Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Russia among ‘usual suspects’ after elections watchdog hack, expert suggests

The details of tens of millions of voters could have been accessed by hackers who targeted the Electoral Commission, the body confirmed.

Dominic McGrath
Wednesday 09 August 2023 12:15 BST
Hostile actors could be behind the Electoral Commission hack, experts believe (Alamy/PA)
Hostile actors could be behind the Electoral Commission hack, experts believe (Alamy/PA)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Russia is being pointed to as among the potential culprits behind the hack targeting the elections watchdog.

The details of tens of millions of voters could have been accessed by hackers who targeted the Electoral Commission, the body confirmed this week.

While it said there was little risk that the cyber attack could be able to influence the outcome of a vote, it apologised for the breach in its systems.

Cyber security experts believe that the hack bears the hallmarks of a state-backed attack.

It is most likely that the reason for this intrusion, given the type of data accessed and the length of time the adversary had in the network, fits with a state-led cyber operation

James Sullivan, Royal United Services Institute

James Sullivan, director of cyber research at the Royal United Services Institute for Defence and Security Studies (Rusi), said that determining the perpetrator was currently just speculation.

But he said it was difficult to ignore the “usual suspects” of Russia and China.

“Most state-led cyber operations are conducted to gather intelligence and spy. And when we look at some of the data that has been accessed, there was no financial impact from this incident as far as we know.

“It is most likely that the reason for this intrusion, given the type of data accessed and the length of time the adversary had in the network, fits with a state-led cyber operation,” he said.

The attack, which was publicly confirmed on Tuesday, was identified in October 2022, but the hackers had first been able to access the commission’s systems in August 2021.

The hackers were able to access reference copies of the electoral registers, held by the commission for research purposes and to enable permissibility checks on political donations.

The registers held at the time of the cyber attack included the name and address of anyone in the UK who was registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters.

But they did not include the details of those registered anonymously.

When we are looking at this, I think it is probably appropriate to look to the usual suspects of hostile actors

James Sullivan, Royal United Services Institute

The register for each year holds the details of around 40 million individuals, which were accessible to the hostile actors, although this includes people on the open registers, whose information is already in the public domain.

The National Cyber Security Centre said it had provided the commission with expert advice and support.

Mr Sullivan stressed that whoever carried out the attack has “plausible deniability” and currently only limited information is known about the hack.

But he warned: “When we are looking at this, I think it is probably appropriate to look to the usual suspects of hostile actors.

“We have seen that China conducts a lot of espionage like this… They are willing to conduct espionage where they sit in a network for a long period of time.

“Russia as we know conducts all sorts of cyber operations, from cyber crime to espionage.”

Mr Sullivan added: “The best conclusion we can draw to who conducted this is the fact the threat actor was willing to sit quietly in the network for a long period. That certainly tallies with the type of espionage activity that hostile state actors would carry out.”

The Rusi expert said the hack highlighted that “parts of the UK’s democratic process and institutions are targets for hostile actors, so we should all rightly be concerned about that”.

There are, he added, lessons to be learnt and stressed the need for organisations not to wait to fall victim to a cyber attack before moving to secure their systems.

More broadly, Mr Sullivan said it was important to be aware of the “psychological impact” of hacks on bodies such as the Electoral Commission.

They can, he said, “undermine trust and confidence in the system and electoral processes and that can be taken advantage of in a number of ways”.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in