The UK Labour party recently confirmed a cyber-attack on a third-party company that compromised members’ data. Details remain thin, but Labour said the incident led to “a significant quantity of party data being rendered inaccessible on their systems.” Sadly, this attack was far from a one-off. In fact, this is the second time in two years that this has happened to the Labour party and was the latest in a series of politically motivated cyber-attacks which have left governments and political parties across the world unimaginably vulnerable.
Early reports suggested the Labour attack was a form of ransomware. Yet, when you look deeper into the attack and what happened, it’s interesting to explore whether there was likely another agenda behind the attack and others of this nature.
The world is in an uncertain place, which is an obvious place to start when searching for motives for these types of attacks. We are in the midst of climate change discussions around the world, and COVID-19 continues to dominate the headlines, with new variants and travel plans changing daily. Politicians are at the heart of the decisions on how we live our lives, and people are incredibly worried about what the future holds.
The likelihood with the Labour attack was that it was a pinpointed agenda against the Labour party for one reason or another, perhaps even for supporting further lockdown measures. In any case, data was compromised. This is common in the current climate. Israel is seeing attacks of this nature regularly, and politicians and government officials have their data leaked daily. These attacks are often used to influence the decision-making against one lobbyist or the other.
Implications of Political Cyber-Attacks
Politically motivated cyber-attacks, of course, have implications. Most developed countries are highly dependent on their information infrastructure; an attack of this nature could have devastating consequences and is taken incredibly seriously by governments. This was seen recently in France with President Emmanuel Macron pushing for an Israeli inquiry into NSO spyware, which was allegedly used to target him and 50,000 other dignitaries.
According to newspaper reports, Macron expressed concern that his phone and those of most of his cabinet could have been infected with Pegasus, hacking software developed by the Israeli surveillance firm NSO Group, which enables operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones from infected devices. Macron’s party was also subjected to a cyber-attack in 2017 when more than 20,000 emails belonging to his election campaign were published online.
There are countless other examples of similar types of attacks, such as the hacking of the Mayor of Tampa’s Twitter account in 2019, two weeks before Tampa’s mayoral elections. A malicious actor compromised Bob Buckhorn’s account, and the hijacker used the account to post a variety of offensive tweets that contained racist comments, child pornography, a bomb threat against Tampa International Airport and a warning of an incoming ballistic missile strike. There was also the attack in March 2018 when hundreds of WhatsApp messages between British MPs discussing Brexit were leaked to the media, exposing numerous disagreements.
And while it’s clear to see the damaging effects that politically motivated cyber-attacks have on those involved, there are also many wider-reaching consequences. Cyber-attacks on governments and political parties give people who are already skeptical about democracy, elections or the quality of their politicians another point to argue that the system isn’t working. Public trust in voting and confidence in political systems is being challenged by evolving digital threats. Whether this is the real cause behind such attacks remains unclear – it could just be the politicians and the campaigns directly targeted that they’re trying to influence - but the outcome is the same regardless.
The Cyber Safety Approach
Cybersecurity can often take a ‘ticking the boxes’ mentality where compliance rather than constant vigilance takes precedence. This is born from approaches that are lacking in creativity, motivation and fundamental-to-the-core strategy – three features attackers have in abundance. A new paradigm to cybersecurity is one of cyber safety, where the end goal is not a destination but rather a constant analysis of moving risks, adapting to those risks and implementing appropriate controls to lower the risk and limit the impact of a cyber-attack.
Governments must create an ongoing culture of resilience and build that resilience by focusing on their people, processes and technology. Staff can be both the biggest asset, but also the biggest security risk. Understanding and controlling how staff gain access to systems is critical to lowering risk and limiting the potential impact of a cyber-attack.
Processes are key to the implementation of an effective cyber-safety strategy. They are crucial in defining how an organization’s activities, roles and documentation are used to mitigate information risks. Also, technology is key here. Tools and vendors vary but being able to choose the right tools that have the right capabilities is obviously key in the current climate.
There is no doubt that we are living in times of great change, great opportunity and digitalization but also times of great challenge and uncertainty. Cyber-attacks are becoming more frequent and more sophisticated and governments and political parties need to work harder to better understand and safeguard their assets. In 2022 and beyond, cybersecurity is a critical political and governance issue.