Italy: cyberattacks will influence the vote, here is how

Arturo Di Corinto

In the annual report of the secret services presented yesterday at Palazzo Chigi the risks of the so-called hybrid threats to our country are denounced and, in particular, a cyberattacks risk that would take the form of “campaigns of influence that, starting with the online dissemination of stolen information through cyber attacks, aim to condition the orientation and sentiment of public opinion, especially when the latter are called to the polls “.

The call is right and, given the source, there is to be believed. However. In reality, as we do not have a unifying theory of electoral choices, we do not have a unique and exhaustive theory of the effects of information in the process of building public opinion. And even less we know about the role that fake news, at the center of disinformation campaigns, may have in guiding the electorate. We are still studying these effects.


However, we know that disinformation and propaganda campaigns have always been a means of influence and that, while in the past they aimed to hit individual decision makers and opinion leaders, in the present they aim to influence that larval form of public debate that takes place in social networks.
But, attention, fake news rarely creates a new way of thinking, rather they act as powerful confirmations of our prejudices, reinforcing pre-existing political and cultural options.

The point, as claimed by Professor Walter Quattrociocchi, is that fake news are not different from propaganda and that these, spread virally in social networks, create a confirmation bias, induce users to cooperate for a shared vision and to ignore information in contrast. His group “Data Sciences and Complexity” studied the phenomenon on 376 million Internet users.

It is in this context that the pro-Russian propaganda of some media such as RT and Sputnik, the “troll factories” of St. Petersburg and the disinformation campaigns that in the case of Clinton maligned to manage a pedophile tour in a pizzeria in Indiana has proliferated and generated the armed assault of an exalted man against his patrons. And despite the 13 Russians suspected of Trumpgate, we still do not know how they have influenced the opinions of American voters. It is likely that they played a role, but together with other factors: the erosion of the credibility of the media and public institutions and especially the ability of agencies specialized in using personal profiles to sew a political message on them that they were not able to refuse.

It is therefore difficult to say how the viral spread of beliefs and convictions affect the vote. A research study by the CNR, the italian National Research Council, has shown that the majority of politicians’ followers are made up of inactive users or fake profiles, so we understand that the echo chambers can not be so effective.


For this reason, the other appeal made by our services seems to us to be more interesting: “The maneuvers of foreign actors — suspected of operating in conjunction with their respective intelligence apparatuses — are active in pursuing strategies aimed at occupying increasing spaces in the market also through improper practices, lobbying relations, expropriation or pre-arranged turnover of Italian managers and technicians, as well as spy-like interferences for the improper acquisition of sensitive data”.

And here things become interesting. Fake news is actually a cyber problem. They are the evolution of social engineering attacks: “the more I know about you from your digital data, the more I can offer you what you are already inclined to desire, even the political offer built around fake news.”

The trait d’union of these two threats, the cybernetic campaigns of influence and the profiling of tastes and tendencies of Internet users is represented by the role of Nation state hacker. They are the ones who do it. They often take the form of APT, Advanced persistent threats, which can be installed in an electoral database, as in the case of Hillary Clinton, in a bank, an oil company, or able to interfere with a critical service for society, such as health, transport, electricity. It has already happened in England, Estonia and Ukraine.

Think what would happen if a cyber attack blocked the waste chain in a big city or suddenly switched off traffic lights, aerial control towers and water purification. Apart from the deaths it could do, it would create a situation of alarm, panic and perhaps street riots. We know many of these actors. The Russian speaking criminals APT28 and APT29 attack ministries, embassies and European and American media; Koreans like the Lazarus Group attack financial institutions and cryptocurrency; Middle Eastern ones, Turla, steal profiles on social networks and English-speaking attackers use cybernetic weapons stolen from the NSA to watch over citizens and steal industrial secrets.

Italy is gearing up to face these threats. We probably need to work on it, even after the elections.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Arturo Di Corinto

Teacher, journalist, hacktivist. Privacy advocate, copyright critic, free software fan, cybersecurity curious.