Securing Democracy Dispatch

ASD Senior Fellow Joshua Kirschenbaum published a digital brief on the national security dangers of opaque foreign investment, arguing that “undeclared foreign investments allow malign actors to cultivate political influence, gain economic leverage, infiltrate the government procurement process, and obtain access to and influence over strategic sectors.” While the United States is poised to make progress on this front by ending its tolerance for anonymous companies, Kirschenbaum notes that the demise of anonymous ownership is only the beginning of the United States’ path to financial transparency, and that much more must be done to improve oversight of foreign direct investment.

ASD Fellow Lindsay Gorman and China Analyst Matthew Schrader wrote in Foreign Policy that complex relationships between Western technology companies and companies linked to the Chinese government may be aiding the construction of a surveillance state in China. Gorman and Schrader argue that tech companies will need to more strictly vet their partners to prevent from unwittingly contributing to human rights abuses in China.

ASD’s David Salvo and Bret Schafer spoke with Hamsini Hariharan of the States of Anarchy podcast about Russia’s interference efforts in the 2016 and 2018 U.S. elections, and the threat of interference for democracies such as India. Salvo and Schafer also emphasized that foreign interference is not limited to elections, and that authoritarian actors often focus on longer-term goals of influencing perceptions within a target country.

ASD Deputy Director David Salvo spoke with Voice of America’s Georgian Service on the tactics and goals of Russian malign interference and how Georgia might counter that threat. Salvo stressed the importance of a healthy civil society and strong liberal democratic institutions to build resilience against Russian interference.

Special Counsel Robert Mueller concludes his investigation of Russian interference in the 2016 U.S. election. Special Counsel Mueller’s final report identifies a two-pronged Russian campaign to interfere in the 2016 election through an online influence operation and a hack-and-leak cyber operation, according to a summary of the findings sent by Attorney General William Barr to Congress. The report resembles conclusions from the Intelligence Community, Senate investigations, and previous Department of Justice indictments that the Russian government orchestrated a multi-vector attack on the U.S. election. ASD’s “Policy Blueprint for Countering Authoritarian Interference” lays out the key steps that need to be taken by the government, private sector, and civil society to secure U.S. democracy from future attacks. (House of Representatives, ASD)

Russian cyberattacks target EU governments ahead of parliament elections: Last week, the cybersecurity firm FireEye identified a Russian spear-phishing campaign targeting European governments ahead of the upcoming EU parliament elections. Russian government-backed hackers target governments and political parties to gain information and to gather data that can be released at a later date — often after being altered — to influence elections. According to FireEye, the perpetrators of the campaign are two Russian government-linked hacking groups: APT28 and Sandworm. APT28, or Fancy Bear, has been linked to Russia’s military intelligence agency (GRU) and is most notably known for hacking the 2016 U.S. Democratic National Committee. ASD’s Thomas Morley has warned that divisions and social destabilization across the EU will present a tempting target for Russian interference efforts. (CNBC, CNN, ASD)

Private cyber spy agencies pose threats to democracy. A new report the New York Times documents the rise of a private cyber espionage industry that empowers authoritarian regimes around the world. The proliferation of these tools — which range from spear phishing attacks to electronic surveillance — will allow a growing number of authoritarian governments to more effectively track dissidents at home and interfere in democracies abroad. Experts warn that in the near future “even the smallest country, on a very low budget” will possess powerful cyber capabilities. ASD Director Laura Rosenberger has argued that democracies need to act quickly “get ahead of the technology curve in order to be proactive about these emerging threats.”  (The New York Times, ASD)

In other news:

• CNAS CEO Richard Fontaine and Senior Fellow Kara Frederick outline their research on authoritarians’ growing tool kit for The Wall Street Journal.
• Hungarian Parliament granted the Russian International Investment Bank immunity from oversight of its operations in Budapest, even as ties between the bank’s chairman and Russian intelligence agencies have prompted espionage concerns.
• Angela Merkel’s reported “no-spying” pact with Huawei fails to understand Chinese domestic system, writes Peter Mattis in War on the Rocks.
• Czech counterintelligence shut down a Russian cyber espionage ring operating under the cover of two private IT companies.  
• Experts from an array of fields worry that Chinese tech will embolden authoritarians, and discuss the implications for global security with Axios.
• The EU’s center-right coalition has suspended the party of Hungarian President Viktor Orban on the grounds of his continued denigration of the EU and its leaders.
• The Trump administration has turned to NATO to consider how Europe can best “address potential threats from China.”
• Chairman of the Joint Chiefs Joseph Dunford will meet with Google this week to discuss the company’s business with China and how it could impact U.S. national security.
• Facebook says it identified and stopped election interference originating in Bangladesh during the 2018 midterms.
• The EU is taking the global lead on regulating major technology companies, according to the Economist.

“The Special Counsel’s investigation determined that there were two main Russian efforts to influence the 2016 election. The first involved attempts by a Russian organization, the Internet Research Agency (IRA), to conduct disinformation and social media operations in the United States designed to sow social discord, eventually with the aim of interfering with the election […] The second element involved the Russian government’s efforts to conduct computer hacking operations designed to gather and disseminate information to influence the election.”

• Letter from Attorney General William Barr to Congress, March 24, 2019

The views expressed in GMF publications and commentary are the views of the author alone.