Russian or Chinese Hackers Blamed After Electoral Commission Cyberattack

Save

8/9/2023

Updated:

8/9/2023

0:00

Cyber security experts believe Russia is the prime suspect for a hack of the Electoral Commission that may have enabled access to the details of tens of millions of voters.

The hackers were able to find the name and address of anyone in the UK who registered to vote between 2014 and 2022.

The Electoral Commission confirmed details of the hack on Tuesday and a statement on its website said: “The incident was identified in October 2022 after suspicious activity was detected on our systems. It became clear that hostile actors had first accessed the systems in August 2021.”

The commission said, “During the cyber-attack the perpetrators had access to the commission’s servers which held our email, our control systems, and copies of the electoral registers.”

It went on to say, “They were able to access reference copies of the electoral registers, held by the commission for research purposes and to enable permissibility checks on political donations.”

‘Breach Does Not Pose a High Risk to Individuals’

The commission said, “It is our assessment that the information affected by this breach does not pose a high risk to individuals and this notification is being given due to the high volume of personal data potentially viewed or removed during the cyber-attack.”

The names and addresses in question were already in the public domain as the electoral register in every constituency in the UK is freely available for scrutiny.

The commission apologised for its systems being breached and said, “We have worked with security specialists to investigate the incident and have taken action to secure our systems and reduce the risk of future attacks.”

A tweet from the Electoral Commission is displayed on a computer screen in London on Aug. 8, 2023. (Leon Neal/Getty Images)

The National Cyber Security Centre said it had provided the commission with expert advice and support.

James Sullivan, director of cyber research at the Royal United Services Institute for Defence and Security Studies (RUSI), said the “usual suspects” of Russia and China had to be in the frame.

He said, “Most state-led cyber operations are conducted to gather intelligence and spy, and when we look at some of the data that has been accessed, there was no financial impact from this incident as far as we know.”

“It is most likely that the reason for this intrusion, given the type of data accessed and the length of time the adversary had in the network, fits with a state-led cyber operation,” Mr. Sullivan added.

‘China Conducts a Lot of Espionage Like This’

Mr. Sullivan said: “We have seen that China conducts a lot of espionage like this … They are willing to conduct espionage where they sit in a network for a long period of time.”

Sir David Omand, former director of GCHQ, told BBC Radio 4’s “PM” programme the Kremlin would be at the top of his “list of suspects.”

Sir Richard Dearlove, the former head of MI6, told The Telegraph, “Russia would be at the top of the suspects list by a mile.”

In June this year a Russian hacking group claimed responsibility for an attack on the social media group Reddit.

The ALPHV ransomware group threatened to leak censorship and other sensitive, stolen information in relation to Reddit if the company did not pay $4.5 million.

PA Media contributed to this report.

Russian or Chinese Hackers Blamed After Electoral Commission Cyberattack

Commission says hack 'does not pose a high risk to individuals'

‘Breach Does Not Pose a High Risk to Individuals’

‘China Conducts a Lot of Espionage Like This’

Dominic Cummings to Launch Political Party If Tories Lose Election

Britons Accused of Spying for China Face 2025 Trial

Alleged Russian Spy Expelled as Moscow Urged to Stop ‘Malign Activity’

Pedestrian Who Swore at Cyclist Has Manslaughter Conviction Overturned