Hacking the Voter: Lessons from a Decade of Russian Military Operations

Conference:  BlackHat USA 2020



Election security faces a persistent problem: defenders are often thinking tactically, while the most capable, deliberate adversaries are thinking strategically. Getting ahead of ever evolving election interference operations will require understanding adversaries' long-term goals and how they are shaping their election interference activities to outmaneuver tactical defenses. In this talk, we will look at lessons learned from nearly a decade of election interference activities linked to the Russian military's espionage and special forces agency, the GRU. We will examine how Russia's policy elites believe information has a fundamental role in international relations and how this perspective shapes GRU strategies and tactics. This perspective reframes historic GRU operations and suggests how different GRU tactics could be brought to bear in future instances of election interference. The analysis will be used to provide a framework and guidance for organizations—both obvious targets and those that may have a more subtle strategic value—that may need to prepare for these operations. As defenders, it is not enough for us to know that attacks occur or that vulnerabilities exist without considering the attackers and their motivations. By understanding why adversaries act, we can better anticipate when, where, and in what form those actions may occur and take deliberate action to mitigate risk based on that insight.