6 minute read
THE COVER
When it comes to AI, how can we forget hackers?
The potential exploitation of artificial intelligence to disrupt the electoral process and compromise cybersecurity by hackers is far too evident to ignore it. The launch of generative AI tools and Natural Language Processors (NLP) s such as ChatGPT, Google Bard, and more, only pose new challenges to election security.
The warning comes from Lt. Gen. Timothy Haugh, Joe Biden’s nominee to lead the NSA and Cyber Command, who has raised a red flag on the growing use of generative AI technologies in political campaigns.
“As we look at this election cycle, the area we do have to consider that will be slightly different is the role of generative AI as part of this, and so our concern is foreign use attempting to be a part of our electoral process,” Haugh said during his nomination hearing, pointing the potential risk of foreign entities attempting to exploit AI’s involvement in the electoral process.
Jen Easterly, the Director of CISA, also cautioned that the swift advancements in technologies like ChatGPT could potentially enable adversaries to conduct cyberattacks.
“Imagine a world in the not-to-distant future where how-to guides, AI-generated imagery, auto-generated shopping lists are available for terrorists and for criminals, providing the capability to develop things like cyber weapons, chemical weapons, bioweapons,” Easterly said earlier this May at a security summit at Vanderbilt University in Nashville, Tennessee. “And that’s not even the worst-case scenario,” she added.
The top cybersecurity official in the Biden administration discussed the rapid adoption of large language models. This concern was raised during a meeting between the White House and leading AI companies.
Urging AI companies to break the “decade-long vicious cycle of technological innovation at the expense of security,” Easterly pointed out the launch of ChatGPT5 prior to the US election 2024, and said, “While one person will use this technology to plan an extravagant dinner party, another person will use the capability to plan a cyberattack or terror attack or to deploy shockingly realistic deep fakes.”
The launch of ChatGPT and similar AI-powered tools triggered a myriad of reactions, but its misuse has emerged as a pressing concern.
Multiple cybersecurity incidents have exposed how hackers have exploited this technology to orchestrate malicious phishing campaigns, generate harmful malware codes, and effectively deceive individuals.
But the real question is, is the US government ready to protect itself and its people from the attacks?
The growing proficiency of ChatGPT also means it has the potential to dramatically reduce the cost and time required for crafting misinformation, disinformation, and propaganda.
The accessibility of this AI tool empowers adversaries to escalate the scale of their deceptive activities, posing significant challenges to election integrity and cybersecurity.
Termed as a “game changer” to run phishing campaigns, ChatGPT and similar chatbots can be easily manipulated to write well-crafted, hard-to-detect phishing emails, easily garnering a large number of victims..
Interestingly, ChatGPT also has the ability to write falsified campaign newsletters, as demonstrated by AFP with their experiment where they asked the chatbot to prepare a campaign newsletter supporting Trump, giving it false statements.
The AI swiftly produced a polished document featuring those falsehoods. Neither debunking nor refusing to create falsified information, the chatbot generated a newsletter that could be used to spread misinformation without anyone questioning its credibility. As we all know, things do not take much time to go viral.
The never-ending list of cyber threats to the 2024 US Election
Hackers can do this, too, and cause a lot more damage.
Earlier this February, an undercover investigation exposed the activities of ‘Team Jorge,’ a group of Israeli contractors who claimed to offer services specializing in weaponizing disinformation for election meddling.
The evidence, as The Guardian reported, suggested their involvement in disinformation campaigns spanning across the globe. Tal Hanan, the alleged mastermind behind the operation, claimed involvement in 33 presidential elections.
There may be many such hacker groups, originating from Russia, China, and Iran. Their intentions may go beyond disrupting security and extend to endorsing and elevating specific candidates, as we witnessed during the 2016 election campaign.
Russian hackers effectively undermined Hillary Clinton, resulting in Donald Trump’s victory, highlighting the concerning tactics at play in modern elections.
Addressing the vulnerability posed by the decentralized system of thousands of local voting jurisdictions in America, Jen Easterly warned of the looming foreign cyber threat to the 2024 voting process.
Expressing concern over the potential retaliation from Russia, and the showdown between China and the US, especially after the shooting of the suspected “spy balloon,” Easterly warned of possible cyber interference ahead of elections by the two nations.
“We have not seen anything here, but I’d like to end that with the word – yet,” said Easterly at the annual gathering of the National Association of Secretaries of State, AP reported
According to the report, a major concern lies in the decentralized nature of America’s election system, with approximately 10,000 local voting jurisdictions, including counties and townships, not having sufficient funding for new equipment, trained staff, or updated training for election workers.
Moreover, several new hacker collectives have erupted in the recent past and have targeted various US organizations, especially after the country extended support to Ukraine amid the ongoing Russo-Ukrainian War.
Hacktivism and 2024 Elections
The emergence of the self-proclaimed hacktivist group Anonymous Sudan, which gained prominence in January 2023, is a major cause of concern for the US.
The hacker collective claims to be waging a cyber war against Islamophobia and the oppression of Muslims. However, the intent doesn’t seem to be evident, given the absurdity of their attacks, especially on the US.
Anonymous Sudan group has repeatedly claimed responsibility for targeting the US through mass Distributed Denial-of-Service (DDoS) with attacks spanning crucial sectors, including government, critical infrastructure, technology, healthcare, financial services, and even media.
Prominent American organizations like the US Department of Defense, PayPal, American Express, Microsoft, and CNN have been specifically named as some of their major targets.
Many cybersecurity experts have linked Anonymous Sudan to Russia, asserting that the group’s primary motive is to strengthen cooperation between Russia and the Islamic world. Through their actions, they seek to further this agenda.
“Anonymous Sudan is a Russian information operation that aims to use its Islamic credentials to be an advocate for closer cooperation between Russia and the Islamic world,” Mattias Wåhlén, Stockholmbased threat intelligence expert, told Bloomberg. “Always claiming that Russia is the Muslims’ friend.”
While Anonymous Sudan is suspected to be a Russian hacker front masquerading as an Islamist group, its targeted nations, including those supporting Ukraine in the midst of the Russia-Ukraine war and the timing of its emergence, is quite suspicious and may pose an imminent threat to US elections.
Russia’s interference with the US election has continued to be a cause of concern, and the situation becomes even more intricate with the involvement of hacker groups.
“The convergence of Russian cyber hacks and information leaks may soon rise given that several countries supporting Ukraine hold elections,” noted a Microsoft report published earlier this March.
A shift in leadership and political governance may have an impact on the level of support for Ukraine.
The report also highlights how online pro-Russian actors frequently disseminate allegedly leaked information with the aim of targeting political figures and governments that support Kyiv.
Keeping in mind the availability of leaked information and data on the dark web, US election may well be its biggest target.
Data Breach. Data Leak. Attack! Attack! Attack!
In February 2022, Cyble Research and Intelligence Labs uncovered ‘datarobberman’, a threat actor posting data from the Texas Republican Campaign. The threat actor alleges that the leaked data originates from two US-based companies: EasyVote and ProtectionSolutions.
EasyVote Solutions offers software to election officials to streamline election tasks, while Protection Plus Solutions is a background check screening company.
The documents contained operational, financial, and legal information concerning the State of Texas’ Republican Party and its members.
There is no reason to believe that such cyber incidents may not happen again, especially ahead of the 2024 US elections, where malicious intent, evolving motives, and advancements in technology play a crucial role.
Additionally, earlier this May, the personal information of over 237,000 current and former federal government employees were exposed in a data breach at the US Transportation Department (USDOT).
The MOVEit vulnerability, leveraged heavily by the Russia-linked ransomware gang CL0P, impacted several US government agencies, compromising data.
“The US Cybersecurity and Infrastructure Security Agency (CISA) is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement to CNN
The leak of sensitive information such as social security numbers, credit card numbers, phone numbers, financial information, and health information, especially of those linked to the US government, can be easily exploited by hackers.
These can be used for phishing, identity theft, credential stuffing, and account takeovers. Hackers can also employ social engineering tactics, launch ransomware attacks, conduct business email compromise, and create fraudulent login pages. The list is endless.
