David Smith delivers a crucial, often overlooked truth: cyberwarfare is rarely about stealing votes, but about manufacturing the doubt that makes democracy feel broken. While headlines focus on the ballot box, Smith reveals how the real battle was fought in the invisible infrastructure that validates the count, turning technical glitches into political weapons.
The Architecture of Defense
Smith begins by dismantling the notion that Moldova was unprepared, detailing a decade-long institutional overhaul that began in 2017. He writes, "Successive Moldovan governments have been working since 2017 to modernize the country's cybersecurity infrastructure and defenses." This is not a story of last-minute scrambling, but of strategic, boring, essential work. The author traces the evolution from the Soviet-era Special Telecommunications Center to the creation of the National Cyber Security Authority (ASC) in 2023, arguing that these reforms were the silent shield that held the line.
The piece highlights a critical shift in strategy: moving from merely securing government communications to protecting the entire digital ecosystem. "Shifting focus from information security to infrastructure security," Smith notes, was the key to survival. This framing is vital because it explains why the attacks failed to paralyze the state. The defense wasn't just a firewall; it was a cultural and structural transformation.
"It was these changes, as well as the ongoing support from Moldova's security and development partners, that put the country in a position to identify and respond to Russian hybrid attacks that involved cyber operations."
Critics might argue that relying on foreign partners like the US and UK creates a dependency that could be exploited later, but Smith's evidence suggests that without this external scaffolding, the domestic reforms would have lacked the necessary resources to take root. The author also draws a subtle parallel to the "Illegals Program" historical context: just as Soviet spies once embedded themselves in Western institutions to gather intelligence, modern actors now embed themselves in the digital layer to disrupt it. The difference is that this time, the host nation had built a immune system.
The Cat-and-Mouse Game of Information
The second section exposes how cyber operations served as the delivery mechanism for disinformation. Smith describes a sophisticated "cat-and-mouse game" where Kremlin-aligned actors constantly shifted domains to evade blocks on pro-Russian media. He writes, "As the Moldovan (or European) authorities block websites or TV channels, Kremlin actors create workarounds. That included both replicating infrastructure and attacking user's Domain Name Service (DNS) systems."
This is where the technical meets the psychological. The goal wasn't just to get a message out, but to make the government's attempt to stop it look like censorship or incompetence. Smith details how a new streaming platform, HaiTV, was used to bypass blocks, noting that the domain was registered by a Moscow-based company using Western infrastructure to mask its origins. "Kremlin actors regularly used Western registered companies and Western infrastructure in order to bypass national level blocking," he observes. This tactic mirrors the "Doppelganger" network's history of cloning major Western news sites, a technique that turns the internet's openness against itself.
"Hack-and-leak operations are visible, but we must assume that similar operations are happening invisibly at the level of espionage."
The author's analysis of "Moldova Leaks" is particularly chilling. By releasing chat logs slowly, the attackers created a narrative of impending doom without ever revealing the "big reveal." Smith argues this was a deliberate strategy to induce paranoia: "The implication was that they were building to a major reveal... but that never happened and the site was deleted." This psychological warfare is as potent as any cyberattack, designed to make citizens question the integrity of their leaders before a single vote is cast.
Disruption as the End Goal
The most striking argument in the piece is that the attackers never intended to change the vote count. "The goal instead was to undermine faith in the election," Smith asserts. Because Moldova uses paper ballots, the digital systems were only there to verify identities and publish real-time turnout data. The attackers knew that if they could crash the Central Election Commission (CEC) website, the delay in reporting would be spun as evidence of fraud.
Smith explains the mechanics clearly: "Without computer ID verification, voters would need to be checked against printed voter lists. This slows the process and removes the real time data transmitted to the CEC that people watch online on election day." This creates a perfect storm for hybrid warfare: a technical delay provides the "staged evidence" needed to justify street protests. The author connects this to the broader "Ileana Cosânzeana" narrative of Moldovan resilience, suggesting that the country's ability to withstand this pressure is a test case for all of Eastern Europe.
"Technical disruption could create uncertainty, information operations could frame that uncertainty as evidence of fraud and organized protests could then transform these narratives into political pressure against the government."
This integration of cyber, information, and physical protest is the core of the "hybrid" threat. Smith's reporting makes it clear that the attack on the CEC was not an isolated technical failure but a coordinated political maneuver. The fact that the election proceeded smoothly despite these efforts is a testament to the institutional reforms mentioned earlier, but it also highlights the fragility of democratic trust.
"Moldova's experience therefore offers important lessons for understanding the role of cyber activity within contemporary hybrid interference operations."
Bottom Line
Smith's strongest contribution is reframing cyberattacks not as standalone events, but as the enabling infrastructure for broader political subversion. His argument holds up because it is grounded in specific technical details—from DNS manipulation to the mechanics of paper-ballot verification—rather than abstract fear-mongering. The piece's biggest vulnerability is its reliance on the assumption that the "hybrid" playbook is static; as defenses harden, adversaries will inevitably evolve new, less detectable methods. The reader must watch for how the executive branch and international partners adapt their strategies when the "cat-and-mouse" game shifts to the next level.