Policy report
Description

Over the past decade, state actors have taken advantage of the digitisation of election systems, election administration and election campaigns to interfere in foreign elections and referendums. Their activity can be divided into two attack vectors. First, they’ve used various cyber operations, such as denial of service (DoS) attacks and phishing attacks, to disrupt voting infrastructure and target electronic and online voting, including vote tabulation. Second, they’ve used online information operations to exploit the digital presence of election campaigns, politicians, journalists and voters.

Together, these two attack vectors (referred to collectively as ‘cyber-enabled foreign interference’ in this report because both are mediated through cyberspace) have been used to seek to influence voters and their turnout at elections, manipulate the information environment and diminish public trust in democratic processes.

This research identified 41 elections and seven referendums between January 2010 and October 2020 where cyber-enabled foreign interference was reported, and it finds that there’s been a significant uptick in such activity since 2017. This data collection shows that Russia is the most prolific state actor engaging in online interference, followed by China, whose cyber-enabled foreign interference activity has increased significantly over the past two years. As well as these two dominant actors, Iran and North Korea have also tried to influence foreign elections in 2019 and 2020. All four states have sought to interfere in the 2020 US presidential elections using differing cyber-enabled foreign interference tactics.

Key recommendations:

  • Policymakers must respond to these challenges without adopting undue regulatory measures that would undermine their political systems.
  • Governments need to identify vulnerabilities and threats as a basis for developing an effective risk-mitigation framework for resisting cyber-enabled foreign interference.
  • Global online platforms must take responsibility for taking appropriate action against actors attempting to manipulate their users.
  • Policymakers must implement appropriate whole-of-government mechanisms which continuously engage key stakeholders in the private sector and civil society.
Publication Details
License type:
All Rights Reserved
Access Rights Type:
open
Issue:
Policy Brief Report No.41/2020