Safeguarding democracy from cyber threat peril

There has been an increase in disturbing activity emerging on the dark web involving the sale of public sector assets, including election data

Barry O’Connell

Published: 04 Jul 2024

With the country heading to the polls, ensuring the cyber security of the electoral infrastructure couldn’t be more crucial. The government has warned that rising geopolitical tensions across the globe have the potential to impact elections as at least 64 countries gear up to head to the polls, representing 49% of the world’s population.

Beyond the threat of nation-state actors meddling in upcoming elections, we’re seeing the growing risk of deepfakes, the spread of misinformation and the rise of hacktivists-for-hire contributing to a hostile landscape. These threats come from various entities with different motivations, typically criminal organisations and state-sponsored threat actors.

One threat we must be aware of is specialised arsenal malware loaders that threat actors use to sneak onto systems and pave the way for more dangerous malware to steal passwords, sensitive information or contacts. In the case of elections, we’ve seen the example of APT28 (dubbed MASEPIE), which was suspected to have compromised the Hillary Clinton campaign in 2016 to interfere with the US elections.

The rise of underground forums

There has also been an increase in disturbing activity emerging on the Dark Web involving selling public sector assets, such as election data. This includes voter registration rolls, election results and internal communications, all of which can erode trust in democratic processes or prey on specific voters.

We have found examples of threat actors claiming to have access to both Middle Eastern and South American election systems, which were being peddled for $150,000.

In the worst-case scenario, these forums pose a threat against national and public safety. Adopting adequate threat intelligence capabilities to spot underground activity early on may evolve into a necessity for public sector organisations.

The rise of deepfakes

The next general election is the first major election in the UK in a time of significant advances in AI and deepfakes. Britain’s Cyber Agency warned this year that more increasingly realistic deepfake videos and other forms of disinformation may be used to disseminate mistruths. Already, we’ve seen examples of this including the deepfake audio clip of Sir Keir Starmer verbally abusing party staffers in Liverpool and a fake audio note of Mayor Sadiq Khan claiming Remembrance Day should be postponed last year.

While there isn’t significant evidence that directly links the exposure of misinformation to a change in voting intentions, we cannot deny its potential to undermine the integrity of electoral processes.

Securing future processes

Due to the nature of today’s global political landscape, the UK has implemented several policies, including the Defending Democracy Taskforce established in 2022. By dedicating a specific unit of experts to the safety of UK election security, the government is taking a positive step toward reducing risk.

Securing against cyber risk isn’t always straightforward. We’re living in a time of growth for cybersecurity attacks “as a service”, making it easier for attackers to expand their capabilities and more difficult to attribute incidents to specific states or groups. Equally, attackers don’t need to be fully successful in their attempts to cast doubt on electoral processes and democratic outcomes.

There must be collaboration between government agencies across jurisdictions to share information on best practice and raise awareness with the public, as well as reduced reliance on third parties for digital technologies. Ultimately, it’s in the UK’s best interest to prepare for the worst-case scenario for this and future elections and ensure that all aspects of cybersecurity have been addressed to uphold the integrity of the electoral process and the country’s democracy.

Ironically, the sharp end, literally, of the UK election process, manifested by using a pencil to put an X on a piece of paper, sticking it in a locked box and having the ballot papers counted one by one by an army of volunteers, may turn out to be the most secure part of the overall electoral experience.

Barry O’Connell is EMEA general manager at Trustwave.

Read more on Hackers and cybercrime prevention

Why AI is talking politics this year