The [cyber] threat to democracy in the age of AI 

Mark Ruchie at Entrust explores the need for cyber-security to protect the UK general election

 

As the UK gears up for the 2024 general election on July 4th, the integrity of the electoral process faces significant threats from cyber-criminals. The rapid advancement of AI has introduced new avenues for bad actors to exploit. AI-enhanced disinformation campaigns and phishing attacks pose increasingly severe risks to the election’s security and public trust.

 

Understanding these threats and implementing robust defences is crucial to safeguarding our democracy.

 

The impact of disinformation

The election cyber-security landscape has evolved dramatically, with AI at the forefront. Deepfakes and generative AI models can create highly convincing but fabricated media content, making it increasingly difficult for voters to distinguish between real and ‘fake news’. Disinformation in the form of altered images, videos and voice recordings can spread swiftly across social media platforms, amplifying false narratives and dismantling citizens’ baseline trust in legitimate information sources. 

 

While deepfakes garner significant attention, it’s crucial not to overlook the threat of ’cheapfakes’. These are simple manipulations of existing audio or visual content, such as slowing down or speeding up videos, or presenting content out of context.

 

Cheapfakes are particularly dangerous due to their ease of creation and rapid dissemination. They can be just as effective as deepfakes in spreading misinformation, yet are often harder to detect due to their simplicity. The accessibility of cheapfake techniques makes them a prevalent tool for election interference. 

 

Conflicts and election campaigns globally, including those in Ukraine and the US, have already demonstrated the devastating impact of AI-driven disinformation. In Ukraine, deepfakes of political figures added fuel to an already volatile conflict. Meanwhile, ‘disinformation’ rose to prominence during the 2020 US election cycle, misinforming the public about candidates’ positions and integrity. The UK, with its current defences, is vulnerable to similar attacks.

 

To combat this threat, implementing digital signatures and robust processes to verify the authenticity of media is essential. As is raising cyber-security awareness across the board − from election staff and volunteers to the general voting public. By educating citizens on how to spot the telltale signs of deepfake, like subtle unnatural movements or inconsistencies, society can develop a healthier ‘synthetic scepticism’. As deepfakes become harder to detect, bolstering authentication tools with informed judgement can enhance resistance to disinformation.

 

Phishing’s AI evolution

Phishing attacks have also become increasingly sophisticated with the advent of AI. AI-generated spear-phishing campaigns can convincingly mimic legitimate communications, posing a significant challenge even for cyber-security experts. The proliferation of large language models allows for hyper-personalised phishing based on an individual’s specific digital trail of information. These attacks are constantly leveraged against election officials and infrastructure, aiming to compromise sensitive data and disrupt the electoral process.

 

Successful attacks could lead to a range of negative outcomes, from manipulation of voter data to breaches of election systems, and disruption of the voting process. To mitigate these risks, it is vital to implement phishing-resistant multi-factor authentication like biometrics and FIDO security keys universally across election systems.

 

Continuous monitoring tools are crucial for rapidly detecting and responding to threats. Strict privileged access management, credential rotation policies, and robust identity governance can all provide additional control planes. These integrated defence layers can help safeguard critical electoral infrastructure by raising the threat resilience.

 

To further protect against phishing, especially given that email remains the largest vector for ransomware, implementing robust email security measures is essential. It is critical to pay close attention to emails, particularly those from expected sources. During election seasons, many partners, suppliers, and vendors are temporary or non-profits with limited security capabilities. If any of these communications ask for a change or something unexpected, it is advisable to call them directly as their email systems may be compromised.

 

Fortifying election cyber-security

Securing the UK’s democratic process is a national security imperative. Establishing a cross-party code of conduct that includes guidelines on the ethical use of AI tools in campaigns can help promote transparency and accountability. Social media platforms must also take responsibility by labelling AI-generated content and actively curbing the spread of disinformation

 

Embracing a “never trust, always verify" cyber-security approach is crucial for safeguarding against potential breaches. By assuming threats may already exist within the network and constantly verifying access requests, organisations can maintain heightened vigilance. This approach involves encrypting all election-related systems and data, as well as coordinating efforts among government agencies, technology providers, and security experts. 

 

Implementing stringent access controls, mandating phishing-resistant multi-factor authentication, and leveraging PKI certificates to verify and encrypt communications create substantial barriers, making it exponentially more difficult for adversaries to compromise systems, steal data, or conduct malicious influence operations.

 

Defending the integrity of the electoral process also requires centralised coordination and clear communication channels between government entities, technology providers, security vendors, local authorities and political campaigns. Establishing continuous monitoring and rapid incident response protocols well before polling day is critical.

 

After the polls close

The cyber-security risks do not end when polls close on July 4th. Political parties themselves and bad actors continue to sow discord long past election day. Post-election periods can see sustained efforts to delegitimise results, leading to a persistent state of distrust and division within the electorate. This was visible in the aftermath of the US elections. Despite officials affirming no widespread fraud, relentless conspiracy theories and fabricated media content eroded public trust.

 

As AI capabilities accelerate, so does the threat to democracies worldwide. Future elections will face threats from increasingly convincing deepfakes and AI-generated narratives designed to manipulate public opinion and create confusion.

 

Proactive threat monitoring, societal resilience against disinformation campaigns, enhancing cyber-literacy, and strengthening legal frameworks are imperative for fortifying democracy’s long-term foundations. Governments and tech companies must collaborate to effectively combat the ever-evolving threat landscape and help immunise citizens against the manipulative effects of disinformation.

 

The 2024 UK general election is set to be the toughest to defend yet. But while these threats are formidable, proactive measures and a unified defence strategy can safeguard the electoral process. With the right proactive measures, the UK can uphold the integrity of its democracy and ensure that election results continue to reflect the will of the people.

 

---

 

Mark Ruchie is VP InfoSec Advisor at Entrust

 

Main image courtesy of iStockPhoto.com and bymuratdeniz