Category: india

As India concluded the world’s largest election on June 5, 2024, with over 640 million votes counted, observers could assess how the various parties and factions used artificial intelligence technologies—and what lessons that holds for the rest of the world.

The campaigns made extensive use of AI, including deepfake impersonations of candidates, celebrities and dead politicians. By some estimates, millions of Indian voters viewed deepfakes.

But, despite fears of widespread disinformation, for the most part the campaigns, candidates and activists used AI constructively in the election. They used AI for typical political activities, including mudslinging, but primarily to better connect with voters.

Deepfakes without the deception

Political parties in India spent an estimated US$50 million on authorized AI-generated content for targeted communication with their constituencies this election cycle. And it was largely successful.

Indian political strategists have long recognized the influence of personality and emotion on their constituents, and they started using AI to bolster their messaging. Young and upcoming AI companies like The Indian Deepfaker, which started out serving the entertainment industry, quickly responded to this growing demand for AI-generated campaign material.

In January, Muthuvel Karunanidhi, former chief minister of the southern state of Tamil Nadu for two decades, appeared via video at his party’s youth wing conference. He wore his signature yellow scarf, white shirt, dark glasses and had his familiar stance—head slightly bent sideways. But Karunanidhi died in 2018. His party authorized the deepfake.

In February, the All-India Anna Dravidian Progressive Federation party’s official X account posted an audio clip of Jayaram Jayalalithaa, the iconic superstar of Tamil politics colloquially called “Amma” or “Mother.” Jayalalithaa died in 2016.

Meanwhile, voters received calls from their local representatives to discuss local issues—except the leader on the other end of the phone was an AI impersonation. Bhartiya Janta Party (BJP) workers like Shakti Singh Rathore have been frequenting AI startups to send personalized videos to specific voters about the government benefits they received and asking for their vote over WhatsApp.

Multilingual boost

Deepfakes were not the only manifestation of AI in the Indian elections. Long before the election began, Indian Prime Minister Narendra Modi addressed a tightly packed crowd celebrating links between the state of Tamil Nadu in the south of India and the city of Varanasi in the northern state of Uttar Pradesh. Instructing his audience to put on earphones, Modi proudly announced the launch of his “new AI technology” as his Hindi speech was translated to Tamil in real time.

In a country with 22 official languages and almost 780 unofficial recorded languages, the BJP adopted AI tools to make Modi’s personality accessible to voters in regions where Hindi is not easily understood. Since 2022, Modi and his BJP have been using the AI-powered tool Bhashini, embedded in the NaMo mobile app, to translate Modi’s speeches with voiceovers in Telugu, Tamil, Malayalam, Kannada, Odia, Bengali, Marathi and Punjabi.

As part of their demos, some AI companies circulated their own viral versions of Modi’s famous monthly radio show “Mann Ki Baat,” which loosely translates to “From the Heart,” which they voice cloned to regional languages.

Adversarial uses

Indian political parties doubled down on online trolling, using AI to augment their ongoing meme wars. Early in the election season, the Indian National Congress released a short clip to its 6 million followers on Instagram, taking the title track from a new Hindi music album named “Chor” (thief). The video grafted Modi’s digital likeness onto the lead singer and cloned his voice with reworked lyrics critiquing his close ties to Indian business tycoons.

The BJP retaliated with its own video, on its 7-million-follower Instagram account, featuring a supercut of Modi campaigning on the streets, mixed with clips of his supporters but set to unique music. It was an old patriotic Hindi song sung by famous singer Mahendra Kapoor, who passed away in 2008 but was resurrected with AI voice cloning.

Modi himself quote-tweeted an AI-created video of him dancing—a common meme that alters footage of rapper Lil Yachty on stage—commenting “such creativity in peak poll season is truly a delight.”

In some cases, the violent rhetoric in Modi’s campaign that put Muslims at risk and incited violence was conveyed using generative AI tools, but the harm can be traced back to the hateful rhetoric itself and not necessarily the AI tools used to spread it.

The Indian experience

India is an early adopter, and the country’s experiments with AI serve as an illustration of what the rest of the world can expect in future elections. The technology’s ability to produce nonconsensual deepfakes of anyone can make it harder to tell truth from fiction, but its consensual uses are likely to make democracy more accessible.

The Indian election’s embrace of AI that began with entertainment, political meme wars, emotional appeals to people, resurrected politicians and persuasion through personalized phone calls to voters has opened a pathway for the role of AI in participatory democracy.

The surprise outcome of the election, with the BJP’s failure to win its predicted parliamentary majority, and India’s return to a deeply competitive political system especially highlights the possibility for AI to have a positive role in deliberative democracy and representative governance.

Lessons for the world’s democracies

It’s a goal of any political party or candidate in a democracy to have more targeted touch points with their constituents. The Indian elections have shown a unique attempt at using AI for more individualized communication across linguistically and ethnically diverse constituencies, and making their messages more accessible, especially to rural, low-income populations.

AI and the future of participatory democracy could make constituent communication not just personalized but also a dialogue, so voters can share their demands and experiences directly with their representatives—at speed and scale.

India can be an example of taking its recent fluency in AI-assisted party-to-people communications and moving it beyond politics. The government is already using these platforms to provide government services to citizens in their native languages.

If used safely and ethically, this technology could be an opportunity for a new era in representative governance, especially for the needs and experiences of people in rural areas to reach Parliament.

This essay was written with Vandinika Shukla and previously appeared in The Conversation.

Leicester City Council suffers a crippling ransomware attack, and a massive data breach, but is it out of the dark yet? And as election fever hits India we take a close eye at deepfakery. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Has the British Prime Minister been caught secretly profiting from a cryptocurrency app? Were 23andMe right to blame their users after a data breach? And Indian men have hard feelings after falling for a money-for-sex scam. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.

India has emerged as a trailblazer in proactively addressing the looming threat of cyber attacks on domestically manufactured vehicles. This initiative aligns with guidelines established by the United Nations Economic Commission for Europe World Forum for Harmonization of Vehicle Regulation, setting a precedent for global cybersecurity measures in the automotive industry.

The newly proposed regulations adhere to WP.29 standards, designed to fortify vehicle management systems against potential digital vulnerabilities. While the global push towards adopting autonomous vehicles gains momentum, original equipment manufacturers (OEMs) are diligently equipping these vehicles with advanced features. Unfortunately, there has been a noticeable lack of emphasis on securing these vehicles from cyber threats.

In response to this gap, it is imperative for both vehicle manufacturers and suppliers of original equipment to implement a robust multi-layered security framework. This approach aims to thwart hackers from compromising data and manipulating the management systems and connectivity features inherent in modern vehicles.

While much of the world, excluding Europe, is contemplating policies to safeguard automotive cars from cyber threats, India has taken a proactive stance. The country has devised a comprehensive plan simplifying the process for OEMs to safeguard their vehicles from digital assaults. Notably, this includes extending protection to electric vehicle (EV) charging stations, known as Electric Vehicle Supply Equipment (EVSEs). These stations not only supply power to EVs but also facilitate two-way communication, crucial for activities such as software updates.

The Honorable Minister of Road Transport and Highways in India, Shri Nitin Gadkari, has endorsed the March 2023 draft, making it mandatory for vehicle manufacturers to implement a defensive framework to navigate the cybersecurity challenges. The next stage involves expert scrutiny of the draft, culminating in the formulation of a bill for parliamentary approval in the upcoming session.

An intriguing aspect of this plan is its proactive approach to connected cars in the M and N categories, encompassing both passenger and commercial vehicles. Despite the fact that connected cars, predominantly observed in the highly priced electric vehicle sector, constitute less than 3% of total annual sales, this initiative underscores the significance of preemptive cybersecurity measures in an increasingly interconnected automotive landscape.

The post India to make CyberShield mandatory for Vehicles appeared first on Cybersecurity Insiders.

Apple dismisses political controversy over its security alert

Apple Inc has released a statement acknowledging attempts by state-sponsored actors to breach the devices of its users in various countries, including India. However, the company distanced itself from the ongoing espionage controversy within Indian politics, where the Opposition Congress has alleged that the ruling BJP government was conducting surveillance on its MPs and MLAs for several months. Apple has vehemently denied sending any official alerts related to this espionage to users connected with Indian politics, including prominent figures such as Mallikarjun Kharge, Shashi Tharoor, Rajiv Chandrashekar, Sitaram Yechury, Akhilesh Yadav, and Rahul Gandhi. Screenshots of these alerts sent by Apple Inc have been circulating on the internet.

Cyber Attack on British Library

In a recent development, the British Library experienced a significant IT disruption for the past two days. They confirmed that this disruption was the result of a cyberattack that occurred on October 29, 2023, the day before Halloween. Consequently, the British Library’s website is currently offline, with only its Yorkshire and London facilities open for studying. According to a Reuters report posted on X-Twitter, the incident appears to be linked to a ransomware attack in which hackers exploited a vulnerability in VMware ESXi servers to introduce malware into the library’s network.

Ransomware attack on Toronto public library

Toronto public library of Canada has also fallen victim to a ransomware attack this week, although officials have not yet confirmed the incident. Sources from the cybersecurity insiders suggest that publicly available computers and printing services at several branches were of Toronto Public Library affected, while services like Kanopy, offering online movies and digital archives, remained operational. Additionally, other reading materials were available for rent.

Ransomware payment stoppage initiative

In a global effort to combat ransomware attacks, the United States government, in collaboration with 48 other countries, has pledged not to pay ransoms when their digital assets are targeted by malware. The International Counter Ransomware Initiative, initially drafted in 2021, has received approval under the leadership of President Joe Biden, with the majority of the 48 nations agreeing to refrain from making cryptocurrency payments for ransoms. Notably, there is no plan to impose bans on transactions involving Monero and Bitcoins, as these cryptocurrencies do not effectively prevent the spread of file-encrypting malware. Anne Neuberger, the Deputy National Security Advisor in the Biden Administration, confirmed this development.

The post Trending Cybersecurity News headlines on Google appeared first on Cybersecurity Insiders.

The personal information of more than 815 million people in India has reportedly been leaked online. According to local media reports, hackers have offered for sale the personally identifiable information (PII) - including that found on Aadhaar identity cards - belonging to hundreds of millions of Indian residents. Read more in my article on the Hot for Security blog.

Numerous government websites in Canada experienced performance issues and error messages due to a cyber-attack orchestrated by the India Cyber Force. Federal intelligence agencies have expressed concerns that these attacks could escalate in severity over the upcoming weeks, coinciding with escalating tensions between the Trudeau and Modi administrations.

The genesis of this conflict can be traced back to the Canadian Prime Minister’s allegations against the government led by Shri Narendra Modi. These allegations accused the Modi government of orchestrating the assassination of a prominent Khalistan leader on foreign soil. Modi and his administration vehemently denied these claims.

In response to these accusations, a hacking group based in India, known as the Indian Cyber Force, initiated cyber-attacks on Canada’s national infrastructure. They signaled their intent to continue these intense attacks in the days ahead.

The Canadian Armed Forces’ website bore the brunt of these attacks, with the hackers successfully rendering the portal inaccessible for a period exceeding three hours. This raised eyebrows as military computer networks are typically separate from other government websites. The synchronized disruption across all these platforms was both unexpected and alarming.

Canada’s Defense Minister, Bill Blair, confirmed the incident involving the Canadian Armed Forces and attributed it to a distributed denial-of-service attack (DDoS). In this type of attack, hackers flood a web portal with fraudulent traffic, effectively preventing genuine users from accessing it and causing significant disruptions.

S. Jaishankar, India’s Minister of External Affairs, denied claims that the attack had been instigated by Indian intelligence agencies. However, he refrained from commenting on the potential involvement of a cyber organization with ties to the BJP government.

Meanwhile, the Prime Minister’s Office in Canada is closely monitoring the situation and engaging in diplomatic efforts to stay abreast of developments.

The post Canada govt websites disrupted by Cyber Attacks from India appeared first on Cybersecurity Insiders.

A few days ago, the Daily Maverick, a South African news outlet, published a contentious statement concerning Indian Prime Minister Shri Narendra Modi. Presently, the publication alleges that it has fallen victim to a sophisticated cyber assault, purportedly originating from Indian Intelligence.

Despite the allegations, official responses from the South African government and its leadership have remained notably absent. The issue has snowballed across digital and social media platforms, magnifying its impact.

Upon closer examination of the incident, the website’s initial assertion revolved around an incident during Prime Minister Modi’s visit to South Africa. The website claimed that BJP leading Modi expressed dissatisfaction with being received by a mere minister upon arrival and subsequently declined to disembark from the plane. Supposedly, he anticipated a representative from the presidential circle to welcome him, especially given his participation in the BRICS Summit on Tuesday.

In direct contradiction, a statement issued by the South African government contended that Vice President Paul Mashatile was indeed present at the Waterkloof Air Base in Pretoria, Johannesburg, poised to welcome the Indian Prime Minister. The statement clarified that a meeting between the two was scheduled to transpire within the confines of the BRICS Summit venue.

However, the Indian leader, anticipating a reception at the airport, opted not to deplane upon realizing Vice President Mashatile’s absence. It’s essential to underscore that these narratives have yet to be substantiated by official spokespersons of either nation. At present, they remain speculative assertions circulating in the media.

Complicating matters further, reports have emerged detailing an alleged Distributed Denial of Service (DDoS) attack against the servers of the Daily Maverick. These attacks are purportedly linked to hackers affiliated with the Indian government. It’s important to note that similar accusations were directed at the Chinese President, Xi Jinping. Curiously, no reports have surfaced concerning retaliatory cyber operations following the publication’s assertions in the South African news outlet.

As of Wednesday evening, the Daily Maverick’s website is inaccessible. A notice from Cloudflare, indicating network protection measures, currently occupies the site’s landing page. Restoration of the website is anticipated by Thursday afternoon.

The post South Africa claims DdoS Cyber Attack from India because of PM Narender Modi appeared first on Cybersecurity Insiders.