Russians blamed for cyber attack that put details of 40 million voters at risk
Russians are suspected of being behind a cyber attack on Britain's elections watchdog.
The hack of the UK’s electoral register may have affected tens of millions of voters and is deeply embarrassing for the Electoral Commission. A probe by security officials is continuing but evidence of Russian activity has been detected, according to The Times. However, there is no evidence at this stage of links to the Kremlin.
Sir David Omand, a former director of the Government’s eavesdropping station GCHQ, suspected Russians were behind the attack. He pointed to their recent interference in ballots in Britain, the US, France and Germany. Sir David said Russia would be "first on my list of suspects".
He told the BBC: "Russians - and I point to them in particular - have been interfering with democratic elections for some years now. Think of the 2016 US election, and then the French election, and then the German election, even our own 2019 election. They have been trying to interfere with the democratic process. The Electoral Commission is there to protect that process, and therefore it is not at all surprising that hostile agencies would try and hack into the Electoral Commission - find out what they are up to, find out if there is any way of using their information to tilt the table during an election, which there isn't. But it's the kind of exploration I would expect to happen."
Hackers had access to the Commission’s systems for 14 months before the attack was noticed. “Hostile actors" were able to access electoral registers, the body revealed as it warned anyone who registered to vote between 2014 and 2022 to be "vigilant for unauthorised use or release of their personal data".
Teachers, civil servants and train drivers walk out in biggest strike in decade
Are you worried about a Russian cyber attack? Vote in our poll HERE to have your say.
The organisation said it had been hacked but was "not able to know conclusively" what information was accessed. Attackers first broke into the Commission's systems in August 2021 but the web raid went undiscovered until October 2022 - giving the hackers 14 months to steal information.
Labour's deputy leader Angela Rayner said: "This deeply concerning attack serves as a reminder of the critical importance of Britain's resilience to cyber attacks. Our democracy is a foundation of our society and every effort must be made to protect it. This serious incident must be fully and thoroughly investigated so lessons can be learned."
Electoral Commission chief executive Shaun McNally said: "We regret that sufficient protections were not in place to prevent this cyber attack. Since identifying it we have taken significant steps, with the support of specialists, to improve the security, resilience and reliability of our IT systems. We know which systems were accessible to the hostile actors, but are not able to know conclusively what files may or may not have been accessed.”
The registers held at the time of the cyber attack include the name and address of anyone in the UK who was registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters. The Commission's email system was also accessible during the attack. Analysts have become increasingly concerned that Britain’s enemies - or agencies acting on hostile states’ behalf - could try to interfere in UK elections. Mr McNally claimed Britain’s largely paper-based process of ballots meant it would be "very hard" for hackers to influence the outcome of a vote.
A spokesman for the National Cyber Security Centre - part of GCHQ - said: "We provided the Electoral Commission with expert advice and support to aid their recovery after a cyber incident was first identified. Defending the UK's democratic processes is a priority for the NCSC and we provide a range of guidance to help strengthen the cyber resilience of our electoral systems."
An Information Commissioner’s Office spokeswoman said: “The Electoral Commission has contacted us regarding this incident and we are currently making enquiries. We recognise this news may cause alarm to those who are worried they may be affected and we want to reassure the public that we are investigating as a matter of urgency.” The information watchdog can slap hefty fines on organisations which breach rules regarding data protection.
* Follow Mirror Politics on Snapchat, Tiktok, Twitter and Facebook
Read more similar news:
Comments:
comments powered by Disqus
