Cyber-Attacks On UK Political Parties

Uploaded on 2017-06-07 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

A British political party will be the victim of a hack similar to those suffered by the Clinton and Macron presidential campaigns, a leading security researcher has warned. 

James Norton, a former official at the US Department of Homeland Security and head of the security consultancy Play-Action Strategies, said: “It wouldn’t surprise me if there’s already been some emails stolen … it would surprise me if it didn’t happen.”

It was a matter of when, not if, a hack would take place, he said. “Campaigns are a treasure trove, especially newer campaigns where you’re trying to understand the dynamics … I would think they would be targets, if they’re not already, in terms of trying to understand what their politics would be. Even Theresa May is largely an unknown.”

The EU’s head of information security has previously advised that the risk of hacking attacks greatly increases following the dissolution of parliament. Dr Udo Helmbrecht cautioned candidates that any one of the thousands of political campaigns active over the election period could serve as a bulkhead from which to penetrate deeper into party machinery.

“If you look from a politician’s perspective or from a party’s perspective, you have different areas of concern,” Helmbrecht told the Guardian. “In Germany, the Bundestag was hacked. This was not a weakness in the classic infrastructure – it was naive treatment by parliamentarians.”

Dick O’Brien, a threat researcher at the security company Symantec, agreed that a hack like that on Macron “may well happen again”. Even a snap election left plenty of time for an interested party to take action, he added. 

“The nature of elections means that politicians are ripe for attack. Governments are well secured, political parties not so much. And then a campaign expands from a core party into a much more ad hoc organisations. That’s where you see people using resources, cloud services, with email, that they really wouldn’t use in a more permanent organisation. That really opens up the surface for an attack.”

Unlike a French or US presidential campaign, British elections are much more fragmented, with more local power and smaller national oversight. From a security standpoint, that fragmentation can be a blessing and a curse: it offers compartmentalisation, ensuring that low-level breaches do not leak data for the entire campaign, but also leads to a marked increase in the number of potential targets for an external attacker.

None of the national campaigns would comment on security matters, but all are believed to take advice from GCHQ on protecting their networks. Sitting MPs are helped by the Parliamentary Digital Service until parliament dissolves. But for parliamentary candidates who weren’t MPs before the election was called, the amount of support differs wildly.

Ryan Kalember, head of cybersecurity strategy at Proofpoint, backed Norton’s warning. “Campaigns in elections around the world must ensure that they have implemented proper defences around phishing, including email security and multi-factor authentication, ideally via hardware keys,” he said.

“Our research has shown that attackers are relentlessly working to exploit the email communication channel regardless of their level of sophistication, motivation, or country. Email is their top target because it provides the easiest opening into an organisation, one of the easiest routes for exporting confidential information and for political purposes, email content itself offers an inside look at strategies, motivations and personalities.”

The fragmentation of constituency campaigns does offer security benefits as well, however. Campaigns’ access to data is limited to that relevant to their local area. Similarly, the vast array of different services used by various campaigns makes it harder to use a one-size-fits-all attack. A fake Gmail login page, for instance, will be less able to trick a campaign run from a Hotmail email address. 

Political parties are using social media platforms more than ever - and much of their output is finely targeted and difficult to track.The Conservatives seem to be flooding Facebook users in marginal constituencies with anti-Jeremy Corbyn attack adverts, designed to draw away the Labour faithful. Labour are also using Facebook advertising, but their messages are less focused on leaders and their personalities. 

Guardian:      BBC:

You Might Aslo Read:

Algorithms: An Unseen Influence On The UK Election:

Germany May Go Offensive After Russian Cyber Attacks:

Russian Hackers Sow Disinformation Via Leaks:

Hackers Came, But the French Were Prepared:

 

 

« N. Korea Fires Another Ballistic Missile
China Postpones Implementing New Cybersecurity Law »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Pondurance

Pondurance

Pondurance is an IT Security and Compliance company providing services in Cyber Security, Continuity, Compliance and Threat Management.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

XBOSoft

XBOSoft

XBOSoft is a software QA and testing company. We cover the entire QA and testing life cycle including software and application security.

Honeynet Project

Honeynet Project

The Honeynet Project is a leading international non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools.

California Cybersecurity Institute (CCI) - Cal poly

California Cybersecurity Institute (CCI) - Cal poly

The CCI provides a hands-on research and learning environment to explore new cyber technologies and train and test tactics alongside law enforcement and cyberforensics experts.

Callsign

Callsign

Callsign’s mission is to seamlessly power the identification of every web, mobile and physical interaction.

CETIC

CETIC

CETIC is an applied research centre in the field of ICT. Key technologies include Big Data, Cloud Computing, the Internet of Things, software quality, and trust and security of IT systems.

Hack The Box

Hack The Box

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.

IoTsploit

IoTsploit

IoTsploit provides 20/20 visibility of network connections, protecting critical infrastructure assets from IoT vulnerabilities.

Novastor

Novastor

NovaStor® is an award-winning, international data backup and recovery software company with solutions supporting physical, virtual and cloud environments.

Labs/02

Labs/02

Labs/02 is a seed-stage incubator with a mission to advance cutting-edge technology in innovative areas including AI, deep learning, autonomous transportation, and smart cities.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

Axio Global

Axio Global

Axio is a leading cyber risk management SaaS company. Our Axio360 platform gives companies visibility to their cyber risk, and enables them to prioritize investments to protect their business.

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric cybersecurity practitioners charged with defending hybrid cloud environments.

Cyber Resilience Centre for Wales (WCRC)

Cyber Resilience Centre for Wales (WCRC)

The Cyber Resilience Centre for Wales (WCRC) is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Abertay cyberQuarter

Abertay cyberQuarter

The Abertay cyberQuarter is a cybersecurity research and development centre housed within Abertay University.