How AI Will Help Disrupt Elections Around The Globe

Uploaded on 2024-09-06 in TECHNOLOGY-Key Areas-Artificial Intelligence, FREE TO VIEW

With national elections happening all over this world in 2024 and 2025, and with AI capabilities growing at an unprecedented rate, it is highly likely that AI will be leveraged by malicious cyber operators, at both the nation state and cybercriminal level, to compromise the security and integrity of democratic election infrastructure.

Cyber threat actors have numerous generative AI tools at their disposal, ranging from deepfake videos and voice cloning to AI-generated SMS messages that can be compiled to implement a variety of cyber-attack vectors. These include scaled social engineering and phishing campaigns, as well as enhanced distributed denial-of-service (DDoS) attacks to manipulate voters and disrupt the operation of election-themed websites.  
 
Generative AI is an attractive option for politically driven and nation state-sponsored threat actors due to scalability, reduced cost, speed of implementation and the ability to deploy advanced malware payloads against electoral systems that can evade defensive measures.  
 
What can be done to combat this AI disruption?  It is essential that election officials are aware of the potential for cyber threats to surge throughout the time periods coinciding with high-profile elections. This will allow for safeguards and mitigation strategies to be enforced to defend against potential attacks against business and the overarching democracy allowing for these organizations to function. The majority of the optimal mitigation measures involve the industry standard cybersecurity best practices, and it is therefore vital that both governments and private sector businesses are aware of these strategies to protect their accounts and devices. 
 
A key mitigation to election-based cyber threats would include increased monitoring of network systems via an effective and monitored endpoint detection and response (EDR) solution to detect malicious intrusions. It will also be critical for governments and their partners to share threat intelligence, while conducting attack emulation scenarios that imitate election-orientated disruption scenarios as a proactive strategy to strengthen their network security posture. In addition, it is strongly recommended that government-level entities gather awareness regarding the manner in which vulnerable technology platforms intersect with their election processes, conduct holistic threat and risk assessments and implement robust defensive measures to combat foreign espionage efforts and reduce the risk of disruption.  
 
To defend against AI-driven threats, more specific measures will be required depending on the attack vector at the disposal of the threat actor. To defend against AI-based phishing and social engineering operations, it will be critical for government bodies and businesses to establish:      

  • Robust authentication protocols, such as multi-factor authentication (MFA).
  • Email authentication protocols, such as domain-based message authentication.
  • Limit social media attack surfaces by applying strong privacy policies and removing personally identifiable information (PII) from profiles.
  • Transition to zero trust security principles to prevent unauthorized users accessing sensitive data and services. 

 To reduce the risk of impersonation it is recommended that personal social media accounts are made private, thereby limiting access to images by nefarious cyber actors whereas old profiles no longer in use should be deactivated or deleted. Further, sensitive data can be protected by validating requests for information to be sent through secondary channels and by applying identity verification for real-time communications. Adoption of passphrases and educating employees are additional methods for diminishing the threat of impersonation and harassment during election periods.   
 
Combating malicious influence operations and disinformation campaigns will require additional security measures including: 

  • Building rapport with local media entities and community officials to ensure the flow of accurate information.
  • Utilizing authentication techniques, including watermarks, to consolidate the veracity of published content.
  • Training employees regarding standard operating procedures (SOP) for responding to media manipulation, with an awareness of how to report this within the organization. 

It is likely that threat actors will focus AI-driven cyber-attacks with the intention of disrupting weak democratic systems as opposed to more secure establishments. This will likely involve targeting the following election-based entities:  

  • Electoral process: manipulative AI methods could be leveraged to spread false information surrounding voting procedures.  
  • Election officials: AI tools could be utilized to collect sensitive data resulting in potential doxing attacks against election officials, including party candidates. 
  • Election offices: AI-driven spear phishing operations could be launched against election staff with the objective of gaining access to sensitive election data. 
  • Election vendors: AI capabilities could be leveraged to influence the trust level of the public surrounding election vendors. 

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

Image: bizoo_n

You Might Also Read: 

Israel-Hamas Conflict: The Escalation Of Cyberwarfare:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Cyber Attack Hits German Air Traffic Control
Telegram Disables Features Used For Illegal Activity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

Juniper Networks

Juniper Networks

Juniper Networks is the industry leader in network innovation. We provide network infrastructure and network security solutions.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

ID Agent

ID Agent

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions.

Computer Forensics Consult (CFC)

Computer Forensics Consult (CFC)

Computer Forensics Consult provides disaster recovery, computer forensics, electronic discovery and litigation support services in the growing area of Cyber Security.

Ledger

Ledger

Ledger is a leader in security and infrastructure solutions for cryptocurrencies and blockchain applications using its proprietary technology.

Identity Defined Security Alliance (IDSA)

Identity Defined Security Alliance (IDSA)

IDSA is a group of identity and security vendors, solution providers and practitioners that acts as an independent source of education and information on identity-centric security strategies.

StepStone

StepStone

StepStone is one of the leading online job platforms in Germany, and other countries, covering all industry sectors including IT and cybersecurity.

Venkon

Venkon

Venkon provides effective and unique solutions to cyber-security threats and IT compliance requirements of your organization.

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance combines insurance expertise with cybersecurity and data talent to deliver clear, effective solutions to protect you for the cyberrisks of today—and tomorrow.

Intechtel

Intechtel

Intechtel is a cyber security company, in addition to providing other internet, technology and telephone services.

TAV Technologies

TAV Technologies

TAV Technologies is a provider of technology services to the aviation industry in areas including airport infrastructure systems, digital transformation and cybersecurity.

Eastern Cyber Resilience Centre (ECRC)

Eastern Cyber Resilience Centre (ECRC)

The Eastern Cyber Resilience Centre is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Colt Technology Services

Colt Technology Services

Colt Technology Services (Colt) is a global digital infrastructure company which creates extraordinary connections to help businesses succeed.

Cytidel

Cytidel

Cytidel is a vulnerability and risk management platform that utilises threat and business intelligence to help IT Security teams.

BuddoBot

BuddoBot

BuddoBot has been a pioneering force in cybersecurity and information technology since 2008.