Elections 2024: The Role of Cybersecurity and AI in Shaping the Future

Presented by Zscaler

2024 is shaping up to be a pivotal year for global elections, with key parliamentary and presidential races in the United States, United Kingdom, India, Brazil, Indonesia, and Mexico. The stakes are high, as the threats from cyberattacks and AI-driven disinformation escalate.

According to the World Economic Forum’s latest Global Risks Perception Survey, misinformation and disinformation are ranked among the top risks. The trend of attempting to manipulate voters and undermine election legitimacy is set to intensify.

The Rise of Deepfakes

As deepfake technology advances and becomes more accessible, we can expect its proliferation across social media. Notable instances include a "robocall" using Joe Biden's voice to mislead voters in the January 2024 New Hampshire primary. Such tactics were similarly exploited in Slovakia and the U.K.

In the September 2023 Slovakian elections, audio clips falsely attributed to Michal Simecka, leader of the liberal Progressive Slovakia party, claimed he was plotting to rig the election and planned to double beer prices if elected. Despite the lack of proof regarding the attacker's identity, former Prime Minister Robert Fico, a pro-Russia candidate, won.

In the U.K., Labour Party leader Sir Keir Starmer became a target of an audio deepfake just as his party’s annual conference began, featuring a clip that falsely depicted him using profane language. X (formerly Twitter) did not remove the clip, citing insufficient evidence from the Labour Party.

Escalating Concerns Over Deepfakes

Audio deepfakes may pose a greater threat than video, which is generally easier to identify as manipulated. Currently, high-profile figures are the primary targets, but future deepfakes could target election workers in contested districts, complicating rapid debunking efforts. Moreover, counterfeit websites may emerge to further disseminate misinformation, making deepfakes even harder to contain.

Amid these challenges, the Associated Press has released guidance on identifying deepfakes. Politicians and experts, especially in the U.K. and U.S., are advocating for regulations to curb the production and distribution of deepfakes. In February 2023, a coalition of AI leaders called for criminal penalties against those who create harmful disinformation. However, doubts remain about the efficacy of any new regulations in time for the U.S. elections.

The Growing Risk of Cyberattacks

Cyberattacks are an ongoing threat, with politicians, their families, and staff likely being targeted continuously. The absence of reported breaches does not imply safety; attackers may be waiting for the optimal moment within the election cycle to leak sensitive information. Undetected cyber intrusions could lead to significant information leaks.

While attention in the 2020 U.S. elections focused primarily on Russia, other nations like China may also aim to influence upcoming elections. Reports indicate Chinese interference in Canada's 2019 and 2021 federal elections, and evidence suggests intent to disrupt the 2024 U.S. elections as well. Both China and Russia have shown expertise in long-term cyber operations, with state actors like Iran and North Korea potentially joining the fray.

Threats to Voting Infrastructure

Voting machines are prime targets for state-sponsored hacking. Compromising the integrity of these systems during the U.S. elections could reignite doubts surrounding the 2020 election outcomes. While previous allegations lacked substantiation, tangible evidence of cyberattacks this election season could further erode public confidence.

In anticipation of such threats, the Cybersecurity and Infrastructure Security Agency (CISA) is enhancing protective measures. The #protect2024 website offers crucial resources for state and local election officials, improving system security and planning incident responses. The Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) aims to streamline communication and intelligence sharing among election officials.

Additionally, the collaborative efforts of ethical hackers, such as those from the Election Security Research Forum and MITRE, are crucial for identifying vulnerabilities in election technology before they can be exploited.

Distributed Denial of Service (DDoS) attacks have already caused temporary disruptions, such as during the 2022 U.S. midterm elections, but their impact remains limited and unlikely to prevent votes from being cast.

In January 2024, an app developed by the Bangladesh Election Commission was compromised by unknown attackers, resulting in slow performance leading up to the elections. The telecom and media sectors were also targeted by DDoS attacks, presumably to hinder voter information flow.

Insider threats should not be overlooked, as individuals with access could intentionally manipulate or destroy election data, undermine registration efforts, or interfere with election infrastructure.

A Snapshot of Cybersecurity and AI Challenges

The issues surrounding election security reflect broader cybersecurity and AI challenges. The volume of threats continues to expand, often outpacing the defenses in place.

While lessons will emerge from this year's election security incidents, cybersecurity professionals must remain vigilant, as tactics could potentially threaten other sectors, including businesses and critical infrastructure. Proactive measures must be implemented until AI can effectively neutralize attacks before they impact the integrity of the 2024 elections.

Rob Sloan

VP Cybersecurity Advocacy at Zscaler

Most people like

Find AI tools in YBX

Related Articles
Refresh Articles