Cyberspace: key geopolitical events in 2024

The year 2024 will be marked by several significant political and geopolitical events that will have repercussions in cyberspace. What are they, and what are the cybersecurity risks?

The 2024 political elections

As the war in Ukraine and the Israeli-Palestinian conflict continue towards the end of 2023, major political elections will mark the year 2024 and cyberspace.

The presidential election in Taiwan

On 13 January 2024, the presidential election in Taiwan took place. This event was under close surveillance as the candidate from the ruling party (Democratic Progressive Party), whom China strongly opposes, was favoured by a divided Taiwanese opposition. The United States was also paying close attention to the situation, at a time when tensions with the People’s Republic of China were intensifying. The opposition parties, namely the Kuomintang and the Taiwan People’s Party (TPP), were said to be “in favour of easing relations with Beijing.” The result of the election saw the ruling party’s candidate securing a decisive victory, further cementing the Democratic Progressive Party’s position in Taiwan’s political landscape.

The U.S. presidential election

On November 5, 2024, the new U.S. president will be elected. This election has significant geopolitical implications, with the likely candidacy of former President Donald Trump. Should he win, his positions regarding the war in Ukraine or his repeatedly expressed desire to leave NATO would cause global upheavals.

The european elections

In Europe, from June 6 to 9, 2024, the European elections will take place. New representatives to the European Parliament will be elected. Political campaigns have already started and will set the political agenda in France at the beginning of the year.

The 2024 Olympic Games

The Paris 2024 Olympic Games will be held from July 26 to August 11. This sporting event is also a geopolitical event that will greatly increase the visibility of the French capital and the country as a whole. Authorities have already warned of an unprecedented increase in the level of risk of cyberattacks during the preparation and launch period of the Olympics.

Repercussions in cyberspace in 2024

These geopolitical events provide opportunities for cyber attackers to conduct large-scale operations, leading to a likely increase in the alert level for nations and organizations, especially in critical sectors.

Three main types of cyber threats

Often state-sponsored or para-state in origin, these cyber threats can be classified into three main categories.

Espionage

Cyber espionage involves stealing confidential and sensitive data, sometimes classified, from a nation or organization. This could involve intercepting information about an upcoming election to learn the outcome or harming a company’s competitive advantage. A company’s intellectual property, as well as a nation’s scientific and technical potential, can also be at stake.

Sabotage

Some cyberattacks aim to sabotage a major event, infrastructure, or a country’s critical installation. They may target computer and communication systems, networks, or databases, disrupting their proper functioning or causing irreversible damage. The goal is to harm the security and economy of a nation. Activism can also be a cause of sabotage, for example, during the Olympics, to disrupt the events of a particular country. Sabotage generally results in temporarily or permanently ending an activity and leads to severe financial losses.

Known example of sabotage: Stuxnet. Discovered in 2010, this computer worm targeted and sabotaged centrifuges used for uranium enrichment in Iran. The virus was programmed to change the machines’ speed while displaying normal data to operators, causing irreversible material damage.

Subversion

Particularly used during electoral periods, subversion aims to weaken confidence in a personality, political party, or institution to influence public opinion. Disinformation campaigns, especially on social media or via the media, are the most visible part. On a national scale, subversion leads to political instability. In companies, it can lead to governance disruptions.

Example of subversion: the Hillary Clinton email affair. In 2015, The New York Times reported that Hillary Clinton used a personal email address for official communications while she was Secretary of State of the United States. This revelation raised questions about the protection of classified information. Just days before the 2016 presidential election, the FBI announced it was reopening the investigation after discovering new emails on the computer of the husband of one of Clinton’s aides. A major controversy that may have influenced the election outcome.

The hack and leak phenomenon

The “hack and leak” phenomenon involves cyber attackers obtaining data, through cyber espionage, for example, and immediately leaking it online. Generally used in disinformation operations, hack and leak is a method of subversion with political consequences.

Known example of hack and leak: In France, two days before the second round of the 2017 presidential election, the “Macron Leaks” affair occurred. Documents related to Emmanuel Macron and his movement En Marche! appeared online. The campaign team confirmed that fake documents were mixed with real ones, aiming for disinformation.

Increased vigilance for nations and organizations

In summary, in 2024, economic and geopolitical uncertainty, along with major political upheavals, expose nations and organizations to significant cyber risks.

Measures to strengthen cybersecurity and cyber resilience will be crucial. The mandatory implementation of the NIS 2 regulation within EU member states by the end of the year will be beneficial. However, the time between the obligation and regulatory compliance will take time for organizations.

From now on, companies and public administrations must double their efforts to prepare for these important international events and strengthen their digital operational resilience in the face of potential crises.