-(002).png?lu=380)
06 August 2024
The Electoral Commission, the UK government body in charge of overseeing elections, has been slammed by over 1.5 million email attacks in the lead up to the recent UK general election..png?lu=186)
The findings were revealed under the Freedom of Information Act (FOI), and analysed by the Parliament Street think tank, observing the cyber threats posing the electoral body ahead of the 4 July general election.
The news comes after the ICO reprimanded the Electoral Commission for leaving its systems ‘exposed and vulnerable to hackers,’ following a breach in August 2021 that was not identified until October 2022. The hackers had access to personal information such as names and home addresses for up to 40 million voters.
In total, the Electoral Commission blocked 1,510,463 attacks between 2021-2023 ranging from Microsoft Edge Block to spam, phishing and malware threats.
“Year after year we see spikes in seasonal cyber threats at Christmas, Valentine’s and other holidays, and the lead-up to the general election was no different. It was the prime opportunity for cybercriminals to target unsuspecting voters and tamper with the results, and fortunately, the Electoral Commission was able to block millions of attacks,” said Andy Ward, VP international, for Absolute Security. “What’s concerning, however, is the number of attacks that didn’t get blocked, stealing voter’s IDs, personal details and sensitive data. Everyone can be the target of a cyber-attack, so the UK needs a robust cyber resilience strategy to ward off bad actors and ensure the protection of departments, businesses and civilians across the country.”
Leading up to the election, 81% of the blocked attacks occurred in 2023, compared to 15% in 2022 and 4% in 2021. Edge Block accounted for the majority of attacks, followed by spam emails, malware then phishing.
“During periods of heightened threat, it is vital that organisations take a technology AND people approach to protecting themselves. Adopting bespoke cyber security technology can act as the first layer of protection to identify and block attacks, but that must be combined with upskilling to ensure staff can detect and report threats when they do occur. Building capability through digital skills enables organisations to better defend against malicious actors and, in this case, protect the integrity of the UK voting system,” said Stuart Munton, chief for group delivery at AND Digital.
