Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner.

Tory vote security concerns ‘highlight cyber risk to democratic process’

(PA)
(PA)

The security concerns which led to a delay in ballots being sent out for the Tory leadership contest should act as a wake-up call about the cyber threat to the UK’s democratic process, an expert said.

The Conservatives have made changes to the way the election to choose the next prime minister will be run following advice from the National Cyber Security Centre (NCSC), part of the GCHQ intelligence agency.

But it is not the first time that concerns about online security have surfaced during elections, with contests around the world subject to attacks.

Tory graphic
(PA Graphics)

The Intelligence and Security Committee’s report on Russia published in 2020 noted that Moscow “has carried out malicious cyber activity” including “attempting to influence the democratic elections of other countries”.

The MPs and peers who scrutinise the work of the UK’s intelligence agencies said they had been informed that “the mechanics of the UK’s voting system are deemed largely sound: the use of a highly dispersed paper-based voting and counting system makes any significant interference difficult”.

However the next prime minister – either Liz Truss or Rishi Sunak – will not enter No 10 as the result of a general election but instead the Tory contest, with members allowed to vote online.

The NCSC is not thought to have responded to a specific threat to the Tory contest and Jamie MacColl, a research fellow in the cyber team at the Royal United Services Institute, said it was unlikely Russia would try to directly interfere with the leadership race.

“I’m not personally convinced Russian intelligence would directly intervene in the leadership contest,” he said.

“Logically, the outcome for the Russian government is going to be pretty similar regardless of whether Liz Truss or Rishi Sunak is prime minister. There’s still a significant support for Ukraine’s position.

“A lot of the Russian intelligence assets and cyber operators are directly focused on the war in Ukraine, or activities that support the war in Ukraine.”

But the election could be targeted by “someone who just wants to cause a bit of mischief” rather than a hostile state.

He said those involved in the democratic process needed to be more aware of the risks.

“I don’t think there’s been the same amount of focus on it in this country compared to the US.

“There’s been a lot of media coverage in the US of potential threats to vote voting infrastructure there off the back of the 2016 election.

“Whereas in the UK, there’s been maybe more of an effort by the Government – which was highlighted in the Russia report in 2020 – maybe more of an effort to play down the potential impacts of Russian interference in our electoral electoral processes, particularly around the Brexit vote.

“That’s not to say that I think that Russian interference will have had any sort of significant impact on the outcomes of those elections, or referenda, but at the very least, we should be having an open discussion about the fact that’s happening. Because apart from anything, if we’re not, we can’t build public trust in our ability to mitigate it.”

Asked if the advice around the Tory leadership contest should be seen as a “wake-up call to everyone involved” in politics, he said: “Absolutely.”

Issues around online security surfaced in the 2019 general election, when Labour was hit by cyber attacks.

The NCSC said it had worked closely with political parties “for several years on how to protect and defend against cyber attacks” and gave them advice ahead of the election.

Mr MacColl said the fact NCSC had been able to give advice to the Tories about the leadership contest was “actually a sign of a healthy, functioning democracy”.