How to Prevent Cyberattackers’ Manipulation of the Democratic Process
Given GCHQ’s recent warning that the vote was the subject of a cyberattack, what can we do to avoid tampering with the democratic process?
With global inflation, the rising cost of living and the ongoing energy crisis, it’s a worrying time for many of us.
Additionally, the recent change in UK governance has created further uncertainty, not just from a societal and economic perspective but also from a security perspective – with Government Communications Headquarters (GCHQ) warning that the voting process was under attack.
Ongoing malicious activity by hostile states and past attacks on democratic elections show that prevention is always the best cure. This is because if it can be hacked, it can be hacked. It is guaranteed that malicious groups would consider manipulating votes for their own benefit.
Fortunately, GCHQ’s vigilance prevented a cyberattack in the recent Tory leadership election, but this would not have been possible without secure protocols, which are essential to detecting attacks. The fact that China, Russia and Iran have previously been accused of trying to influence polls underscores security threats not only to democratic elections but also to political leaders and government organizations more broadly.
Now that new leadership is in office, what lessons can be learned from this democratic process?
What can be done to limit the influence of cyber attackers on the democratic process?
While the cybersecurity protocol is critical for both public and private sector workers, it is critical for political activists, candidates and elected officials. Finally, politicians and their associates are attractive targets because they have access to sensitive information and important people, including high-profile financiers.
Political actors are also easy targets because of their behavior. These individuals are often highly mobile, work in busy environments and work under constant stress. They often have to make quick decisions on the go and communicate via smartphones with small interfaces, making it difficult to detect the smallest anomalies.
At this point, however, candidates and employees can fall victim to socially engineered “muscle memory” attacks that reduce our reliance on routine actions (e.g., responding to email login requests without thinking) and our inability to effective multitasking.
Given that these individuals are targets of both state-sponsored and financially motivated attacks, it is imperative that government organizations and their employees know how to act quickly and decisively to secure these primary forms of communication.
Securing the democratic process requires quick action
To defend against unauthorized influence, government organizations should adopt both the right technologies and the right mindset. By securing all hackable endpoints, exercising Zero Trust across systems and processes like voting, and ensuring every security protocol – however basic – is enforced, all security loopholes are eliminated.
The implementation and enforcement of DMARC (Domain-based Message Authentication, Reporting & Conformance) protocols is also essential, including extending efforts to multi-factor authentication (MFA) and enterprise-class messaging platforms.
Together, these help prevent unauthorized email access and electronic eavesdropping, while promoting the detection of phishing and other socially engineered emails. Most importantly, government organizations are using AI-driven predictive threat detection to stay ahead of sophisticated cyberattacks by state-sponsored groups.
Prevent, secure, be successful
States cannot choose when to engage in cyber warfare – unfortunately, it is beyond our control. Therefore, given the fast pace of these organizations and individuals, today’s leaders and government organizations must be prepared to respond with effective secure cyber protocols, particularly DMARC (Domain-based Message Authentication, Reporting & Conformance) email security.
While security is important for professionals in both the public and private sectors, it is even more critical in the political arena – if not acted upon quickly, it poses a direct threat to democracy itself.
Read the full article in the Open Access Government News.