Article
Technology

Cyber-attacks hit half of UK businesses in 2016 – will the political parties be next?

By Chloe Lewis
June 01, 2017
undefined mins
The number of UK businesses that suffered a cyber- attack doubled last year, with almost half of firms detecting a breach in 2016. Now, Jam...

The number of UK businesses that suffered a cyber- attack doubled last year, with almost half of firms detecting a breach in 2016.

Now, James Norton, a leading security researcher, has warned that a British political party will be the victim of a hack similar to those suffered by the Clinton and Macron presidential campaigns.

Norton, a former official at the US Department of Homeland Security, said: “It wouldn’t surprise me if there’s already been some emails stolen … it would surprise me if it didn’t happen.”

“Campaigns are a treasure trove, especially newer campaigns where you’re trying to understand the dynamics … I would think they would be targets, if they’re not already, in terms of trying to understand what their politics would be. Even Theresa May is largely an unknown.” He continued.

Dick O’Brein, a threat researcher at the security company Symantec, agreed that a hack like that on Macron ‘may well happen again’, despite the snap election.

“The nature of elections means that politicians are ripe for attack. Governments are well secured, political parties not so much. And then a campaign expands from a core party into a much more ad hoc organisation. That’s where you see people using resources, cloud services, with email, that they really wouldn’t use in a more permanent organisation. That really opens up the surface for an attack.”

Unlike other election campaigns, British ones are much more fragmented, and have more local power than French or US campaigns. In terms of security, a fragmented campaign is both a blessing and a curse; it offers compartmentalisation, which ensures that low-level breaches do not leak data, but increases the number of potential targets that are available to an attacker.

James Norton has argued that regular, deliberate training is needed to prevent a costly and damaging hack. Ryan Kalember, head of cybersecurity strategy at Proofpoint, backed Norton’s warning, saying: “Campaigns in elections around the world must ensure that they have implemented proper defences around phishing, including email security and multi-factor authentication, ideally via hardware keys,”

Share
Share

Featured Articles

How to Boost Supply Chain Visibility with Tive and Arvato

During this insightful webinar, Tive and Arvato will explore the pivotal role of visibility in bolstering the resilience of modern supply chains

Top 100 Women 2024: Stephanie Rankin Smith – No. 8

Supply Chain Digital’s Top 100 Women in Supply Chain honours The Home Depot’s Stephanie Rankin Smith at Number 8 for 2024

Top 100 Women 2024: Carol B. Tomé, UPS – No. 7

Supply Chain Digital’s Top 100 Women in Supply Chain honours UPS’s Carol B. Tomé at Number 7 for 2024

The Global P&SC Awards: One Month Until Submissions Close

Digital Supply Chain

Top 100 Women 2024: Susan Johnson, AT&T – No. 6

Digital Supply Chain

WATCH: Ivalua and PwC Navigate the Future of Procurement

Procurement