UK Electoral Commission finally recovered from China hack after three years and £250,000 grant

News
By published

‘Painful’ lessons were learnt, the commission says

Hand of a person casting a vote into the ballot box during elections
(Image credit: Shutterstock / roibu)
  • The UK's electoral commission has now recovered from a cyberattack
  • Recovery took three years and £250,000
  • It's not clear what attackers gained in the intrusion

After three long years, the UK’s Electoral Commission is finally fully recovered after a cyberattack that left the organisation reeling.

The Commission was formally reprimanded by the Information Commissioners Office over lapses in security that left millions of British voters ‘vulnerable to hackers’.

Speaking to the BBC for the first time about the incident, the Electoral Commission CEO Vijay Rangarajan, who was not CEO at the time of the attack, says colleagues described the discovery of the hackers as "feeling like you'd been burgled whilst still inside the house".

Insufficient protections

There were six by-elections held in the time where hackers were inside the IT networks, but the Commission has confirmed there is no evidence of any tampering.

The Commission used a £250,000 grant to aid its recovery, and is now spending significantly more in its cybersecurity budget.

That being said, the commission is still not aware exactly what information was exfiltrated or what the hackers goals were with the intrusion. There have been examples of network intrusions with severe consequences, with government agencies and public organisations hit by ransomware attacks across the world.

"All of this could have caused us amazing problems. It was a dangerous thing to have happened," he said. "I don't think everyone realised quite how much democratic systems and electoral systems were targets. We tended to be quite comfortable in the way we run things. We now have to be really up to speed with the threats," he said.

In the past few years, elections over the world have been targeted, and governments have faced a huge surge in cyberattacks from threat actors looking to disrupt democracy and undermine governments and processes.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.