UK vulnerable to another massive cyber attack after electoral commission data breach, experts warn
Experts have warned it is “not a question of if, but when” Government departments will be hit by further cyber attacks after the Electoral Commission’s database was breached.
The body revealed on Monday that its databases were targeted in October 2022, but had also been previously been accessed over a year prior in August 2021.
The breach potentially revealed the name and address of anyone registered to vote between 2014 and 2022, with around 40 million people included in each year’s database, as well as the details of overseas voters.
Shaun McNally, the Electoral Commission‘s Chief Executive, said he regretted “that sufficient protections were not in place to prevent this cyber-attack”.
He said that the organisation had since “taken significant steps” alongside specialists and the National Cyber Security Centre (NCSC) to secure its systems.
But experts have raised alarm over the fact that the first breach in 2021 was not identified for over a year, and questioned whether official bodies were sufficiently investing in their cyber security.
Jamie Moles, Senior Technical Manager at cybersecurity company ExtraHop, said “it is not a question of if, but when, further government organisations will be hit by a cyber attack”.
“If the lack of security the Electoral Commission had in place is anything to go by, it is likely further departments will have been hit.”
Mr Moles continued: “This news, in tandem with the Northern Ireland Police Force leak, leaves many questioning public sector competence to defend our data.”
Bobby Cornwell, Threat Expert at security firm SonicWall, warned that this breach was “a sign that UK government systems are vulnerable, and have been for quite some time”.
“There have been comments and speculations about voter hacking since the US 2020 elections and worries will only grow after this attack, particularly considering both the UK and US are close to an election year,” he added.
Mr Cornwall said there was a risk that the hackers may misuse the information obtained, such as by “leading specific campaigns against said individuals to lure them and defraud them into ‘donating’ money under a political disguise”.
Mr McNally has insisted that the breach of electoral data was unlikely to lead to election interference, as “the UK’s democratic process is significantly dispersed” and much of it is paper-based.
Mr McNally has insisted that the breach of electoral data was unlikely to lead to election interference, as “the UK’s democratic process is significantly dispersed” and much of it is paper-based.
But the Electoral Commission admitted in its statement that the latest attack showed that the “UK’s democratic process and its institutions remain a target for hostile actors online”.
Russia has been pointed to as one of the most likely culprits of the attack, but the group or individuals behind the breach have not been confirmed.
James Sullivan, director of cyber research at security think tank Rusi, said it was difficult to ignore the “usual suspects” of Russia and China, and that the breach had the hallmarks of a “state-led cyber operation”.
Former GCHQ director Sir David Omand told BBC Radio 4’s PM programme that Moscow would be “first on my list of suspects”, as they “have been interfering with democratic elections for some years now”.
Home Office minister Robert Jenrick admitted that the Electoral Commission breach was a “significant failing”, but insisted the body was working to secure its systems.
“What the government can do is to hold them to account, to provide them with the resources through the National Crime Agency and National Cyber Security Centre to improve their procedures,” he told LBC radio on Wednesday.
The Home Office has already set up a “defending democracy task force”, Mr Jenrick noted, after previous allegations that Vladimir Putin’s regime in Russia tried to meddle in Britain’s 2016 Brexit referendum and the 2019 General Election.
