September 17, 2021
This week, U.S. President Joe Biden joined with his Australian and British counterparts to announce a new trilateral partnership whose real (although unstated) goal appears to be confronting China in various ways, with much of the attention focused on the development of Australia’s nuclear-powered submarines. But one of the important pieces of the announcement — and the one most relevant for our mandate here at the USC Election Cybersecurity Initiative — was related to joint action in the cyber realm.
While Russia is the most active antagonist currently meddling in other countries’ electoral processes, there is ample evidence that other countries, notably China and Iran, are playing in this space as well. China has historically been focused on interfering in elections much closer to home, including in Taiwan and Hong Kong. But we cannot exclude the possibility that China will look increasingly further afield in the future.
To begin, what’s the scope of the current problem?
According to the U.S. Director of National Intelligence, here is the activity China undertook during the 2020 U.S. elections:
We assess that China did not deploy interference efforts and considered but did not deploy influence efforts intended to change the outcome of the US Presidential election. We have high confidence in this judgment. China sought stability in its relationship with the United States, did not view either election outcome as being advantageous enough for China to risk getting caught meddling, and assessed its traditional influence tools primarily targeted economic measures and lobbying — would be sufficient to meet its goal of shaping US China policy regardless of the winner. The NIO for Cyber assesses, however, that China did take some steps to try to undermine former President Trump’s reelection.
In other words, in 2020 China calculated that the risk of hurting the bilateral relationship wasn’t worth the effort. We cannot, of course, assume Beijing will continue to make this same assessment forever, and given its significant capabilities in the cyber realm (and in intelligence gathering), we must focus on this potential threat.
This new alliance is one way to do so.
Ahead of this week’s announcement, a senior administration official said that the new three-country cooperation architecture — called AUKUS — is about “collaborating on joint capabilities and pursuing deeper interoperability,” naming cyber in a list of areas that will be included.
None of the three world leaders mentioned China by name in their announcement, but it seems clear that concern about Beijing is driving this effort. While the conventional military aspects of the agreement are important, in my judgment it is imperative that these three governments use this new framework to also jointly focus on monitoring and countering China’s aggressive cyber activity, including when it pertains to political interference in other countries.
Countries have to work together against this threat; we cannot go it alone. NATO, for example, recognized this reality at its most recent meeting, where the 30 member countries agreed that major cyber attacks on a member state could be considered an armed attack — a significant designation that could lead to the invocation of NATO’s collective security provision, Article 5.
This NATO discussion included how allies can provide technical support or intelligence assets to one another, including potentially using offensive cyber capabilities to impose costs on those responsible for cyber attacks.
That kind of collaboration is a helpful model that could be applied to this new trilateral partnership as well.
One of the lessons we’ve learned in the recent past about foreign interference in our elections is that we can’t always be fighting the last war and failing to evolve our thinking about where future threats reside. We have to keep pace with our adversaries and be proactive in forming alliances of like-minded countries to help fight these battles.
While the new AUKUS group wasn’t explicitly designed to counter foreign political interference, it is the kind of alliance that should be part of the toolbox we use to do so. If it is truly an alliance designed to focus on the future, it should not be stovepiped into looking mostly at conventional threats, but should work to fulfil its full potential by focusing on the cyber and political interference worlds as well.
Colorado Secretary of State Jena Griswold made a related and relevant point in a recent article about the price tag for election security, saying, “It’s often cheaper to do physical security than cybersecurity, but it’s also a need that’s increased since 2020.”
Put simply, we cannot let the traditional focus on physical threats and security take precedence over the cyber realm.
As Australian Prime Minister Morrsion said in his remarks announcing the new agreement, “We have always seen the world through a similar lens. We have always believed in a world that favors freedom; that respects human dignity, the rule of law, the independence of sovereign states, and the peaceful fellowship of nations.”
These are precisely the principles that countries like Russia, Iran, and China attack when they meddle in elections and political systems outside their borders. That’s why this alliance should fight attacks on these principles however they come, whether in an ICBM launch, a hacking attack on a prominent politician, or a foreign propaganda operation.
Marie Harf
International Elections Analyst, USC Election Cybersecurity Initiative
Marie Harf is a strategist who has focused her career on promoting American foreign policy to domestic audiences. She has held senior positions at the State Department and the Central Intelligence Agency, worked on political campaigns for President Barack Obama and Congressman Seth Moulton, and served as a cable news commentator. Marie has also been an Instructor at the University of Pennsylvania and a Fellow at Georgetown University’s Institute of Politics and Public Service.