The National Cyber Security Center (NCSC) said Chinese state cyber actors were behind “malicious” targeting of parliamentarians and cyberattacks on the electoral commission.
Britain’s cybersecurity agency, part of GCHQ, said it believed a China-backed group called APT31 was responsible for online espionage against the email accounts of a group of lawmakers and peers critical of China.
APT31 has previously been accused of targeting other government entities and political figures around the world, including attacks on the Finnish Parliament and Norwegian government IT systems in recent years, as well as an attack on Microsoft Exchange servers in 2021.
The malicious activity we have exposed today is part of a wider pattern of unacceptable behavior we are seeing from Chinese state-affiliated actors targeting the UK and around the world.
Paul Chichester, NCSC
The NCSC said it also blamed a breach of the Electoral Commission’s computer systems in 2021-2022 on a China-backed actor in a separate incident.
The cybersecurity agency said the attack on the election commission likely led to email data being accessed and leaked for use by Chinese intelligence services.
When last year’s attack was made public, it was confirmed that hackers were able to access reference copies of the electoral register held by the commission for research purposes and conduct permissibility checks on political donations.
The register held at the time of the cyber attack included the names and addresses of anyone registered to vote in the UK between 2014 and 2022, as well as names registered as overseas voters.
But they did not include details of anonymous registrants.
The annual register holds details of approximately 40 million people, which can be accessed by hostile actors, although this includes people on the open register whose information is already in the public domain.
The NCSC said it believed the data was likely to be used by Chinese intelligence services for large-scale espionage operations and to suppress critics of China in the UK.
Regarding the attack on members of parliament, the NCSC said parliament’s own security services had identified a cyberattack campaign targeting email accounts and successfully mitigated the situation before any accounts were compromised.
It is vital that organizations and individuals involved in our democratic processes protect themselves in cyberspace, and I urge them to follow and implement the NCSC’s recommendations to ensure cyber security
Paul Chichester, NCSC
Paul Chichester, director of operations at the NCSC, said: “The malicious activity we have exposed today is part of a wider range of unacceptable behavior we are seeing from Chinese state actors targeting the UK and around the world.
“Attacks on our democratic institutions are unacceptable and NCSC will continue to condemn cyber actors who pose a threat to the institutions and values that underpin our society.
“It is vital that organizations and individuals involved in our democratic processes protect themselves in cyberspace, and I urge them to follow and implement the NCSC’s recommendations to ensure cybersecurity.”
The Electoral Commission said the attack “had no impact on the security of UK elections and resilience has been strengthened since the attack”.
As part of its response to the attack, the NCSC said it had updated its guidance for political organizations and provided further advice on how to reduce the likelihood of a cyberattack.
Al Lakhani, founder and CEO of cybersecurity company IDEE, said the government needs to adopt a stronger cybersecurity response.
When it comes to something as important as national security, relying on outdated cybersecurity solutions to detect attacks, but not prevent them, is absolutely dangerous
Al Lakhani, cybersecurity company IDEE
“International relations are based on sincerity, common interests and fair reciprocity,” he said.
“But these are completely contrary to good cybersecurity practices, which must be based on zero trust.
“The government has blatantly tiptoed on this issue, apparently paralyzed by fear of alienating a global superpower, but the result has been leaks of personal data and an erosion of confidence in the electoral process.
“To avoid these embarrassing situations, governments need to find better ways to protect their systems and data.
“When it comes to something as important as national security, it’s absolutely dangerous to rely on outdated cybersecurity solutions that can detect attacks but fail to stop them.
“The election is coming and the threat of international intervention is huge.
“I therefore hope that learning from past breaches marks a turning point in the UK’s cybersecurity preparedness and that we move towards a digital security future rooted in proof of identity and delivered trust.”
Follow us on Google news ,Twitter , and Join Whatsapp Group of thelocalreport.in
