Blab Politics
New Zealand Electoral Commission Prepares for AI-Driven Cyber Threats Ahead of November Election
As November’s election looms, New Zealand’s Electoral Commission is tightening its cyber defenses in response to a new, AI‑driven threat landscape. Acting chief electoral officer Mark Lawson told RNZ that the Commission is reviewing its systems after a joint warning issued on Tuesday by the National Cyber Security Centre (NCSC) and its Five Eyes partners.
Lawson emphasized that the Commission’s confidence comes from long‑standing information‑security practices aligned with NCSC guidance and the New Zealand Information Security Manual (NZISM). While the agency cannot reveal specific defensive measures, it confirmed that every election cycle its platforms undergo comprehensive testing, with adjustments made to address emerging risks.
The warning follows tests of frontier AI models that have raised alarms about their capacity to facilitate coordinated cyber attacks. Anthropic’s unreleased model, Mythos, was shared with the New Zealand government for pre‑release testing, according to a source. Earlier U.S. trials prompted Palo Alto Networks to warn of a “tsunami” of cyber attacks, with vice‑president Nicole Quinn noting that elections will always be targeted.
Across the Pacific, U.S. lawmakers are reportedly making a last‑chance effort to draft federal AI rules before the mid‑term elections, as reported by Politico. A chair of a Homeland Security committee said the models are reshaping the threat landscape and that the federal government cannot be the last to understand their capabilities. Meanwhile, the United Kingdom and Australian AI safety institutes have agreed to collaborate, while New Zealand relies on Five Eyes support due to the absence of a domestic AI safety institute.
The NCSC’s joint warning urged governments to harden critical infrastructure. The Commission’s guidance does not call for new testing against frontier AI; instead, it stresses the implementation of existing cyber‑security mitigations. A Science publication highlighted that “swarms of collaborative, malicious AI agents can coordinate autonomously, infiltrate communities, and fabricate consensus efficiently,” underscoring the democratic threat.
Victoria University research on the 2023 election found that online disinformation was not as widespread as feared, a finding the Commission notes when assessing risk. Palo Alto Networks’ lead security unit participated in briefings by the NCSC for government agencies and private companies.
At present, the Electoral Commission remains confident that its systems are secure, relying on NZISM‑compliant practices and ongoing testing. The next steps involve continued monitoring of AI developments, coordination with international partners, and readiness to respond to any emerging cyber incidents before the November vote.
In the weeks ahead, the Commission will hold a series of briefings with its Five Eyes counterparts to exchange threat intelligence and best practices. It will also review its incident‑response playbooks to ensure they can address AI‑enabled attack vectors. Meanwhile, the NCSC will provide updated guidance on securing critical infrastructure, including election‑related systems. The Commission’s chief officer has signaled that any new vulnerabilities uncovered during testing will prompt immediate remediation.
Ultimately, the agency’s strategy hinges on proven defensive measures, continuous testing, and close collaboration with international partners. By maintaining a vigilant posture and leveraging the collective expertise of the Five Eyes network, New Zealand aims to safeguard its electoral process against the evolving capabilities of advanced artificial‑intelligence models.
Lawson emphasized that the Commission’s confidence comes from long‑standing information‑security practices aligned with NCSC guidance and the New Zealand Information Security Manual (NZISM). While the agency cannot reveal specific defensive measures, it confirmed that every election cycle its platforms undergo comprehensive testing, with adjustments made to address emerging risks.
The warning follows tests of frontier AI models that have raised alarms about their capacity to facilitate coordinated cyber attacks. Anthropic’s unreleased model, Mythos, was shared with the New Zealand government for pre‑release testing, according to a source. Earlier U.S. trials prompted Palo Alto Networks to warn of a “tsunami” of cyber attacks, with vice‑president Nicole Quinn noting that elections will always be targeted.
Across the Pacific, U.S. lawmakers are reportedly making a last‑chance effort to draft federal AI rules before the mid‑term elections, as reported by Politico. A chair of a Homeland Security committee said the models are reshaping the threat landscape and that the federal government cannot be the last to understand their capabilities. Meanwhile, the United Kingdom and Australian AI safety institutes have agreed to collaborate, while New Zealand relies on Five Eyes support due to the absence of a domestic AI safety institute.
The NCSC’s joint warning urged governments to harden critical infrastructure. The Commission’s guidance does not call for new testing against frontier AI; instead, it stresses the implementation of existing cyber‑security mitigations. A Science publication highlighted that “swarms of collaborative, malicious AI agents can coordinate autonomously, infiltrate communities, and fabricate consensus efficiently,” underscoring the democratic threat.
Victoria University research on the 2023 election found that online disinformation was not as widespread as feared, a finding the Commission notes when assessing risk. Palo Alto Networks’ lead security unit participated in briefings by the NCSC for government agencies and private companies.
At present, the Electoral Commission remains confident that its systems are secure, relying on NZISM‑compliant practices and ongoing testing. The next steps involve continued monitoring of AI developments, coordination with international partners, and readiness to respond to any emerging cyber incidents before the November vote.
In the weeks ahead, the Commission will hold a series of briefings with its Five Eyes counterparts to exchange threat intelligence and best practices. It will also review its incident‑response playbooks to ensure they can address AI‑enabled attack vectors. Meanwhile, the NCSC will provide updated guidance on securing critical infrastructure, including election‑related systems. The Commission’s chief officer has signaled that any new vulnerabilities uncovered during testing will prompt immediate remediation.
Ultimately, the agency’s strategy hinges on proven defensive measures, continuous testing, and close collaboration with international partners. By maintaining a vigilant posture and leveraging the collective expertise of the Five Eyes network, New Zealand aims to safeguard its electoral process against the evolving capabilities of advanced artificial‑intelligence models.
