Cyber Threats To British Elections

Uploaded on 2024-04-24 in NEWS-Cybersecurity News, GOVERNMENT-National, GOVERNMENT-Local, FREE TO VIEW

British voters can expect to face an significant increase in state-backed cyber attacks, hacking  and disinformation campaigns as the country  moves towards local and national elections later in 2024. 

The first vote will be in May in local elections and a general election is expected in the second half of this year, although British Prime Minister Rishi Sunak has not yet to announced the date. 

The votes come as the country faces a range of problems including an economic issues, immigration and disagreements over events in the Middle East.  

These types of hacking attacks aren’t new. In 2016, the UK Brexit vote was found to have been disrupted by disinformation shared on social media platforms, allegedly by Russian state-affiliated groups, although Moscow denies these claims. Indeed, nation-state hackers have made numerous attacks around the world with the aim of influencing  the outcome of elections.

  • Recently the UK said that Chinese hacking group APT 31 had tried to penetrate Parliamentary email accounts, although these  were unsuccessful. Britain has since imposed sanctions on several Chinese individuals and a technology firm located in Wuhan, believed to be acting as a front for APT 31.
  • GCHQ’s National Cyber Security Centre assesses China state-affiliated actor APT31 was almost certainly responsible for targeting UK parliamentarians’ emails in 2021. Also, the US, Australia and New Zealand have applied sanctions on Chinese entities, although the Chinese government denies the allegations of state-sponsored hacking, calling them “groundless.”

Cyber security experts expect malicious actors to interfere in the forthcoming elections in several ways, not least through disinformation, which is expected to be even worse this year due to the widespread use of Artificial Intelligence (AI).

Synthetic images, videos and audio generated using computer graphics, simulation methods and AI, commonly referred to as “deepfakes”, will be a common occurrence as it becomes easier for people to create them.  The cyber security community has called for heightened awareness of this type of AI-generated misinformation, as well as international cooperation to mitigate the risk of such malicious activity.

In comment, Lewis Shields, Director, Dark Ops at ZeroFox said "For the UK specifically, local council elections are fast approaching, with a general election also on the horizon before 28th January 2025. As the world gears up for this pivotal year, a new battleground is emerging ...  With hostile state-sponsored attacks against the UK identified, and mis- and dis-information spreading more quickly and at a larger scale, the digital landscape has made preserving the integrity of election processes evermore complex... This year, threat actors will undoubtedly deploy mass-disinformation campaigns, leading to the spread of political narratives that are expected to profoundly influence the public's perception of electoral candidates".

As part of this, threat actors are expected to leverage GenAI to create more effective and persuasive content, including highly realistic synthetically-generated images and deepfakes of politicians to discredit and undermine opposition candidates.

In the past six months, more than a dozen Westminster insiders have been targeted, including politicians and government advisers. While social engineering campaigns aren’t new, the use of pressure tactics during this critical electoral year has the potential to prompt an ill-considered response. “While the cybersecurity challenges facing the 2024 elections are daunting, they’re not insurmountable. Awareness is the first step - government employees, cybersecurity experts, and the public must understand these new threats, remain vigilant, and treat everything with a high dose of scepticism. Most importantly, public sector organisations should harness a multifaceted cybersecurity approach that looks beyond the typical cybersecurity perimeter to detect and disrupt these new-age election threats that can arise across the entire internet." Shields said.

To secure its elections from cyber threats like those from APT31, the UK government is improving the overall resilience of its elections cyber infrastructure. It is working closely with the NCSC to identify threats and emerging trends. These efforts are likely to include regular security audits, penetration testing and the adoption of secure software development practices to ensure that systems are robust.

The British deputy prime minister, Oliver Dowden, has told MPs that China's attempts to interfere with UK democracy and politics have been unsuccessful, and that the government had bolstered its cyber defence since the attacks. 

“We will not hesitate to take swift and robust actions wherever the Chinese government threatens the United Kingdom’s interests... The UK judges that these actions demonstrate a clear and persistent pattern of behaviour that signals hostile intent from China.” Dowden said.

CNBC     |     National Cyber Security Centre     |     University of Portsmouth    |      University of Birmingham     |    

The Guardian     |     Euro News

Image: Ideogram

You Might Also Read: 

Deepfakes Complicate Election Security:

DIRECTORY OF SUPPLIERS - Deepfake & Disinformation Detection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

 

« Controlling The Use Of Cyber Weapons
Iranian Hackers Targeted Israel’s Radar Systems »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Pyramid Computer

Pyramid Computer

Pyramid Computer provides custom enterprise solutions for Industrial PC, Imaging, Network, Security, POS, Indoor Positioning and Automation.

GSMA - IoT Security Guidelines

GSMA - IoT Security Guidelines

GSMA has created a set of security guidelines for the benefit of service providers who are looking to develop new IoT products and services.

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

Regulus Cyber

Regulus Cyber

Regulus enables drones, robots and autonomous vehicles to operate safely, without malicious or accidental interference to the operation of their mission.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

Honeywell Process Solutions (HPS)

Honeywell Process Solutions (HPS)

Honeywell's Industrial Cyber Security Solutions help plants and critical infrastructure sectors defend the availability, reliability and safety of their industrial control systems.

Quest Software

Quest Software

Simple IT management for a complex world. Whether it’s digital transformation, cloud expansion, security threats or something new, Quest helps you solve complex problems with simple solutions.

Belle de Mai Incubator

Belle de Mai Incubator

Belle de Mai Incubator supports and funds innovative startup ideas in digital industries.

Newtec Services

Newtec Services

IT should be responsive, adaptive, and smart. Now more than ever, you need a business that runs efficiently and can adapt to today's challenges. We can help with custom IT solutions.

Wiz

Wiz

Wiz - the first cloud visibility solution for enterprise security: A 360° view of security risks across clouds, containers and workloads.

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER) conducts full spectrum military cyberspace operations in order to enable freedom of action in cyberspace and deny the same to the adversary.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

Buguard

Buguard

Buguard is a multi-award-winning supplier of Application Security Assessments and GRC services.

Neya Systems

Neya Systems

Neya Systems, a leader in advanced off-road autonomy and high-level multi-robot mission planning, provides innovative solutions for uncrewed ground, aerial, and surface vehicles.

Thero6

Thero6

Thero6 develop dynamic financial analysis algorithms that help prevent coin collapses and theft of cryptocurrency funds by identifying the transaction absolutely throughout the chain.