Deepfakes Complicate Election Security

Uploaded on 2024-03-11 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW

The explosion of Artificial Intelligence  (AI) technology makes it easier than ever to deceive people on the Internet is turning the 2024 US presidential election - and many other national elections around the world  this year - into an unprecedented test on how to police deceptive content.

Most of the world's largest tech companies, including Amazon, Google and Microsoft, have agreed to tackle what they are calling deceptive AI in elections. 

Now, 20 firms have signed an accord committing them to fighting voter-deceiving content and they say they will deploy technology to detect and counter the material. The Tech Accord to Combat Deceptive Use of AI in 2024 Elections was announced at the Munich Security Conference recently. While cyber security risks to the democratic process have been pervasive for many years now, the prevalence of AI now represents new threats.

Platforms like ChatGPT, Google's Gemini (formerly Bard), or any number of purpose-built Dark Web large language models (LLMs) could play a role in disrupting the democratic process, with attacks encompassing mass influence campaigns, automated trolling, and the proliferation of deepfake content.

FBI Director Christopher Wray said he had concerns about ongoing information warfare using deepfakes that could plant disinformation in the upcoming presidential campaign.

GenAI could also automate the rise of fake behaviour networks that attempt to develop audiences for their disinformation campaigns through fake news outlets, convincing social media profiles, and other avenues, with the goal of sowing discord and undermining public trust in the electoral process.

Election Risks 

From the perspective of Padraic O'Reilly, CIO for CyberSaint Security, the risk is "substantial" because the technology is evolving so quickly. "It promises to be interesting and perhaps a bit alarming, too, as we see new variants of disinformation leveraging deepfake technology," he says. Specifically, O'Reilly says, the "nightmare scenario" is that microtargeting with AI-generated content will proliferate on social media platforms.

This is similar to the Cambridge Analytica scandal, where the company amassed psychological profile data on 230 million US voters, in order to serve up highly tailored messaging via Facebook to individuals in an attempt to influence their beliefs, and votes.

GenAI has the potential to automate that process at scale, creating a highly convincing content that would have few, if any, "bot" characteristics that could alert suspicions.

AI Amplifies Existing Phishing TTPs

GenAI is already being used to craft more believable, targeted phishing campaigns at scale, but in the context of election security that phenomenon is event more concerning, according to Scott Small, director of cyber threat intelligence at Tidal Cyber.

Small says AI adoption also lowers the barrier to entry for launching such attacks, a factor that is likely to increase the volume of campaigns this year that try to infiltrate campaigns or take over candidate accounts for impersonation purposes, amongst other potentials.

Defending Against AI Election Threats

To defend against these threats, election officials and campaigns must be aware of GenAI-powered risks and how to defend against them.They also must make sure volunteers and workers are trained on AI-powered threats like enhanced social engineering, the threat actors behind them and how to respond to suspicious activity.

Both Google and Meta have previously set out their policies on AI-generated images and videos in political advertising, which require advertisers to flag when they are suing deepfakes or content which has been manipulated by AI.

Dark Reading     |     The Wall Street Journal     |     BBC     |     Forbes     |     LinkedIn     |     Daily.dev

Image: Unsplash

You Might Also Read: 

Imran Khan Claims Victory Using AI Generated Video:

DIRECTORY OF SUPPLIERS - Deepfake & Disinformation Detection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Surge in “Hunter-Killer” Malware
Cybercrime Hit 1.5m UK Businesses In 2023 »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Hyve

Hyve

Hyve provide a wide range of managed web hosting services including private, hybrid and public VMware cloud hosting.

SecureNow Insurance Broker

SecureNow Insurance Broker

SecureNow is a commercial insurance broker based in India. Services offered include Cyber Risk insurance.

ControlCase

ControlCase

ControlCase provide solutions that address all aspects of IT-GRCM (Governance, Risk Management and Compliance Management).

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

Coro Cybersecurity

Coro Cybersecurity

Coro (formerly Coronet) empowers organizations to protect against malware, ransomware, phishing, and botnets - across devices, users, and cloud applications.

Lightship Security

Lightship Security

Lightship Security is an accredited Common Criteria and FIPS 140-2 IT security testing laboratory that specializes in test conformance automation solutions and IT product security certifications.

Veriff

Veriff

Veriff provides highly-automated identity-verification services that prevent fraud like nothing else on the market.

LOGbinder

LOGbinder

LOGbinder eliminates blind spots in security intelligence for endpoints and applications.

Ward Solutions

Ward Solutions

Ward Solutions are an information security consultancy and managed services company. We help organisations protect their brand, people, assets, intellectual property and profits.

Noerr

Noerr

Noerr is one of the top European law firms with 500 professionals in Germany, Europe and the USA. We provide solutions to complex and sophisticated legal matters including cyber risks.

Sealing Technologies (SealingTech)

Sealing Technologies (SealingTech)

SealingTech is a leader in cutting edge research, products, engineering, and integration services in the Internet of Things, Edge, Machine Learning, Artificial Intelligence, and Cloud.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

Enterprise Strategy Group

Enterprise Strategy Group

Enterprise Strategy Group, a division of TechTarget, is an IT analyst, research, validation, and strategy firm that provides market intelligence and actionable insight to the global IT community.

Sansec Technology

Sansec Technology

Sansec Technology is dedicated to the research and development of cryptographic products and solutions for cyber security.

OryxAlign

OryxAlign

OryxAlign offer managed IT and cyber security, cloud and digital transformation, and tailored professional and consulting services.

Rankiteo

Rankiteo

At Rankiteo, we are pioneers in cybersecurity risk management. Our mission is to empower organizations with the tools they need to assess, enhance, and safeguard their digital landscapes.