SNP warn of threat to democracy as Russia accused of cyber attack on Electoral Commission

The details of tens of millions of voters could have been accessed by hackers.

The have warned of a threat to democracy if Britain’s institutions are not properly protected after Russia was accused of a cyber attack on the Electoral Commission.

Tens of millions of voters could have had their details accessed by hackers, with experts suggesting the Kremlin or China may be responsible.

Hide Ad
Hide Ad

While the cyber attack could not influence the outcome of a vote, the Electoral Commission has still apologised for the breach in its systems.

The Electoral Commission confirmed it had been the victim of a hack.The Electoral Commission confirmed it had been the victim of a hack.
The Electoral Commission confirmed it had been the victim of a hack.

Now Stewart McDonald MP, a senior backbencher with the SNP, has labelled the attack “deeply concerning”.

He said: “If the Kremlin is behind this attack, as the former directors of MI6 and GCHQ have suggested, it would represent yet another example of Russia’s attempts to undermine our democracy and the institutions which underpin it.

“As we enter an age in which the use of cyber warfare is increasingly pervasive, the UK government must strive to better understand these threats and take appropriate action to prevent such incidents from occurring.

“It is vital that the source of this hack is quickly identified and swift action taken to ensure that the institutions vital to the functioning of our democracy are insulated from malicious state actors.”

Earlier cyber security experts suggested the hack bears the hallmarks of a state-backed attack.

James Sullivan, director of cyber research at the Royal United Services Institute for Defence and Security Studies (Rusi), said that determining the perpetrator was currently just speculation.

But he said it was difficult to ignore the “usual suspects” of Russia and China.

Hide Ad
Hide Ad

“Most state-led cyber operations are conducted to gather intelligence and spy. And when we look at some of the data that has been accessed, there was no financial impact from this incident as far as we know.

“It is most likely that the reason for this intrusion, given the type of data accessed and the length of time the adversary had in the network, fits with a state-led cyber operation,” he said.

The attack, which was publicly confirmed on Tuesday, was identified in October 2022, but the hackers had first been able to access the commission’s systems in August 2021.

The hackers were able to access reference copies of the electoral registers, held by the commission for research purposes and to enable permissibility checks on political donations.

The registers held at the time of the cyber attack included the name and address of anyone in the UK who was registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters.

The National Cyber Security Centre said it had provided the commission with expert advice and support.

Mr Sullivan stressed that whoever carried out the attack has “plausible deniability” and currently only limited information is known about the hack.

But he warned: “When we are looking at this, I think it is probably appropriate to look to the usual suspects of hostile actors.

Hide Ad
Hide Ad

“We have seen that China conducts a lot of espionage like this… They are willing to conduct espionage where they sit in a network for a long period of time.

“Russia as we know conducts all sorts of cyber operations, from cyber crime to espionage.”



Want to join the conversation? Please or to comment on this article.