Disruptive digital attacks, many linked to Russian-backed groups, have doubled in the European Union (EU) in recent months, increasingly targeting election-related services. This alarming trend has been highlighted by Juhan Lepassaar, the head of the European Union Agency for Cybersecurity (ENISA), in a recent interview with The Associated Press.

Lepassaar disclosed that attacks with geopolitical motives have risen steadily since Russia’s full-scale invasion of Ukraine on February 24, 2022. This significant escalation in cyber threats poses a critical challenge for EU member states, especially with crucial elections on the horizon. “The number of hacktivist attacks on European infrastructure—by threat actors whose main aim is to cause disruption—has doubled from the fourth quarter of 2023 to the first quarter of 2024,” Lepassaar stated during the interview at ENISA’s headquarters in Athens.

The timing of these attacks is particularly concerning as citizens from the EU’s 27 member states are set to vote from June 6-9 for lawmakers in the European Parliament. This election will also play a crucial role in shaping the EU’s executive branch, the European Commission. The threat is not confined to Europe; similar concerns are rising in the United States, Britain, and other countries facing upcoming elections, prompting security agencies to ramp up their efforts to counteract disruption campaigns funded by adversaries.

In Belgium, the stakes were underscored when officials reported that police had carried out searches at the residence and office of a European Parliament employee in Brussels over suspected Russian interference. This incident highlights the tangible threat of foreign meddling in democratic processes and underscores the importance of heightened vigilance and robust cybersecurity measures.

To address these growing threats, ENISA has been at the forefront of leading exercises and conducting intensive consultations aimed at strengthening the resilience of election-related agencies within the EU. For the past seven months, these efforts have been a key focus of the agency. In its annual report for 2023, ENISA noted a marked surge in ransomware attacks and incidents specifically targeting public institutions, further emphasizing the urgent need for enhanced cybersecurity measures.

Lepassaar pointed out that the attack methods, while not always successful, often undergo initial trials in Ukraine before being expanded to EU countries. “This is part of the Russian war of aggression, which they fight physically in Ukraine, but digitally also across Europe,” he explained. This strategy of testing and refining cyberattack techniques in conflict zones before deploying them in broader geopolitical contexts adds a layer of complexity to the cybersecurity landscape in Europe.

Experts are also increasingly concerned about the role of artificial intelligence (AI) in amplifying these threats. AI tools are being used to target Western voters at an accelerating speed and scale, spreading misleading or false information through hyperrealistic video and audio clips known as deepfakes. This advanced technology poses a significant challenge for cybersecurity agencies striving to protect the integrity of information and democratic processes.

Lepassaar emphasized the severity of this threat, noting that member states’ cybersecurity agencies have identified AI-enabled disinformation and information manipulation as a major concern. His comments resonate with a warning issued earlier this month by U.S. Director of National Intelligence Avril Haines, who highlighted that technological advancements will enable more nations and groups to launch effective disinformation campaigns. The collaboration between U.S. and European experts is crucial in helping security agencies anticipate and counter these emerging digital threats and vulnerabilities.

In their efforts to safeguard critical sectors, ENISA has pinpointed several areas that require particular attention. These include food production, satellite management, and self-driving vehicles. The interconnectedness of these industries with digital technologies makes them potential targets for cyberattacks, which could have far-reaching consequences beyond the immediate disruptions.

Lepassaar argues that a fundamental shift in how society perceives and engages with digital security is necessary. Cybersecurity, he asserts, must become second nature to both designers and consumers. “We face a societal challenge to understand digital security similarly to how we understand everyday traffic security,” he said. “Just as we are alert when driving, we need to develop similar behaviors and habits for operating in any digital environment.”

This analogy underscores the importance of constant vigilance and proactive measures in maintaining cybersecurity. Just as drivers must be aware of their surroundings and potential hazards on the road, individuals and organizations must be continuously alert to the ever-evolving cyber threats in the digital realm. This mindset shift is essential for building a resilient and secure digital infrastructure.

In practical terms, this means integrating cybersecurity considerations into every aspect of digital design and usage. For designers, this involves embedding security features into products and services from the outset, rather than as an afterthought. For consumers, it means adopting best practices for online safety, such as using strong passwords, enabling two-factor authentication, and staying informed about potential threats.

The increasing sophistication of cyber threats also necessitates ongoing education and training. Cybersecurity awareness programs can play a pivotal role in equipping individuals with the knowledge and skills needed to protect themselves and their organizations from cyberattacks. Such programs can help foster a culture of security that permeates all levels of society, from individual users to large enterprises.

Moreover, international cooperation and information sharing are critical components of an effective cybersecurity strategy. By collaborating across borders, countries can share intelligence on emerging threats, develop joint responses to cyber incidents, and strengthen global cyber defenses. This collective approach is vital in addressing the transnational nature of cyber threats.

In conclusion, the doubling of disruptive digital attacks in the EU, particularly those linked to Russian-backed groups, highlights the urgent need for enhanced cybersecurity measures. With elections approaching in the EU and other parts of the world, the risk of cyber interference is a pressing concern. ENISA’s efforts to bolster the resilience of election-related agencies, coupled with increased awareness and proactive measures, are crucial steps in safeguarding democratic processes. As cyber threats continue to evolve, a comprehensive and collaborative approach to cybersecurity will be essential in protecting the digital infrastructure and maintaining public trust in democratic institutions.