Reading Time: .
Cyber attacks are destroying trust in democracy
Targeted cyber attacks on political portals and actors are doing immense damage to our democracy. In the UK, for example, a distributed denial of service (DDoS) attack just weeks before the election in November 2019 caused intentional delays and downtimes of the web portals of the two major political parties – with dramatic consequences for voter confidence.
What is known as website defacement also aims at destroying trust: Criminals sneak defamatory content onto political internet portals, guaranteeing a storm of indignation on social media. US President Joe Biden’s election campaign website fell victim to such an attack at the end of 2020.
Real danger for the federal elections
The federal government fears similar attempts to disrupt the federal elections. At the end of April, Markus Kerber, State Secretary at the Federal Ministry of the Interior, Building and Community, emphasized: “We take the risks posed by disinformation and cyber attacks as forms of illegitimate influence very seriously, also in the run-up to the federal elections.”
The closer the federal elections get, the more frequent attacks on the digital websites of parties and political candidates become. A foretaste of this was the hacker attack on the digital CDU party conference in January when a DDoS attack temporarily took down the live broadcast of the event. Fortunately, as a precaution, organizers had set up a separate online portal that enabled delegates to continue voting.
Campaigning remotely from home increases the attack surface
Bundestagswahl schützen: Cybersicherheit und Human Firewall ausbauen
In order to protect themselves effectively against digital attacks, government agencies, political parties, and politicians must implement a range of technical and organizational cybersecurity measures. Specifically, this entails:
- Web portals of political parties, candidates, and government operations must by default be secured against high-volume overload attacks by means of DDoS protection. This guarantees the permanent availability of the information presented for the public and voters.
- An additional layer of protection in the form of a web application firewall automatically filters out harmful individual attacks that, unlike overload attacks, specifically attack individual web applications (a list of the most common types of attack is provided by the OWASP Top 10, for example). A large number of common attacks, such as taking applications and events offline and defacing portals, can be prevented using such protection systems.
- Enhancing the “human firewall” with multi-level authentication procedures for all systems and web portals. This makes it possible to effectively and easily defend against many attack vectors, such as phishing or brute force. Above all, however, politicians must be made more aware of the complexity of digital threats. They are at the top of the list for cyber activists and very powerful state adversaries. Therefore, all political decision-makers should receive regular training because they make a decisive contribution to the cybersecurity of the federal election.
Technical implementation: Who can provide support?
The complex topic of cybersecurity requires close cooperation between government agencies and private security providers. The BSI contributes valuable knowledge on the trends involving attacks and cybersecurity. This is where political stakeholders can obtain information and best practices to permanently fortify the human firewall.
Things look different when it comes to technical implementation. The increasing complexity of attacks requires specialized IT security service providers, as this level of expertise can no longer be provided in-house, even by very well-positioned global companies. For policymakers in particular, however, the focus when it comes to outsourcing IT security is on data protection (GDPR) and digital sovereignty. De facto, this means that only European security partners should be considered. Here, too, the BSI provides support and has compiled a list of providers that meet the stringent requirements for the protection of state and critical infrastructures.