The National Cyber Security Centre (NCSC) has published updated guidance for election candidates and political parties.
The NCSC said the guidance aims to raise awareness of cyber-threats to democratic processes and institutions, and to help prevent attacks on both organisations and individuals.
The publication includes guidance on identity and access management policies; enhancing website security; preventing digital impersonation; educating constituents about misinformation; and preparing for ransomware and deep-fake attacks.
Among the areas covered are the use of strong passwords and multi-factor authentication, understanding the different types of cyberattacks and how to protect devices.
When it comes to artificial intelligence (AI), the guide warns that Generative AI can be used to assist with the creation of malware, enhance cyberattacks, and can be used to create lifelike audio, realistic fake images, counterfeit social media profiles, and deepfakes.
“AI-powered chatbots can also be used in phishing attempts, information manipulation, and cybercrime,” the guide notes.
“These tactics are not new, but AI enables their deployment with greater speed, sophistication, and lower cost, posing enhanced risks to election security,” it adds.
NCSC Director Richard Browne said they are work closely on an ongoing basis with the local authorities who have responsibility for running elections, as well as the Electoral Commission.
“However we are also conscious of the impacts of any potential cyberattack on the candidates themselves, or the parties they represent,” Dr Browne said.
“It is vital that we guard against the potential for an attack at any point within the electoral cycle, and that we continue to raise awareness amongst those taking part in elections of the importance of strengthening the security and resilience of the ICT systems and devices they are using,” he added.
