Political candidates, election officials, and others who are highly susceptible to online targeting are being granted an additional level of cybersecurity measures on their personal devices by the U.K. government
In recent months, the National Cyber Security Centre, a division of the U.K.’s intelligence and security agency GCHQ, has received reports of malicious endeavors involving Chinese state-affiliated actors and Russian intelligence services. These attempts have specifically targeted individuals and institutions in the United Kingdom, including parliamentarians.
“Cyber actors seeking to disrupt or otherwise undermine our open and free society view individuals who play vital roles in our democracy as an attractive target,” said Jonathan Ellison, NCSC director for national resilience and future technology.
The new Personal Internet Protection service aims to protect against malware, spear-phishing, and other forms of cyber attacks. It enhances the security of personal devices by blocking outgoing traffic to domains that the NCSC has identified as pernicious and alerting users if they attempt to access such sites.
It is founded upon the NCSC’s Protective Domain Name Service, initially designed for enterprise use but has since expanded to encompass millions of users in the public sector.
Individuals deemed at a higher risk are also encouraged by the NCSC to enroll in its Account Registration service, an additional opt-in function that enables the NCSC to notify users when malicious activity is identified on their accounts.
“In this significant year of elections around the world, I urge individuals eligible for our services to sign up and to follow our guidance now to bolster their defenses,” said the president.
The action follows GCHQ director Anne Keast-Butler’s warning that the organization currently allocates the most resources to China of any single mission.
“Russia and Iran pose immediate threats, but China is the ‘epoch-defining’ challenge,” she indicated.
“The Chinese people and diaspora have significantly contributed to life in the United Kingdom.” However, recent events remind us that the Chinese government continues to have a keen interest in our nation and democratic institutions.
Earlier this year, the U.K. formally accused China of cyber campaigns against members of Parliament and the U.K. Electoral Commission, which establishes election standards and regulates party and election finance.
The Electoral Commission was “highly likely” compromised by a Chinese state-affiliated entity between 2021 and 2022, according to the NCSC, which would have resulted in the theft of the personal information of millions of voters.
Additionally, it was stated that reconnaissance activity against British parliamentarians by Advanced Persistent Threat Group 31, affiliated with the Chinese government, was almost certain to have occurred during a separate campaign in 2021.
Although China has denied the accusation that it was responsible for the recent breach of a database belonging to the Ministry of Defense, no official blame has been placed on the incident. However, widespread speculation suggests that China was the perpetrator.
“Cyberspace is being utilized on various fronts to assist the Chinese government in achieving its strategic objectives… “All of us concerned with cyber resilience should be alarmed by this,” NCSC CEO Felicity Oswald stated earlier this week.
“It is imperative that business leaders and network defenders collaborate to enhance the security of critical systems throughout our economy… Chi
