Electoral Commission response to cyber-attack attribution

Electoral Commission response to cyber-attack attribution

The UK Government has today announced that a previous cyber-attack on the Electoral Commission has been attributed to a China state-affiliated actor.

Responding to the announcement, the Electoral Commission’s Chair, John Pullinger, said: 

“Today’s announcement from the UK Government, attributing the cyber-attack on the Commission to a China state-affiliated actor, demonstrates the international threats facing the UK’s democratic process and its institutions. 

“In a year of significant electoral events, we remain vigilant to the risks facing our electoral process, and will continue to work with the UK’s governments and the wider electoral community to safeguard the safety of the system.”

The attack was first identified in October 2022. After taking steps to remove the actor from the Commission’s systems and to improve security arrangements, the Commission notified the public in August 2023.

John added: 

“The cyber-attack has not had an impact on the security of UK elections. The UK’s democratic processes and systems are widely dispersed and their resilience has been strengthened since the attack. Voters have, and should continue to have, high trust in the process of voting. 

“The data accessed when this attack took place does not impact how people register, vote, or participate in democratic processes. It has no impact on the management of the electoral registers or on the running of elections.”