Op-Ed: The spotlight is on Australia’s election, but what looms in the cyber shadows?

Looking ahead to Australia’s federal election, there are two primary ways we have seen malicious actors manipulate election results that we could experience soon: direct attacks on technology and the spread of misinformation to influence voter behaviour.

Securing the ballot

Most voting systems require physical ballots, either mailed in or cast at designated locations, which reduces the attack surfaces available to hackers. However, vulnerabilities still exist in electronic vote-tallying machines, voter roll databases, and even scanners used to count paper ballots.

One of the strongest defences against cyber attacks is ensuring that election systems are not connected to the internet, a practice known as “air-gapping”. This prevents remote attacks, but it does not eliminate risks entirely. Voting machines and vote-tallying equipment are still accessible to malicious insiders who may attempt to tamper with results.

VIEW ALL

Another challenge is ensuring that election technology is fit for today’s standards. Voting machines often remain in storage for long periods, making them susceptible to security vulnerabilities. Regular, securely provided software updates are critical to maintaining their integrity. In recent years, hacking contests like the 2019 Voting Village at DEF CON have exposed vulnerabilities in voting machines, pressuring manufacturers to improve security.

Beyond machines, broader election infrastructure websites and public communication channels are also under increasing threat from threat actors’ misinformation campaigns.

The disinformation threat

One of the most effective ways to undermine democracy is not through direct manipulation of votes, but by fostering doubt and distrust in the election process. Cyber criminals and foreign adversaries can use disinformation to sow confusion, erode confidence in results, and even change voter behaviour.

Disrupting the vote-counting process is one method used to create chaos. While voting machines may be protected, the computers used to scan and tabulate ballots are often everyday office PCs. These systems are vulnerable to DDoS attacks and malware, which can delay results and fuel speculation about election integrity.

Attribution is another challenge in cyber warfare. False flag operations, where attacks are designed to appear as if they were conducted by another entity are common. For example, the cyber attacks against the 2018 Winter Olympics in South Korea were initially attributed to North Korea, but later evidence pointed to Russian involvement. Hackers also target election officials by using advanced phishing tactics. These malware-laced emails allow them access to critical election-related systems, as seen in the US election in 2016.

Social media platforms have also become breeding grounds for disinformation. AI-generated content can rapidly produce misleading narratives, making it difficult for voters to distinguish between fact and fiction. A common tactic is to spread false information about voting times, locations, or eligibility requirements to suppress voter turnout among specific demographics.

Especially alarming is that with just basic web design tools, AI, and a few hundred dollars, malicious actors can launch full-blown campaigns that look legitimate on the surface. Sophos has already demonstrated how attackers can use AI to generate thousands of fake political websites and generate highly targeted and destructive misinformation. This alone will only become more advanced and convincing in years to come. So, what can be done about it?

Defending the vote

The integrity of an election hinges on the ability to verify its results. No electronic system should be fully trusted without physical records that can be manually audited. Paper ballots remain the gold standard for ensuring that votes are counted accurately; however, in an increasingly digital world, that won’t always remain an option.

Transparency is key. Election procedures, including the software used in vote-tallying, should be subject to public scrutiny. While not all software needs to be open source, it must be independently verifiable to ensure there are no hidden vulnerabilities or backdoors.

Beyond technological defences, governments and states must establish protocols to address potential cyber incidents. This includes training election staff on how to respond to system malfunctions and ensuring that election devices are equipped with cyber security detection and response tools. Such solutions provide forensic evidence in the event of an attack, helping investigators trace the source of anomalies.

In the event of a cyber incident, election officials should follow simple but effective protocols: disconnect the compromised device from the network, keep it powered on to preserve evidence, and immediately alert cyber security experts.

Keeping faith in a tech-driven vote

Technology is playing an increasing role in elections, offering efficiency and accessibility. However, it must be implemented with caution. The greatest challenge is not just securing voting machines but combating the widespread distribution of misinformation.

Regulation, research, and cooperation from social media platforms are essential in mitigating the effects of AI-driven disinformation. Efforts must be made to detect and counter false narratives before they influence voters.

As Australians head to the polls, they must remain informed and cautious. Cyber threats will continue to evolve, but by embracing transparency, security, and vigilance, we can protect the integrity of our democracy.