OPINION:
Emmanuel Macron may have triumphed in France, but the massive hack designed to hurt his campaign at the crucial moment should be a real concern to anyone who treasures democracy. Until now, political leaders have considered cyber warfare a threat restricted almost entirely to businesses, infrastructure and security assets. They must now understand that hacking cannot be so easily compartmentalized. Digital criminals have democracy itself in their sights. And there is no single, technological solution to stop those who wish to shake the foundation of Western governance.
The conventional notion that cyber assaults are primarily an economic and security concern is understandable. After all, the financial impact is already being widely felt, with half of United Kingdom businesses reporting being hacked last year. The total global cost of such attacks is set to reach $6 trillion annually by 2021. Meanwhile, the potential for public chaos is huge. In 2015, hackers successfully targeted a New York dam, infiltrating elements of the flood gate controls. And last year, intruders froze San Francisco’s light-rail fare payment system, demanding a ransom. Viewing cyber warfare through this prism, governments have pigeon-holed the threats into neat categories, such as security espionage and business espionage.
But recent events demand much broader thinking. A huge collection of emails purporting to be from Mr. Macron’s campaign were dumped online (by unknown assailants) just hours before campaigning in France officially ended. Giving Mr. Macron no opportunity to respond, the timing was designed to maximize damage. Similarly, the breach of Democratic National Committee (DNC) data last year proved an embarrassment to the Clinton campaign at a crucial moment and led to high-profile party resignations. No wonder German officials are publicly expressing concern over similar cyber-fueled disruption to federal elections in September.
The impact of these attacks is profound. They place every candidate and every party in the firing line. Each political leader knows that his stolen private material could be tomorrow’s “expose.” And because such hacking does not discriminate, it steadily increases public skepticism of politicians of all stripes. Whether real or imagined, these revelations harden the perception that conventional politics cannot be trusted. It erodes confidence in the very system of government itself.
In addition, election campaigns make a soft target for hackers. They usually operate out of a temporary structure in which transitory staff come and go. Nonetheless, each campaign is hungry to widen its reach, to enter new territory. This mixture of ad hoc organization, ruthless ambition and often stretched resources makes fertile ground for hackers. And this is before the voting equipment itself has become a target. Invariably supplied by independent contractors, deploying external technology, the means of casting a vote is another potential security headache. But with each campaign facing a race against time, cyber security is rarely at the top of the list of priorities.
Consequently, the responsibility falls on governments to protect the political process. Outgoing French President Francois Hollande has pledged an unspecified “response” to the cyber assault on Mr. Macron. In similar fashion, during his final days on office, Barack Obama vowed a retaliation to the DNC hack. But these vague promises give little indication that leaders plan to devote anything more than lip service to the issue.
A serious determination to combat cyber threats to the electoral process is required — especially as digital warfare becomes increasingly sophisticated and lethal. However, there is no single piece of technology that can provide the solution. Just as there is no specific antidote to industrial cyber espionage or attempts to infiltrate transit systems, the electoral system cannot be made immune from attack by an isolated quick fix. Cyber warfare is fluid, constantly evolving.
What is needed, is a holistic, comprehensive approach to cyber security. A real strategy is required that can integrate best practice, modes of operation and tailored technology into all facets of key state institutions. The measures required to keep businesses, financial bodies, infrastructure and governments safe do not exist in isolation from one another. All use the same networks, all are interlinked. The same maxim applies to electoral candidates from across the political spectrum — all are part of the same system, each one is vulnerable.
Our cyber enemies have seemingly identified elections as the soft underbelly of democracy. The danger is not confined to specific candidates or parties. It is much more potent than that. It threatens to undermine the very democratic structure itself. The time has come for all leaders to act in their own and the common interest, by taking a determined, comprehensive and strategic approach. If not, the very essence of Western governance will suffer.
• Eli Ben Meir is the chief strategy officer and co-founder of CyGov, a leading cyber security advisory. He is a former brigadier general who was second in command of Israel’s military intelligence.
Please read our comment policy before commenting.