Estonian State Electoral Office preparing to fight possible cyber attacks

TALLINN - The Estonian State Electoral Office is making preparations to fight possible cyber attacks and information manipulation prior to the general elections and the European Parliament elections next year.

"Cyber security is indeed a very important topic before the coming elections, which the organizers of the elections take very seriously," spokesperson for the National Electoral Committee Kristi Kirsberg told BNS. 

Liisa Past, former lead cyber security analyst at the Estonian Information System Authority (RIA) and lead editor of the EU's compendium on cyber security of the election process told BNS that cyber security of elections will be one of the key issues in all the dozens of elections taking place in Europe in the coming years.

"It is obvious that organizers of elections and participants in them need to be prepared for manipulations in public spaces as well as possible cyber attacks and our preparedness will determine how successful the attackers will be," Past, who is currently attending a course at the McCain Institute in the United States, said.

"A large number of the so-called campaign hacks, for instance the attacks of 2016 on Hillary Clinton's and Emmanuel Macron's campaigns, have targeted candidates and campaign workers, probably estimating them to be an easier mark than the central functioning of elections. For that reason, several states have started to educate candidates and parties in the matters of information security," she noted, adding that ensuring information security was important to guarantee that candidates could concentrate on their political platform, instead of having to comment on cyber attacks, the content of stolen documents or e-mails, which would significantly undermine a candidate's possibilities to present their platform.  

In addition, the Government Office has established "business-style relations on the level of specialists" with Facebook, Twitter and Google, Kirsberg said.

Martin Jasko, the official in charge of strategic communication at the Government Office, said that said relations concern reporting problematic content.

"The business-style contact we created gives the institutions of Estonia an opportunity to have their complaints reviewed as a priority, which may be of significant importance prior to the elections," Jasko said, adding that joint efforts were made to guarantee that Estonia's internal democratic procedures remain safe from external influence. 

The National Electoral Committee also called for being safe in the cyber environment. "We would ask the voters, too, to be cyber safe -- everyone can make sure that their computer is clean and their passwords are strong enough," Kirsberg stressed. 

In addition, the State Electoral Office is preparing a joint monitoring system with several other institutions to keep track of and prevent possible spread of disinformation, Kirsberg said. When asked if there had been any hostile operations in Estonia so far, she said there there had not.

"The elections in the United States and the French presidential elections in 2016 clearly show how opportunistic the attacker is and how they combine cyber and information operations against the elections and the participants in them. In other words -- in order to delegitimize our political system and electoral process and cast doubt on it, attackers fabricate news and break into computer networks. The midterm elections to the U.S. Congress will no doubt be an important indicator as to what Estonia needs to be prepared for at the parliamentary elections as well as the European Parliament elections in the spring of 2019," Past said.

Kirsberg said the in-depth security measures around the elections have not increased the State Electoral Office's budget; however, she added that cooperation with other government institutions who help ensure the security of the elections as part of their day-to-day work using their own funding was very close.