It has been reported that ahead of the German elections in September, the BfV (Federal Office for the Protection of the Constitution) is expecting an increase in cyber-attacks against German MPs to spread misinformation.
These concerns have been voiced by German Interior Minister Horst Seehofer: “Our authorities will do everything thinkable to make sure the Bundestag election will be carried out in an orderly and secure way.”
Further, several German parliamentarians have received so-called phishing emails to their private accounts, apparently in the hope of obtaining sensitive data.
Commenting on the subject for Digital Journal is Steve Forbes, who is the government cybersecurity expert at Nominet. Forbes focuses his assessment upon election security.
Forbes starts by considering the new warning: “The latest warnings from the head of BfV, Germany’s domestic intelligence agency, hit at the heart of democracy, as cyberattacks threaten to spread misinformation that could undermine public confidence in the government, specific parties and candidates.”
Forbes proceeds to examine the nature of the security issue: “In this type of attack, common hacking techniques are used to access information that may be used or manipulated to assert influence over an election campaign. Often amounting to fake news or in other cases exposing sensitive information, the hackers publish content and the victim is left defending their position publicly, while opponents continue to mount campaigns against them.”
Forbes also places the concern in its historical context, making parallels to other electoral concerns: “It would not be the first time this type of attack has happened and we’ve seen alleged interference by foreign intelligence agencies across Europe and the US before. As it becomes more prevalent, however, it does change the dynamics of elections.”
There are preventative actions to consider, notes Forbes. For example: “There are a few important jobs we need to do to mitigate the impact of these types of hacking activities. Firstly, in terms of making the public aware that these types of activities take place, so that they can be vigilant to fake news and look to reputable sources for their information.”
Forbes follows: “Secondly, reducing phishing activity, both with technical solutions and through good cyber hygiene. Cybersecurity is everyone’s responsibility and following best practices such as only using approved and protected systems for all election matters should be a bare minimum.”
Forbes’ last piece of advice runs: “Finally, through collaboration across countries and between industry and governments; intelligence needs to be pooled and response aligned. Ultimately, removing foreign influence through cyberattacks on elections is a difficult job, one that goes beyond the technology.”