Russian Cyberterrorism and the United States Election 2016

Introduction

New communication technologies have brought about many benefits for this society, but they are also being weaponized. While political interference is a relatively old practice,¹ the 2016 actions of Russian hackers, which consisted of interfering with the elections in the United States (US), demonstrate that this approach to the interaction between countries can be modernized with cyberattacks as well.²

The event raised many concerns,³ especially due to the implications that it has for future relationships between countries and democracy. Reportedly, similar interference was found during the France elections, which also suggests that such events may proceed to occur in the future.⁴ There exist particular methods of addressing the issue of aggressive acts performed in cyberspace, and one of them is counterintelligence.⁵

Thus, the Russian electoral interference of 2016 became a very important political event, which has significant implications for the future of counterterrorism, including counterintelligence. Simultaneously, while some research on the topic already exists, it is not all-encompassing. For example, the consideration of the implications of the event for counterintelligence has not become a focus of any recent peer-reviewed articles. In addition, according to certain sources, counterintelligence as such does not receive sufficient coverage, even though it is a potential tool in fighting against cyberterrorism.⁶

Thus, additional research is justified by the magnitude and significance of the described case and the underrepresentation of both key terms in recent peer-reviewed studies. The present paper attempts to contribute some more data to the discussion of this topic by conducting a case study of the 2016 interference.

The following research question is offered for consideration: how can strategic intelligence be used in countering Russian cyberterrorism, cybercrime, and cyberattacks against the US, as demonstrated by the electoral interference of 2016? The question is exploratory, but it is hypothesized that strategic intelligence is a significant method of responding to or preventing the events similar to the case being studied.

It is reasonable to assume that this hypothesis will be correct because cyberattacks incorporate intelligence-based acts.⁷ However, the specifics of the use of this tool are to be discovered over the course of this study, and they can be considered an important puzzle to solve for the Russian interference to become a useful learning experience that should help in handling future cyberattacks in the same field of political influence.

As an exploratory research, the paper will focus on investigating the events of the interference in a case study guided by the rational choice theory (RCT). It will employ primary source data (the official report prepared by the US Department of Justice), as well as secondary sources (a literature review covering the topics of interest) to respond to its research question. This project will be of interest to the people investigating political interferences, cyberterrorism and cyberwarfare, as well as counterintelligence. The following chapters include a literature review, a methodology section, the project’s analysis and findings, and some conclusions.

Review of the Literature

In this section, an analysis and synthesis of the literature that covers the cyber-incident, as well as cyber-incidents in general, especially in connection to counterintelligence, will be presented in the form of a literature review. The review will consider the key themes and topics of the literature and highlight the gaps within it. Since the event occurred in 2016, it has not received the most extensive coverage yet, especially when peer-reviewed articles that focus on it are considered. Still, the present paper managed to obtain four articles that discuss the cyber-interference to at least some meaningful extent.

Furthermore, four articles that reflect the topics of cyberwar and counterintelligence were introduced to contextualize the case. Only peer-reviewed works were included to ensure the high quality of the evidence provided by them; all of them are recent due to their consideration of a 2016 case. Their analysis indicates that the literature which discusses the topic can be used to define, describe, and contextualize the event and its implications.

Defining the Topic

The existing literature can be used to define the topic of interest, which, in this case, is the countering of cyber-interference with the help of strategic intelligence. The idea that intelligence is a major counter-terrorism tool is supported by high-quality peer-reviewed articles. Thus, Aniruddha Bagchi and Tridib Bandyopadhyay present a thorough analysis of the application of intelligence to cybercrimes and attacks, demonstrating the particular importance of this countermeasure for the types of attacks that are carried out in cyberspace. ⁸ John Klein argues that counterintelligence is one of the many aspects of dissuading and, therefore, preventing cybercrime.⁹

Avner Barnea arrives at a similar conclusion while also pointing out that inefficiencies in counterintelligence infrastructure and its ability to respond to new threats are a problem that is rarely examined.¹⁰ In summary, the use of counterintelligence against cybercrime is an evidence-based solution, but it may be insufficiently researched.

It should be stated, though, that the cyber-interference of Russia in the elections might or might not qualify as a cybercrime, cyberterrorism, or cyberwarfare. For example, Paul Baines and Nigel Jones do not explicitly define the cyber-interference as an attack or an act of terrorism, but they compare it to the actions of, for example, Al-Qa’ida.¹¹ Similarly, Homburger suggests viewing actions performed by terrorist groups as acts of terror, which might disqualify the described event.¹² Bagchi and Bandyopadhyay also offer to distinguish between cyberterrorism and cyberwarfare, indicating that state-led attacks should be included in the latter group.¹³

However, Klein rejects such a distinction, focusing on the goals, which can consist of political or social objectives, and outcomes, which are typically harmful to the victims of the act.¹⁴ In other words, the literature does not provide a definite label for the described case, although, in any case, it can be viewed as a harmful and politically-driven act of interference in a democratic process.

In connection to that, the significance of the event is highlighted by multiple authors. For example, Robert Kaiser claims that cyberwar elements, including various attacks, have become a major problem that will proceed to rival non-cyber terrorism in its impact and security demands.¹⁵ Also, the danger of election interference to democracy was considered by Isabella Hansen and Darren J. Lim.¹⁶ In other words, the literature can help to justify paying attention to the event and using it as a case study due to its significance as an act of cyberterrorism or cyberwarfare.

Discussing the Event and its Implications

The literature on the topic covers the specifics of the cyber-interference to an extent, but since it is not the main source of such data (official reports are), it is logical to focus on the additional commentary contained within it. A major aspect of the literature that covers the cyber-interference consists of using the case, as well as other similar events, to derive lessons from them or project their possible outcomes. Thus, Jakub Janda focuses on the ways in which a world-wide effort to counter specifically Russian cyber-aggression can be carried out, highlighting that the event has damaged international relations.¹⁷

On the other hand, Baines and Jones state that electoral intervention has been used to affect the politics of other countries long before the development of advanced communication technologies.¹⁸ From this perspective, cyber-interference is a new step in the same direction, which makes its implications slightly less drastic. However, as pointed out by Zine Homburger, the precedents of cyber-interference are likely to affect the understanding of the concept of national security worldwide, resulting in a greater emphasis on building cybersecurity capacities.¹⁹ Therefore, the event is not unimportant from the perspective of its impact on the future actions of various countries.

Specific actions related to cybersecurity have also been proposed. Thus, Baines and Jones recommend reconsidering elections as a critical element of the “national infrastructure,” which would consequently warrant their analysis for risks and vulnerabilities with relevant protections and counter-measures, including counter-intelligence.²⁰ The authors specifically point it out that the currently existing structures do not incorporate an intelligence apparatus that would target electoral vulnerabilities. A call for changing this situation can be viewed as an example of learning from the 2016 case and applying the resulting lessons to counterterrorism and counterintelligence.

Finally, it should be mentioned that the US event has been compared to other ones. Thus, the 2017 France interference, which was similar, has been discussed. Janda, for example, considers the two cyber-interference cases together as a single demonstration of Russia’s aggression.²¹

Baines and Jones, however, uniquely focused on the similarities between cyber-interferences and other interferences, using some examples from the previous century, one of them dating back to 1924. As a result, the literature indicates that while the idea of interference with elections is not new, cyber-interference is a relatively recent tool in cyberwar which can have a particular impact on the way cybersecurity proceeds to develop. Thus, the tendency to compare the studied case highlights both its similarity to other events and its unique implications.

Conclusions: Gaps and Future Research

Due to it being a relatively recent incident, peer-reviewed articles on the 2016 interference are not particularly numerous, especially when the works that are specifically dedicated to the topic are concerned. Furthermore, while there is no shortage of literature covering cybercrime, cyberterrorism, and cyberwarfare, these phenomena might also be understudied as suggested by one of the cited authors. Still, the present review managed to obtain eight recent, peer-reviewed sources, which allows making the following conclusions. The incident can be used to glean information about cybercrime, cyberterrorism, and cybersecurity.

Four of the articles utilized the event, as well as other similar ones, as case studies that would serve as a starting point for their analysis of one or all the three topics. Consequently, the review of the literature justifies this approach to studying the event; it can, in fact, be viewed as an exemplary case with significant implications that may be used to develop insights on the topic.

Furthermore, the review suggests that due to the limited amount of materials, the literature has not considered the event from all perspectives. It should be noted that the chosen perspective of counterintelligence is mentioned in some of the articles, but mentioning it is not equivalent to exploring. The references that consider intelligence indicate that this topic is worth discussing, however; the articles can be used to infer that this aspect of counterterrorist activities can be helpful in combating similar events.

Still, no high-quality peer-reviewed article which would discuss the implications of the studied case for strategic intelligence in detail has been found during the search for this paper. Therefore, the chosen topic can be viewed as a gap in research that the proposed project can contribute to filling. In summary, this literature review helped to justify the attention to the current project and its key terms, identified gaps in related research, and produced a pool of evidence for framing the findings of the primary source analysis.

Methodology and Research Strategy

This project’s methodology consists of its framework, design, and methods, which will be considered in this section. This project employs a qualitative design that consists of a case study and is guided by the rational choice theory (RCT) framework. The choice of a qualitative, case study strategy is explained by the fact that the discussed case is a major political event. In other words, it is a significant issue and threat, the investigation of which might be yield helpful lessons for future use in similar situations. The qualitative approach is necessary for this project because it offers the opportunity to study an event in-depth and within its context.²²

The more specific methods included the analysis of the official report, which was used for data collection; this strategy is typical for a case study.²³ RCT was utilized to guide the analysis process by highlighting the rational underpinnings of the Russian interference.²⁴ The application of the framework to terrorism and cybercrime is justified by existing studies.²⁵ The findings section employed a descriptive approach; basically, the project attempted to describe the case and the role of counterintelligence in it, using it to propose some practical recommendations.

This research is not quantitative, which is why no actual variables or relationships between them are going to be tested. Variables are commonly discussed and operationalized in quantitative research.²⁶ However, for this project, its key terms can be defined to avoid misunderstandings and highlight the limits of the inquiry. Thus, the study focuses on the usability of counterintelligence in preventing, deflecting, and otherwise countering cyberterrorism in the form of political interference. The first term is counterintelligence, and it refers to countering the varied intelligence-based attacks of an opposing force.²⁷

The second term is cyberterrorism, but it is being framed rather narrowly in this research. The literature review shows that it is a loosely defined term; depending on the specialist who describes it, it may²⁸ or may not²⁹ include acts performed by governments, for instance. However, the analysis of the above-presented literature suggests that cyberterrorism is generally defined as a politically motivated act which is performed in the cyberspace and has a negative impact on its targets. From this perspective, cyberterrorism incorporates political interference like the one exemplified by the studied case, and, therefore, the present study discusses a form of cyberterrorism.

The focus on an individual form of cyberterrorism is a limitation of the study. While its implications might be applicable to other cyberterrorism methods, the present research will not be able to make conclusions about them. In addition, the method of a case study is typically not very generalizable; this approach is meant to study a particular event in detail, ³⁰ and it cannot help to make conclusions about cyberterrorism or political interference because a larger sample would be required for generalizations. However, the research will be able to study an individual case and extract insights from it which would be helpful for future similar events. In other words, the chosen methodology will be able to provide answers to the research question.

Analysis and Findings

This section will detail the results of analyzing the official report on Russian election interference in 2016. It will focus on the ways in which intelligence and counterintelligence are considered throughout the report and then review these topics from the perspective of the literature review and RCT. The implications of this analysis will be considered as well to provide responses to the project’s research question.

Counterintelligence in the Report

As established in the Department of Justice report,³¹ a Russian intelligence service (the Main Intelligence Directorate of the General Staff of the Russian Army) had a major part in ensuring the events of the Russian interference of 2016. Specifically, it had used communication and information technologies to steal data (in that case, thousands of documents hosted by the computers of the various employees and volunteers of the Clinton Campaign) and leaked them. There were other elements of the interference, including a social media campaign and multiple attempts to contact the Trump Campaign representatives; among other things, Russian intelligence officers were seeking to discuss various matters with some of them.

The event of documents being stolen and leaked did not go unnoticed due to counterintelligence. According to the report, the US intelligence agencies became aware of the issue within days and were able to conclude that Russia could have been involved. Furthermore, the Federal Bureau of Investigation received some information about potential contacts between the Trump Campaign representatives and Russian officials from various sources, including foreign governments.

Official statements were made by the US intelligence officials to highlight the Russian interference prior to elections in an attempt to reduce the impact of the foreign government’s actions on the event. Sanctions were imposed on the country for these actions as well, to which Russia did not respond with any countersanctions. An investigation was launched after the elections, and the cited report is the result of it. It specifies that multiple people and other entities who had been confirmed to have participated in the interference had been charged.

The report focused on relaying the events of the interferences, including proven and alleged crimes, as well as the consequences of these events. In other words, it does not explicitly investigate the ways in which the hacking operations could have been prevented, and it does not offer recommendations or any other information regarding the existing precautions aimed at protecting electoral campaigns in the US. In addition, significant portions of the report are not fully available because the investigation is still ongoing. The fact that additional information may be uncovered in the future is also emphasized in the report. In summary, the report has significant limitations, but it still provides some insights into the ways intelligence and counterintelligence had been employed throughout the 2016 interference and reaction to it.

Framework and Literature Application: Answering the Research Question

The report can be used to demonstrate the significance of reviewing the events of 2016, especially in terms of intelligence services. Indeed, intelligence operations were clearly an important element of the Russian interference, and counterintelligence allowed the US intelligence services to respond to the issue relatively quickly. It should also be noted that the stealing of documents was a politically motivated hacking crime. As a result, even if one does not consider the events of 2016 to fit the description of cyberterrorism, which can be a valid position,³² the intelligence-related elements of the incident were a form of cybercrime, which justifies the application of counterintelligence measures.

There are multiple ways in which cyberterrorism might be dangerous and damaging, and even though the presented case, especially the report, may be peculiar because of the lack of tangible harm, the potential intangible harm to the US democracy³³ and international relationships³⁴ is significant, which is supported by the discussed literature.³⁵ Therefore, the report justifies the investigation of this case from the perspective of intelligence and counterintelligence measures.

Furthermore, the report showed the counterintelligence efforts that could be implemented to respond to cybercrime. The ability of the US intelligence services to pinpoint the likely culprits of the event fairly soon after hacking and accumulate information from internal and external sources indicates a level of preparedness that enabled a quick reaction, which is of paramount importance in dealing with terrorism and cyberterrorism.³⁶ The introduction of official statements and the launch of the investigation with a semi-public report was a logical action because of the likely impact of electoral interference on the country’s political life, especially since it was endangering democratic elections.³⁷

The question of whether the described measures were effective cannot be answered without any comparison, but the report’s information exemplifies the activities that can be used to counter similar events. The same can be said about the decision to impose sanctions on the offending government; however, given the repetition of interference in France, as well as the general tendencies for political interference in certain countries’ interactions,³⁸ it is not clear if the sanctions had the desired effect.

It is important that the report was not meant to provide an overview of the US efforts at preventing interference; rather, it was supposed to detail the events following it, which explains the focus on the reactive and not proactive measures. However, the investigation demonstrated that intelligence service attacks, which could be directed at electoral campaigns, highlights the vulnerability of the people associated with them. Similar ideas have been put forward by the researchers who investigated the topic; for example, Baines and Jones directly call campaigns a vulnerability that requires the increased attention of cybersecurity services.³⁹

Therefore, the study of this case yields proof to the view that electoral campaigns and everybody associated with them are a very attractive target for cybercrime. In turn, this finding implies that additional precautions aimed at protecting their communications and technology may be justified.

In this respect, the RCT becomes relevant. It postulates that there exist reasonable causes of crime, the investigation of which can help in determining the potential direction of preventative actions. While there are types of criminal activity that are caused not by reasonable choice but other factors, for instance, emotions,⁴⁰ this consideration is not applicable to cyberterrorism, including the example of the described case.

In fact, the decision to hack the account of the individuals who have access to particular documents is clearly motivated by rational choices. Consequently, an equally rational assessment of the security needs of individuals in electoral campaigns might provide the safeguards necessary to reduce the likelihood of repeated instances of electoral interference. Thus, the findings support the project’s hypothesis and suggest that both proactive and reactive counterintelligence is required for preventing and mitigating electoral interference since intelligence operations can be a part of it.

Conclusions

Upon the review of the above-presented materials, the following conclusions can be proposed. The reported research consisted of a case study, which was important to review because of its relative uniqueness in combining election interference with cyberattacks, as well as the related implications and apparent follow-up events. To contribute a new perspective to the investigation of the incident of 2016, the case was viewed from the perspective of counterintelligence, which has not been researched to a notable extent yet.

The project aimed to determine the usefulness of this counterterrorism tool when applied to similar events. The analysis of the official US Department of Justice report, when framed with the help of RCT and research on counterintelligence and electoral interference, yielded the following conclusions.

It is the general consensus of the literature on the 2016 interference that the event was significant in its implications for cybersecurity. While the attempts to interfere in other countries’ political life are not a new international strategy, the use of cyberattacks to affect them is relatively uncommon yet. Consequently, the study of the incident is justified by related research. Furthermore, as implied by the literature review, the definition of cyberterrorism and cyberwarfare varies from specialist to specialist, but due to its negative outcomes and political motivation, the 2016 interference can qualify for the title. In fact, the intelligence-focused activities can be called a cybercrime; specifically, the hacking that was aimed at stealing documents cannot be described in other terms.

This finding demonstrates that intelligence operations were an important element of the interference, which further justifies the use of counterintelligence to combat it and explains the need for this and similar future investigations.

The fact that intelligence operations were a major element of the interference campaign supports the idea of the importance of counterintelligence during similar events; as a result, the findings allow responding to the research question. The report itself predominantly focused on the response to the events, which consisted of gathering the information related to interference and making it public in the hopes of limiting the potential damage. In addition, the literature review, combined with the report information, indicates that electoral campaigns and people engaged in them can be considered vulnerabilities. From the perspective of RCT, foreign agencies would be expected to target them if a country decides to interfere in any elections.

Furthermore, since Russian interference was not a unique event and has already been followed by another similar incident, it is reasonable to assume that future political campaigns need to be treated with greater attention. Thus, the case study provides direct examples of reactive counterintelligence measures and emphasizes the significance of proactive ones, specifying the ways in which counterintelligence can be employed to combat electoral interference from the perspective of RCT. Consequently, the hypothesis of the project is supported, and the framework’s introduction was justified; counterintelligence was indeed a useful tool during the 2016 incident, which makes it an eligible instrument for any similar events.

The limitations of the research should be considered again to highlight the conclusions that can and cannot be made based on the findings. Thus, the report was not meant to provide recommendations or incorporate the consideration of several similar events; in addition, it lacks certain data, and future investigations can provide additional information. These limitations mean that the report cannot be utilized to make conclusions about the effectiveness of the US proactive and reactive counterintelligence measures.

Similarly, the current case study was focused on one event, which is a limitation of its methodology; it means that the generalization of the findings needs to be avoided. Furthermore, the focus on the project was on a very particular type of cybercrime that was politically motivated. Therefore, applying its findings to other forms of cybercrime, cyberterrorism, or cyberwarfare may be inappropriate.

As a result of these limitations, the project is descriptive rather than prescriptive; it also cannot produce comments about the comparative effectiveness of different approaches to responding to cybercrime. Yet, the case study did not intend to become generalizable, and the limitations of the methodology had been taken into account during the planning stage. As a result, this paper has managed to respond to its research question, and the findings are practically applicable if all the limitations are taken into account.

To summarize, the hypothesis of the research was confirmed; the case proves the idea that counterintelligence can be a useful method of working against cybercrime or cyberwarfare. It can be employed both for proactive and reactive measures since intelligence operations can constitute a significant portion of political interference. The presented case study contributed some data to the investigation of the 2016 interference from the perspective of counterintelligence, demonstrating that it is a valid angle for interpreting the events. Furthermore, it can be used to attract attention to the generally understudied topic of counterintelligence in cybercrime and cyberterrorism and prompt future research in this direction.

Indeed, while it does offer some practical lessons for consideration, this case study has been restricted by the limitations of its design and the report’s focus on reactive measures. Future investigations can take these issues into account and proceed to investigate the event, similar cases, and their implications for security and counterterrorism through different approaches. A very promising direction would be the comparative analysis of varied counterintelligence measures, which would produce important actionable knowledge for countering similar interferences in the future.

Bibliography

Bagchi, Aniruddha, and Tridib Bandyopadhyay. “Role of Intelligence Inputs in Defending against Cyber Warfare and Cyberterrorism.” Decision Analysis 15, no. 3 (2018): 174-93.

Baines, Paul, and Nigel Jones. “Influence and Interference in Foreign Elections.” The RUSI Journal 163, no. 1 (2018): 12-19.

Barnea, Avner. “Big Data and Counterintelligence in Western Countries.” International Journal of Intelligence and Counterintelligence 32, no. 3 (2019): 433-447.

Creswell, John & Creswell, David. Research Design: Qualitative, Quantitative, and Mixed Methods Approaches. Thousand Oaks: SAGE Publications, 2017.

Dhami, Mandeep K., and Jennifer Murray. “Male Youth Perceptions of Violent Extremism: Towards a Test of Rational Choice Theory.” The Spanish Journal of Psychology 19 (2016): 1-10.

Hansen, Isabella, and Darren J. Lim. “Doxing Democracy: Influencing Elections Via Cyber Voter Interference.” Contemporary Politics 25, no. 2 (2019): 150-171.

Homburger, Zine. “The Necessity and Pitfall of Cybersecurity Capacity Building for Norm Development in Cyberspace.” Global Society 33, no. 2 (2019): 224-42.

Janda, Jakub. “How to Boost the Western Response to Russian Hostile Influence Operations.” European View 17, no. 2 (2018): 181-88.

Kaiser, Robert. “The Birth of Cyberwar.” Political Geography 46 (2015): 11-20. Web.

Klein, John. “Deterring and Dissuading Cyberterrorism.” Journal of Strategic Security 8, no. 4 (2015): 23-38. Web.

Smeltz, Dina, and Lily Wojtowicz. “Public Opinion on US-Russian Relations in the Aftermath of the 2016 Election“. SAIS Review of International Affairs 38, no. 1 (2018): 17-26. Web.

U.S. Department of Justice. “Report of the Attorney General’s Cyber Digital Task Force.” U.S. Department of Justice. 2018. Web.

U.S. Department of Justice. “Report on the Investigation into Russian Interference In the 2016 Presidential Election.” Web.

Yin, Robert K. Case Study Research and Applications: Design and Methods. Thousand Oaks: SAGE Publications, 2018.

Footnotes

1. Paul Baines, and Nigel Jones, “Influence and Interference in Foreign Elections,” The RUSI Journal 163, no. 1 (2018): 15-16. Web.
2. U.S. Department of Justice, “Report on the Investigation into Russian Interference In the 2016 Presidential Election,” U.S. Department of Justice. Web.
3. Jakub Janda, “How to Boost the Western Response to Russian Hostile Influence Operations,” European View 17, no. 2 (2018): 181, 188. Web.
4. Baines and Jones, “Influence and Interference,” 12.
5. Avner Barnea, “Big Data and Counterintelligence in Western Countries,” International Journal of Intelligence and Counterintelligence 32, no. 3 (2019): 437-438. Web.
6. Aniruddha Bagchi, and Tridib Bandyopadhyay, “Role of Intelligence Inputs in Defending against Cyber Warfare and Cyberterrorism,” Decision Analysis 15, no. 3 (2018): 174-175, 189. Web.
7. U.S. Department of Justice, “Report of the Attorney General’s Cyber Digital Task Force,” U.S. Department of Justice. Web.
8. Bagchi and Bandyopadhyay, “Role of Intelligence,” 189.
9. John Klein, “Deterring and Dissuading Cyberterrorism,” Journal of Strategic Security 8, no. 4 (2015): 23-25. Web.
10. Barnea, “Big Data,” 437-438.
11. Baines and Jones, “Influence and Interference,” 15-16.
12. Zine Homburger, “The Necessity and Pitfall of Cybersecurity Capacity Building for Norm Development in Cyberspace,” Global Society 33, no. 2 (2018): 229. Web.
13. Bagchi and Bandyopadhyay, “Role of Intelligence,” 189.
14. Klein, “Deterring and Dissuading Cyberterrorism,” 24-25.
15. Robert Kaiser, “The Birth of Cyberwar,” Political Geography 46 (2015): 18-19. Web.
16. Isabella Hansen, and Darren J. Lim, “Doxing Democracy: Influencing Elections Via Cyber Voter Interference,” Contemporary Politics 25, no. 2 (2019): 150, 162. Web.
17. Janda, “How to Boost,” 181, 188.
18. Baines and Jones, “Influence and Interference,” 15-16.
19. Homburger, “The Necessity and Pitfall,” 238.
20. Baines and Jones, “Influence and Interference,” 16.
21. Janda, “How to Boost,” 182-183.
22. Yin, Robert K, Case Study Research and Applications: Design and Methods (Thousand Oaks: SAGE Publications, 2018), 15-16.
23. Yin, Case Study, 132.
24. Mandeep K. Dhami, and Jennifer Murray, “Male Youth Perceptions of Violent Extremism: Towards a Test of Rational Choice Theory,” The Spanish Journal of Psychology 19 (2016): 1-2. Web.
25. Robert Willison, and Paul Benjamin Lowry, “Disentangling the Motivations for Organizational Insider Computer Abuse through the Rational Choice and Life Course Perspectives,” ACM SIGMIS Database: The DATABASE for Advances in Information Systems 49, no. 1 (2018): 81-82. Web.
26. Creswell, John, and Creswell, David, Research Design: Qualitative, Quantitative, and Mixed Methods Approaches (Thousand Oaks: SAGE Publications, 2017), 52-53.
27. Barnea, “Big Data,” 437-438.
28. Klein, “Deterring and Dissuading Cyberterrorism,” 24-25.
29. Bagchi and Bandyopadhyay, “Role of Intelligence,” 189.
30. Yin, Case Study, 16.
31. U.S. Department of Justice, “Report on the Investigation.”
32. Bagchi and Bandyopadhyay, “Role of Intelligence,” 189.
33. Hansen and Lim, “Doxing Democracy,” 150.
34. Janda, “How to Boost,” 182-183.
35. Dina Smeltz and Lily Wojtowicz, “Public Opinion On US-Russian Relations in the Aftermath of the 2016 Election”, SAIS Review of International Affairs 38, no. 1 (2018): 17-19. Web.
36. Barnea, “Big Data,” 437-438.
37. Hansen and Lim, “Doxing Democracy,” 150.
38. Baines and Jones, “Influence and Interference,” 16.
39. Baines and Jones, “Influence and Interference,” 16.
40. Dhami and Murray, “Male Youth Perceptions,” 2.