Russia is accused of hacking the UK's Electoral Commission, exposing 40 million voters' data over two years. In October of last year, the assault was discovered when suspicious behavior was noted. The attackers' first unlawful access was found to have occurred in August 2021.
The Electoral Commission's Chief Executive, Shaun McNally, expressed sorrow that further precautions could not have been taken to stop the cyberattack. He noted that improvements were made on the Commission's IT systems' security, resiliency, and dependability.
The hackers compromised reference copies of the electoral records, which the Commission utilized for study and to monitor political contribution amounts. The names and addresses of UK citizens registered to vote from 2014 to 2022 and those registered as abroad voters were among the exposed data, per Forbes. The Commission's email system was also open to hackers during the assault.
Experts Say Evidences Point to Russia
According to a report from The Independent, British intelligence services have found evidence tying the assault to Russians, sparking rumors about the Russian government's participation. Experts have identified Russia as the main suspect in the UK Electoral Commission cyberattack, including former GCHQ directors Sir David Omand and Sir Richard Dearlove.
The Electoral Commission discovered the breach months ago but has recently made the situation public. This delay was ascribed to the need to stop the hackers' access, evaluate the consequences of the incident, and work with the appropriate cybersecurity authorities before disclosing the information to the public.
The Commission reportedly said that it became aware of the breach in October 2022 "after observing an unusual pattern of login requests to our systems" in its notice. It is expected that the first illegal access was later detected in August 2021, when this unusual login activity was discovered. The order of events in the UK Electoral Commission cyberattack shows that the hackers had infiltrated the Commission's networks for more than a year before being discovered, with the possibility that it occurred longer.
In response to the security breach, the Commission said it took steps to bolster its requirements for network logins without going into more detail. A variety of actions, from adopting two-factor authentication to improving their current security standards, might be taken to address this.
The Commission's usage of the term "hostile actor" is probably due to information given by unnamed cybersecurity partners who are experts in cyberattack analysis, as per a report from TechTimes. The evidence and the Commission's definition of "hostile" are unclear, suggesting that the hackers' actions or access reflect malicious intent.
Investigation Still Ongoing
Details of people whose information was compromised included those who chose to keep it off the open registry. The Commission verified that new security measures had been put in place to fend against threats in the future. The Commission minimized the possibility of electoral tampering despite the breach occurring over a long period because of the dependence on paper-based voting.
The Information Commissioner's Office (ICO) urgently launched an inquiry on the issue due to voter anxiety. The hackers' identities and goals, which may have been financial or connected to state-sponsored espionage, are essential facts yet unknown, and their silence and lack of extortion demands create further suspicions about the attack's purpose.
The way the Commission's email server was compromised is also unknown, so it's unclear if the hackers deliberately targeted the email server or found another way in. Moreover, Data privacy and transparency issues have arisen from the delayed public disclosure about the UK Electoral Commission cyberattack.
Related Article : European Commission Opens In-Depth Investigation Into Adobe's $20 Billion Figma Acquisition