How AI Will Help Disrupt Elections Around The Globe

With national elections happening all over this world in 2024 and 2025, and with AI capabilities growing at an unprecedented rate, it is highly likely that AI will be leveraged by malicious cyber operators, at both the nation state and cybercriminal level, to compromise the security and integrity of democratic election infrastructure.

Cyber threat actors have numerous generative AI tools at their disposal, ranging from deepfake videos and voice cloning to AI-generated SMS messages that can be compiled to implement a variety of cyber-attack vectors. These include scaled social engineering and phishing campaigns, as well as enhanced distributed denial-of-service (DDoS) attacks to manipulate voters and disrupt the operation of election-themed websites.  
 
Generative AI is an attractive option for politically driven and nation state-sponsored threat actors due to scalability, reduced cost, speed of implementation and the ability to deploy advanced malware payloads against electoral systems that can evade defensive measures.  
 
What can be done to combat this AI disruption?  It is essential that election officials are aware of the potential for cyber threats to surge throughout the time periods coinciding with high-profile elections. This will allow for safeguards and mitigation strategies to be enforced to defend against potential attacks against business and the overarching democracy allowing for these organizations to function. The majority of the optimal mitigation measures involve the industry standard cybersecurity best practices, and it is therefore vital that both governments and private sector businesses are aware of these strategies to protect their accounts and devices. 
 
A key mitigation to election-based cyber threats would include increased monitoring of network systems via an effective and monitored endpoint detection and response (EDR) solution to detect malicious intrusions. It will also be critical for governments and their partners to share threat intelligence, while conducting attack emulation scenarios that imitate election-orientated disruption scenarios as a proactive strategy to strengthen their network security posture. In addition, it is strongly recommended that government-level entities gather awareness regarding the manner in which vulnerable technology platforms intersect with their election processes, conduct holistic threat and risk assessments and implement robust defensive measures to combat foreign espionage efforts and reduce the risk of disruption.  
 
To defend against AI-driven threats, more specific measures will be required depending on the attack vector at the disposal of the threat actor. To defend against AI-based phishing and social engineering operations, it will be critical for government bodies and businesses to establish:      

  • Robust authentication protocols, such as multi-factor authentication (MFA).
  • Email authentication protocols, such as domain-based message authentication.
  • Limit social media attack surfaces by applying strong privacy policies and removing personally identifiable information (PII) from profiles.
  • Transition to zero trust security principles to prevent unauthorized users accessing sensitive data and services. 

 To reduce the risk of impersonation it is recommended that personal social media accounts are made private, thereby limiting access to images by nefarious cyber actors whereas old profiles no longer in use should be deactivated or deleted. Further, sensitive data can be protected by validating requests for information to be sent through secondary channels and by applying identity verification for real-time communications. Adoption of passphrases and educating employees are additional methods for diminishing the threat of impersonation and harassment during election periods.   
 
Combating malicious influence operations and disinformation campaigns will require additional security measures including: 

  • Building rapport with local media entities and community officials to ensure the flow of accurate information.
  • Utilizing authentication techniques, including watermarks, to consolidate the veracity of published content.
  • Training employees regarding standard operating procedures (SOP) for responding to media manipulation, with an awareness of how to report this within the organization. 

It is likely that threat actors will focus AI-driven cyber-attacks with the intention of disrupting weak democratic systems as opposed to more secure establishments. This will likely involve targeting the following election-based entities:  

  • Electoral process: manipulative AI methods could be leveraged to spread false information surrounding voting procedures.  
  • Election officials: AI tools could be utilized to collect sensitive data resulting in potential doxing attacks against election officials, including party candidates. 
  • Election offices: AI-driven spear phishing operations could be launched against election staff with the objective of gaining access to sensitive election data. 
  • Election vendors: AI capabilities could be leveraged to influence the trust level of the public surrounding election vendors. 

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: bizoo_n

You Might Also Read: 

Israel-Hamas Conflict: The Escalation Of Cyberwarfare:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Cyber Attack Hits German Air Traffic Control
Telegram Disables Features Used For Illegal Activity »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

Redborder

Redborder

Redborder is an Open Source network visibility, data analytics, and cybersecurity Big Data solution that is scalable up to the needs of enterprise networks and service providers.

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) undertakes cyber security research and plays a leading role in securing Pakistan’s Cyberspace.

Securden

Securden

Securden provide an all-in-one Platform for Next-Gen Privileged Access Governance, helping you to prevent identity thefts, malware propagation, cyber attacks, and insider exploitation.

Anterix

Anterix

Anterix is focused on empowering the modernization of critical infrastructure and enterprise businesses by enabling private broadband connectivity.

Open Quantum Safe (OQS)

Open Quantum Safe (OQS)

The Open Quantum Safe (OQS) project is an open-source project that aims to support the development and prototyping of quantum-resistant cryptography.

BalkanID

BalkanID

BalkanID is an Identity governance solution that leverages data science to provide visibility into your SaaS & public cloud entitlement sprawl.

Regtank Technology

Regtank Technology

Regtank is a one-stop compliance solution for fintechs, navigating compliance, security and risk management.

ID North

ID North

ID North is a Nordic service provider offering identity security to its customers by providing world class expertise and best-in-class solutions and services.

Foresiet

Foresiet

Foresiet is the first platform to cover all of your digital risks, allowing enterprise to focus on the core business.

CYBRI

CYBRI

CYBRI is a cybersecurity company helping businesses detect and remediate mission-critical vulnerabilities before they get exploited by hackers.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.

Contextal

Contextal

Contextal develops cutting-edge open-source cybersecurity solutions, designed to connect the dots and detect complex threats, which slip through the existing protections.

Soteria Communications

Soteria Communications

Soteria Communications supports clients to prepare for and manage crises, with a focus on cyber incidents.