Preluding 2024 EU elections, the NIS Cooperation Group with the support of the EU Agency for Cybersecurity (ENISA), the European Commission and the European External Action Service updated the compendium on elections cybersecurity.
The first compendium on elections cybersecurity was published in 2018. Since the last EU elections in 2019, the elections threat landscape has evolved significantly. For instance, the rapid developments in AI including deep fakes, hacktivists-for-hire, sophistication of threat actors along with today’s geopolitical context highlight the necessity to update the compendium in order to reflect the current risks and threats.
This second version of the EU compendium on elections cybersecurity and resilience covers the whole spectrum of the electoral cycle. It presents the current underlying cybersecurity threats and risks, illustrating examples of recent past incidents and case studies. Taking into account the diversity in the national electoral processes across the EU, the compendium provides a compilation of practical recommendations and measures to be used by the EU entities and national authorities that support elections.
A core addition is the reference to hybrid threats (including emerging threats) that could affect elections’ security, such as foreign information manipulation interference (FIMI), disinformation on social media, AI and deep fakes.
EU Elections at Risk with Rise of AI-Enabled Information Manipulation |
The NIS Cooperation Group
The NIS Cooperation Group, composed of representatives of EU Member States, the European Commission, and the European Union Agency for Cybersecurity (ENISA), has been established by Article 14 of the Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS2 Directive). The NIS Cooperation Group supports and facilitates strategic cooperation and the exchange of information among Member States, as well as strengthens trust and confidence between the EU Member States regarding cybersecurity issues.
ENISA efforts to further enhance EU elections cybersecurity
In addition to the EU Compendium published today, ENISA undertakes a number of other actions to support measures to ensure free and fair elections. ENISA together with partners organised a cybersecurity exercise (EU ELEx 23) to test national and EU partners’ crisis plans and responses to potential cybersecurity incidents affecting the European elections. The Agency has produced a check list for entities and national authorities that support or are involved elections in order to raise awareness on threats and risks to elections. To increase the common situational awareness for the community, ENISA shares biweekly threat briefs to the relevant stakeholders.
More information: ENISA
Leave a Reply