How US Bolstered its Election Cyber Security & How India is Faring
Government departments, US Cyber Command and DOJ worked alongside social media platforms to safeguard US elections
US presidential election day was “just another day on the internet.”
This statement by an official of the Cybersecurity and Infrastructure Security Agency (CISA) may not sound much but means a great deal to the integrity of the most watched election in the world.
As the shadow of the massive disinformation campaign from 2016 election loomed large over the highly polarising 2020 elections, it was essential to protect against fake news as well cyber attacks from malicious actors around the world.
Why did things go right this time? A combination of government and private sector action motivated by the lessons of the 2016 and 2018 elections. Still, as the vote count continues, disinformation remains a real threat, according to a blog by the Council on Foreign Relations.
However, while US takes strides in safeguarding its elections against disinformation and hate speech attacks, how is India faring in comparison?
US Government Efforts
Well in advance of the elections, the Department of Justice (DOJ),CISA, the US Cyber Command had all swung into action. Most cyber attacks and disinformation campaigns appeared to have originated from Russia, China and Iran, according to reports in the US media.
In early October, the Department of Justice had announced it has seized 92 domain names that were unlawfully used by Iran’s Islamic Revolutionary Guard Corps (IRGC) to engage in a global disinformation campaign, announced.
Days later, on 15 October, the DOJ indicted six Russian military intelligence officers believed to be responsible for spreading the NotPetya malware and attacking Ukraine’s critical infrastructure, President Emmanuel Macron’s 2017 election campaign, and the 2018 Winter Olympics.
“Though Russia has long been widely believed to be behind these incidents, the timing and publicity of the indictment were clearly a warning to the Kremlin against interfering in the upcoming presidential election,” the CFR blog stated.
Moreover, on the eve of the elections, CISA had operationalised a virtual war room to enable election officials to quickly report and address cybersecurity threats.
According to a New York Times report, US Cyber Command officials informed the publication that it had sent teams around the globe to identify and undermine foreign hacking groups ahead of the election.
Big Tech And Social Media Giants
In an attempt to avoid a repeat of the 2016 election fiasco, tech giants including Facebook, Google and Twitter introduced a host of measures to curb the spread of fake news and disinformation on their platforms ahead of the 3 November polls in the United States.
These steps range from encouraging voter participation to rooting out false information, banning political advertisements and introducing new labelling systems.
In a significant move in October, Facebook launched a crackdown on accounts linked with “QAnon” and announced it was banning pages associated with the conspiracy theory movement. QAnon proposed without evidence that President Trump is secretly working against a global child sex-trafficking ring.
In what emerged as a move that enraged President Trump and his followers, both, Facebook and Twitter, citing hacked materials, privacy violations, and potential misinformation, attempt to slow the spread of a New York Post article attacking Joe Biden, which mirrored elements of Russian influence campaigns in 2016.
Twitter also suspended accounts, including the official account of President Trump's reelection campaign and White House Press Secretary Kayleigh McEnaney, for sharing content related to the reports.
On Wednesday, 28 October, Twitter CEO Jack Dorsey testified before the US Senate Commerce Committee on Wednesday and defended Twitter’s decision to label a tweet from Trump that suggested mail-in voting could lead to fraud, after he was pressed on the matter by the chairman of the Senate Commerce Committee Roger Wickers.
Cyberattacks on Election Infrastructure
“The FBI and CISA issued two major advisories on 22 October, stating that Iran and Russia had breached state and local government networks. The week after, the two agencies revealed that Iranian hackers had also probed state election websites,” the CFR blog states.
“This allowed them to access non-public voter registration data in Alaska, resulting in the mass dissemination of voter information and threatening emails sent to registered Democrats,” the blog added.
However, as early as September, Microsoft publicly disclosed Chinese, Russian, and Iranian targeting of the election campaigns of former Vice President Joe Biden and President Donald Trump, US think tanks, political consulting firms, and advocacy groups.
In a statement, Microsoft said “We have and will continue to defend our democracy against these attacks through notifications of such activity to impacted customers, security features in our products and services, and legal and technical disruptions.”
However, in a major attack on election infrastructure on 7 October, Hall County in Georgia suffered a ransomware attack including on its voting precinct map and voter signature database, marking the first known instance of ransomware affecting election systems during the 2020 presidential election.
“Despite these incidents, US officials repeatedly sought to reassure the public that there was no evidence that election integrity had been compromised,” the CSR blog said.
Moreover, there appeared to be no major cyberattacks on Election Day.
But What About India?
What steps have social media platforms taken in India, though? While election campaigns and content on social media are rife with misinformation campaigns at scale, the steps taken by Twitter, Google and especially Facebook, remain limited.
Moreover, in the case of Facebook, the social media giant has been embroiled in a major controversy over its recently resigned head of public policy Ankhi Das actively preventing the takedown of hate speech content by a BJP MLA.
However, as far as safeguarding against misuse of social media by political parties and their affiliates is concerned, in March 2019, prior to the Lok Sabha elections, platforms had agreed to take down political advertisements during the mandated 48-hour “silence period” before polling ends. They had also agreed to maintain a dedicated reporting mechanism with the Election Commission of India starting Wednesday right up to the end of polling.
These measures were part of a “Code of Ethics” that social media giants operating in India had collectively agreed to adhere to. The Internet and Mobile Association of India (IAMAI) along with Facebook, Google, WhatsApp, Twitter, TikTok and BigoTV presented it to the Election Commission on Wednesday.
However, investigations by The Quint revealed that the silence period was routinely violated by political parties and their proxies prior to each of the phases of polling.
Ahead of the first phase of polling itself, the Bharatiya Janata Party (BJP) ran advertisements worth Rs 51 lakh on Facebook in violation of the mandatory 48-hour silence period that had gone unchecked.
As far as labelling of tweets or posts are cocnerns, there have been no announcements yet on that front in India.
(The Quint is available on Telegram. For handpicked stories every day, subscribe to us on Telegram)
Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.