinformation campaign surrounding the results of the United States’ 2020 presidential election is not strictly a U.S. phenomenon; wide-spread efforts to undermine election results are linked to democratic backsliding and the rise of authoritarian movements in a post-truth world, Director Laura Thornton told the New York Times.

The U.S. government needs to work with NATO allies to ensure cyberattacks like SolarWinds are no longer accepted, Cybersecurity Fellow Maurice Turner said on CBS News.

Russian state media outlets focused heavily on coverage of the Tokyo Olympics last week, a topic discussed in more detail in a recently published ASD blog post. Outlets also continued to stoke vaccine skepticism and push back against vaccine mandates, highlighting protests against new vaccination policies in Europe while emphasizing possible side effects and other controversies surrounding Western vaccines. Criticism of the French government’s “health pass” proposal was particularly fierce, as was ridicule of French President Emmanuel Macron for suing the creator of a billboard depicting Macron as Hitler. Russian state media and diplomatic responses to President Joe Biden’s statement last week that Russia has started information operations targeting the 2022 midterm elections, while somewhat limited, featured predictable official denials of both ongoing and previous interference. State media suggested that this development marked the “déjà vu” return of “Russiagate.” 

Chinese diplomats and state media continued to promote conspiracy theories concerning Fort Detrick research lab’s supposed connections to the coronavirus outbreak, along with calls and petitions to investigate the lab. Chinese Foreign Minister Wang Yi’s meeting with U.S. Deputy Secretary of State Wendy Sherman produced the second most watched video on CGTN’s YouTube channel last week, with Wang Yi proclaiming that “We [China] bear responsibility to teach the U.S. to treat others equally.” Chinese state media provided more favorable coverage of Wang Yi’s meeting with Taliban leaders last week. Diplomats and state media also criticized “U.S. foreign interference,” highlighted polls showing Americans’ concern about the state of U.S. democracy, and repeated well-rehearsed accusations surrounding U.S. mistreatment of Native Americans.

Supreme Leader Ayatollah Khamenei sent out a series of tweets across many of his accounts last week criticizing “the West” as duplicitous and claiming that U.S. negotiators cannot promise that future administrations will adhere to agreements, making further negotiations pointless. This week also saw a substantial uptick in stories about the coronavirus in the United States and Europe, including commentary arguing that low trust in the U.S. government contributes to vaccine hesitancy. Iranian state media also reported widely on the attack on an oil tanker operated by an Israeli firm in the Gulf of Oman. Israel and the United States attributed the attack to Iran, which Iranian officials denied. At the same time, a Press TV story spoke approvingly of the “retaliatory attack” and suggested that it was retribution for an Israeli strike in Syria.

Read the full report here.

Justice Department issues guidance on election audits, voting laws: Last Wednesday, the Justice Department released new guidance documents to states to clarify federal regulations related to election audits and voting rights. The department’s guidance on post-election audits noted that there are criminal and civil penalties for the mishandling of election materials such as ballots, which are required to be preserved for 22 months after an election. The guidance on voting rights detailed federal laws on voting methods and said that the department would scrutinize states that reverse changes made to accommodate voters during the pandemic, particularly if the voting restrictions are discriminatory. The Justice Department previously issued a warning to the Republican-led Arizona State Senate about its mismanaged audit and sued the state of Georgia over its allegedly biased new voting laws. ASD Cybersecurity Fellow Maurice Turner argued that the guidance shows that the Justice Department will not hesitate to investigate states that conduct audits without following federal regulations.

NSO Group under scrutiny as details of surveillance program emerge: Last week, French intelligence officials confirmed that spyware sold by NSO Group, an Israeli technology firm, was found on the phones of multiple French journalists, marking the first official confirmation of media reports about the company’s surveillance equipment being misused to target journalists, activists, and politicians. On July 28, Israeli Defense Minister Benny Gantz met with his French counterpart to discuss Israel’s investigation into NSO Group, which involved a visit by defense officials to the firm’s office. Meanwhile, four Democratic U.S. lawmakers issued a statement suggesting that the Commerce Department add NSO Group to its economic blacklist, while the Biden administration raised concerns with top Israeli officials about the firm’s practices. Revelations also continued to emerge regarding how NSO Group’s clients abused the spyware, including reports that the Saudi government used the technology to hack female journalists critical of the regime and leak their private pictures to the public. NSO Group claims that it has temporarily blocked some governments from using its technology following the reports. ASD Cybersecurity Fellow Maurice Turner argued that the allegations surrounding NSO Group prove that cyber weapons are no longer exclusive to nation-states. 

President Biden warns Russia is targeting 2022 elections: President Joe Biden last Tuesday told members of the U.S. intelligence community that he had been briefed on active Russian efforts to interfere in the 2022 midterm elections. Biden argued that Russian state-backed disinformation operations are a “pure violation of our sovereignty” and urged the intelligence community to defend the information space during his first speech at the Office of the Director of National Intelligence. He also warned that U.S. adversaries are increasing their cyber capabilities and that a destructive cyberattack on the United States could lead to a “real shooting war.” Biden noted that the intelligence community’s work will be central to maintaining U.S. international leadership and pledged to not politicize their efforts. ASD Research Assistant Amber Frankland and Jessica Brandt have shown that Russian information operations have evolved to be more targeted and harder to detect. 

In Case You Missed It

• The Justice Department said the Russian hackers behind the SolarWinds cyber espionage operation compromised the emails of some of the most prominent federal prosecutors’ offices in the United States. 
• President Biden signed a national security memorandum that directs a group of federal agencies to develop cybersecurity benchmarks for critical infrastructure. 
• Late last year, then-President Trump pressured top Justice Department officials to say that the 2020 election was corrupt despite a lack of evidence, new documents show.  
• The Senate’s new bipartisan infrastructure bill provides funding for the National Cyber Director and includes a $1 billion fund for state and local governments to upgrade IT equipment and software. 
• The pro-Trump social media platform GETTR, which frames itself as a free speech alternative to other networks, has been flooded with terrorist propaganda. 
• A new ransomware organization, BlackMatter, has ties to DarkSide and REvil, two ransomware groups that went offline after carrying out major attacks, according to security researchers. 
• The Biden administration has enlisted the help of musicians and influencers on TikTok, Twitch, and YouTube to help combat misinformation about coronavirus vaccines. 

Arizona audit: Department of Justice sends message on election reviews, AZ Central.  Comments from Cybersecurity Fellow Maurice Turner

Expect More Crackdowns from China, Barron’s. Comments from Co-Director Zack Cooper

Strategic Futures for the Indian Ocean, National Bureau of Asian Research. Written by Co-Director Zack Cooper

თორნტონი: საქართველო მეგობრების მოთმინებას ცდის და შესაძლოა დადგეს დრო, როდესაც “საკმარისი” საკმარისი იქნება (Georgia is testing the patience of its friends), VOA Georgian. Interview with Director Laura Thornton

“Cyber intrusions over the past several months have further reflected the fact that our country is facing an immediate threat to our national security, economic prosperity, and public health and safety. Nation-state actors and criminal groups continue to increase their sophistication and their willingness to target organizations across all sectors of the economy. “

• Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, said during a Senate Judiciary Committee hearing on July 27.

The views expressed in GMF publications and commentary are the views of the author alone.