On 8th August 2023, the UK Electoral Commission announced that it had been the subject of a ‘complex cyber attack’.
The hackers had apparently been inside the network for over a year and had access to a vast range of data, including:
- Electoral registers which contained the name and address of anyone in Great Britain who was registered to vote between 2014 and 2022
- The names of anyone registered as an overseas voter in the same time period
- Access to the Electoral Commission’s email system
WHO WAS BEHIND THE ATTACK?
It’s not clear if UK authorities know for sure who was behind the attack and in any case, the public may never be told the full story.
But 2tela assess with high confidence that the attack was the work of the Chinese intelligence service (known as the MSS) and its affiliated agents.
WHY DID CHINA HACK UK's ELECTORAL REGISTER?
At first glance a cyber-attack against the election machinery of the UK would appear to be right out of the playbook of any hostile foreign power; getting inside access to potentially change the course of an election in a democratic Western nation, as per the attempt to rig the 2016 US election by Russian military intelligence.
However, this cyber-attack was not about changing the course of an election. This was more obtuse and less straightforward; the reason for MSS to hack our electoral agency was to gather a treasure trove of data to assist its attempt to spy on the UK.
CHINESE INTELLIGENCE LOVES MASSIVE DATA
Underpinning the mechanics of espionage in the 21st century is the need for massive data sets. And the MSS amongst all of the leading intelligence agencies of the world has the biggest requirement for data, data and yet more data.
The Chinese intelligence services are the largest in the world, with hundreds of thousands of officers working to quench Beijing’s thirst for secrets.
A key part of this is recruiting agents in the UK; identifying and then convincing British nationals to betray their country by supplying secrets to MSS officers.
But how do you identify one person from 62 million potential targets? By using massive datasets, such as credit rating websites (MSS hacked Experian in 2015 to do just this), travel agencies and electoral registers. MSS can identify those in debt or those who travel often to China and then work out if they have access to secrets of interest.
RECRUITING SPIES FOR THE MSS
MSS analysts will have used massive datasets to identify potential Britons to spy for China; those with access to secrets but potentially malleable to coercion, such as being in financial difficulty, sympathetic to communism or UK nationals with significant business interests in China.
The Electoral Registers would then be used to cross-check and confirm information on these targets to ensure the MSS has the greatest chance of success.
That’s why Chinese intelligence hacked the UK electoral system; to aid and abet their attempts to recruit spies.
WHO ARE THE MSS?
- The Ministry of State Security (MSS) is China’s main civilian intelligence agency which reports directly to the China Communist Party (CCP)
- Estimated 40,000 intelligence officers based abroad tasked with spying on China’s enemies
UK is a priority target for the MSS; uses cyber capabilities to support its attempts to acquire British political, military and industrial secrets
The views represented within this article are the view of 2tela only.