Cyber-Attacks On UK Political Parties

A British political party will be the victim of a hack similar to those suffered by the Clinton and Macron presidential campaigns, a leading security researcher has warned. 

James Norton, a former official at the US Department of Homeland Security and head of the security consultancy Play-Action Strategies, said: “It wouldn’t surprise me if there’s already been some emails stolen … it would surprise me if it didn’t happen.”

It was a matter of when, not if, a hack would take place, he said. “Campaigns are a treasure trove, especially newer campaigns where you’re trying to understand the dynamics … I would think they would be targets, if they’re not already, in terms of trying to understand what their politics would be. Even Theresa May is largely an unknown.”

The EU’s head of information security has previously advised that the risk of hacking attacks greatly increases following the dissolution of parliament. Dr Udo Helmbrecht cautioned candidates that any one of the thousands of political campaigns active over the election period could serve as a bulkhead from which to penetrate deeper into party machinery.

“If you look from a politician’s perspective or from a party’s perspective, you have different areas of concern,” Helmbrecht told the Guardian. “In Germany, the Bundestag was hacked. This was not a weakness in the classic infrastructure – it was naive treatment by parliamentarians.”

Dick O’Brien, a threat researcher at the security company Symantec, agreed that a hack like that on Macron “may well happen again”. Even a snap election left plenty of time for an interested party to take action, he added. 

“The nature of elections means that politicians are ripe for attack. Governments are well secured, political parties not so much. And then a campaign expands from a core party into a much more ad hoc organisations. That’s where you see people using resources, cloud services, with email, that they really wouldn’t use in a more permanent organisation. That really opens up the surface for an attack.”

Unlike a French or US presidential campaign, British elections are much more fragmented, with more local power and smaller national oversight. From a security standpoint, that fragmentation can be a blessing and a curse: it offers compartmentalisation, ensuring that low-level breaches do not leak data for the entire campaign, but also leads to a marked increase in the number of potential targets for an external attacker.

None of the national campaigns would comment on security matters, but all are believed to take advice from GCHQ on protecting their networks. Sitting MPs are helped by the Parliamentary Digital Service until parliament dissolves. But for parliamentary candidates who weren’t MPs before the election was called, the amount of support differs wildly.

Ryan Kalember, head of cybersecurity strategy at Proofpoint, backed Norton’s warning. “Campaigns in elections around the world must ensure that they have implemented proper defences around phishing, including email security and multi-factor authentication, ideally via hardware keys,” he said.

“Our research has shown that attackers are relentlessly working to exploit the email communication channel regardless of their level of sophistication, motivation, or country. Email is their top target because it provides the easiest opening into an organisation, one of the easiest routes for exporting confidential information and for political purposes, email content itself offers an inside look at strategies, motivations and personalities.”

The fragmentation of constituency campaigns does offer security benefits as well, however. Campaigns’ access to data is limited to that relevant to their local area. Similarly, the vast array of different services used by various campaigns makes it harder to use a one-size-fits-all attack. A fake Gmail login page, for instance, will be less able to trick a campaign run from a Hotmail email address. 

Political parties are using social media platforms more than ever - and much of their output is finely targeted and difficult to track.The Conservatives seem to be flooding Facebook users in marginal constituencies with anti-Jeremy Corbyn attack adverts, designed to draw away the Labour faithful. Labour are also using Facebook advertising, but their messages are less focused on leaders and their personalities. 

Guardian:      BBC:

You Might Aslo Read:

Algorithms: An Unseen Influence On The UK Election:

Germany May Go Offensive After Russian Cyber Attacks:

Russian Hackers Sow Disinformation Via Leaks:

Hackers Came, But the French Were Prepared:

 

 

« N. Korea Fires Another Ballistic Missile
China Postpones Implementing New Cybersecurity Law »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DataSunrise

DataSunrise

DataSunrise Data-Centric high-performance security software protects the sensitive data in real-time in cloud or on premises, and helps organizations to stay compliant.

Privitar

Privitar

Privitar is leading the development and adoption of privacy engineering technology enabling our customers to innovate and leverage data with an uncompromising approach to data privacy.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

Omada

Omada

Omada is a leading provider of IT security solutions and services for identity management and access governance.

ComCERT

ComCERT

ComCERT SA is an independent, private consulting company focusing in the assistance of its customers facing the dangers of cyber threats and security incidents.

Verifi

Verifi

Verifi is an award-winning provider of end-to-end payment protection and risk management solutions.

PROOF

PROOF

PROOF is a Brazilian leader in cybersecurity. Our goal is to assist our Customers in managing security efficiently and in tune with business needs.

Bureau Veritas

Bureau Veritas

Bureau Veritas are a world leader in Testing, Inspection and Certification. We provide certification and training services in areas including cybersecurity and data protection.

Aversafe

Aversafe

Aversafe provides individuals, employers and certificate issuers around the world with a first line of defense against credential fraud.

Digital Beachhead

Digital Beachhead

Digital Beachhead has the expertise to provide a range of Cyber Risk Management and other Professional Services with specifically tailored solutions at competitive prices.

Byos

Byos

Byos provides visibility of devices across all networks, regardless of location, integrating with your existing security stack.

Obscure Technologies

Obscure Technologies

Obscure Technologies is a firm of experts, specialised in brokering the best security solutions to market.

Bores Security Consultancy

Bores Security Consultancy

Bores Security Consultancy are an established family-run business delivering expertise in security and technology.

Atlas Cloud

Atlas Cloud

Atlas Cloud is a UK-wide provider of managed services based in Newcastle. Our ‘research-led’ approach to IT services helps leaders make better decisions about IT for their businesses.

Port443

Port443

Port443 specialises in providing Security Orchestration, Automation and Remediation (SOAR) "as a service".

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.