As technology advances rapidly, threats to democratic institutions remain potent while becoming more invisible than ever.
The worldwide proportion of elections targeted by cyber threat activity increased from 23% in 2021 to 26% in 2022, according to the Canadian Centre for Cyber Security’s Cyber Threats to Canada’s Democratic Process: 2023 Update.
Cyber threat activity takes on many forms, from influencing voters through weaponized propaganda to dismantling the integrity of election infrastructure.
Trends for 2023 include the rise of generative AI, which is being used primarily to influence voters with “deepfake” content, and the fact that cyber attackers are getting better at hiding their digital tracks.
“We assess it very likely that cyber threat actors will increasingly use generative AI in influence campaigns targeting elections,” the report reads, confessing that “The majority of cyber threat activity targeting elections is unattributed.”
“This latest assessment shows the growing impact of emerging technologies, like generative AI, as foreign adversaries look for new ways to target elections and influence voters,” says Sami Khoury, who serves as head of the Canadian Centre for Cyber Security.
Combatting this transmogrified threat will require a nationwide network of defenders.
“From policy makers and elections authorities to political parties and voters, we all have a role to play in defending Canada from threats to our democratic process,” believes Caroline Xavier, Chief of the Communications Security Establishment, the Government of Canada’s national cryptologic agency.
Easier said than done, of course.
Khoury is forced to admit that, “While CSE and its Cyber Centre play a critical role in protecting Canada and safeguarding our democracy, it’s not a task we can do alone.”
Collaboration is occurring throughout the country to address potential future threats.
“We will continue to work with our partners to identify and mitigate these threats and ensure the integrity of our elections,” Khoury says.
Cyberattacks increased globally by 38% from 2021 to 2022, according to data from Check Point Research. Beyond frequency, attacks are also gaining ground in areas of “sophistication and maliciousness,” a report from KPMG found.
And according to data from IBM, the average data breach costs a Canadian company $7 million—more than most countries in the world.
Under this weight, Canada is clinging to a nationwide cybersecurity dearth, with one in six roles sitting unfilled—to the tune of 25,000 total empty positions.
And over the next five years, demand for cybersecurity professionals is projected to grow by an estimated average annual rate of 2.9 per cent, research from The Conference Board of Canad shows, driven by the rapid digitalization of businesses and an increasing frequency of cyberattacks.
A variety of organizations are tackling Canada’s severe shortage, from universities like uOttawa and bootcamps such as Lighthouse Labs to private organizations including Google and Check Point, whose SecureAcademy Program in Canada provides students with cybersecurity skills, learning resources, and hands-on training.