Behind China's Hack Of UK's Electoral Commission

(MENAFN- Asia Times) The UK government has accused China of hacking the UK Electoral Commission, gaining access to information about millions of voters.

In the aftermath of the incident, the UK and US governments have sanctioned a company that is a front for the Chinese Ministry of State Security (MSS), Wuhan Xiaoruizhi Science and Technology, and affiliated individuals for their involvement in the breach and for placing malware in critical infrastructure.

The UK and many other countries have growing concerns over cyber operations that target national security, technological innovation and economic interests. China has been linked to state-sponsored cyber espionage activities for some time. Targets have included foreign governments, businesses and critical infrastructure.

While China is not inherently a threat to the UK, the two countries have a complex relationship that is characterized by both cooperation and competition.

China has economic influence over the UK and the two compete on innovation. But China's military ambitions, human rights record and reputation for covert influence campaigns require careful diplomatic and strategic management.

It's not clear what precisely motivated the attack on the Electoral Commission but such attacks are generally linked to various strategic interests. States may target foreign electoral organizations with the aim of influencing election results or more generally to undermine democratic processes, including by damaging trust among voters. They may seek leverage with whatever information they gather, either economically or in terms of global positioning.

These activities are not unique to China. In a deeply connected and increasingly digitized world, many states are strategically motivated to engage in subterfuge of this kind.

Latest stories

S Korean trade, diplomacy trending away from China

China challenges United States' EV subsidies at WTO

Connecting Indian cosmology, Western psychology and AI How this kind of attack works

The US Cybersecurity and Infrastructure Security Agency (CISA) has already detailed the methods deployed by affiliates of the MSS in their cyber espionage. They systematically exploit vulnerabilities in software and systems, penetrating federal government networks and commercial entities.

Their approach demonstrates a deep understanding of cyber warfare and intelligence gathering and a high level of expertise. It's clear that significant resources have been put at their disposal.

Central to their strategy is the active exploitation of vulnerabilities. They meticulously search for and take advantage of weaknesses across target systems and software. By identifying these security gaps, they manage to bypass protective measures and infiltrate sensitive environments, aiming to access and extract valuable information.

In gathering intelligence, these operatives scour publicly available sources – including the media and public government reports – to accumulate critical data on their targets. This could range from specifics about an organization's IT infrastructure and employee details to potential security lapses. Such intelligence lays the groundwork for highly targeted and effective cyberattacks.

Meanwhile, they scan for vulnerabilities in the system itself, uncovering essential details like open ports and the services running on them. This will include any software that may be ripe for exploitation due to known vulnerabilities.

The operatives then leverage all this information to gain unauthorized access. They exploit system flaws to induce unexpected behaviors, allowing for the installation of malware, data theft and system control.

The ultimate aim of these operations is the exfiltration of data, such as the names and addresses of British voters in the case of the Electoral Commission. They illicitly copy, transfer, or retrieve data from compromised systems, targeting personal information, intellectual property and government or commercial secrets.

Pencil mightier than the keyboard

It was known by August 2023 that the Electoral Commission had come under attack but the suspects have only now been named publicly.

Despite the breach, the Electoral Commission claims that the core elements of the UK's electoral process remain secure and that there will be “no impact” on the security of elections.

This is in part because so much of the British system is paper-based. People are processed by hand when they go to a polling station on election day, they use pencil and a paper ballot to vote, and their votes are counted by hand.

These factors make it very difficult to influence the outcome of a British election via a cyberattack, unlike in countries that use electronic voting machines or automated vote counting.

Paper ballots and records, being tangible and physically countable, provide a verifiable trail. So even in the event of a cyber intrusion, the fundamental act of casting and counting votes remains untainted by digital vulnerabilities.

Stronger systems are still needed

The attack nevertheless raises questions about the effectiveness of existing monitoring and logging systems for detecting data breaches. The attack accessed not only the electoral registers but also the commission's email and control systems. The data potentially accessed included UK citizens' full names, email addresses, home addresses and phone numbers.

MENAFN28032024000159011032ID1108030790

Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.