UK Leadership Election Ballot Delayed Over Security Fears | NHS 111 Service Attacked | German Chamber of Commerce Hit By Attack
Article by Christopher Lauder, Delegate Relationship Executive, Rela8 Group
UK Leadership Election Ballot Delayed Over Security Fears
As all of our UK readers will be aware, there is currently a contest underway to decide the leadership of the Conservative Party. Whoever is selected as the new leader in the ballot will become the next Prime Minister of the United Kingdom. 160,000 Conservative members will cast their votes, and the new Prime Minister will be announced on September 5th.
However, the sending of ballot papers for the vote has been delayed following a consultation with GCHQ. It was initially planned that voters would be able to choose whether to vote by post or online, but GCHQ has warned that hackers may be able to change people’s votes.
The BBC has reported that it was indeed initially planned that the voting process would have allowed members to choose whether to vote by post or online and then, if they changed their minds, use the alternative method to cancel out their previous vote.
But after advice from the National Cyber Security Centre, part of GCHQ, the Conservative Party has decided to make changes to enhance security around the ballot process.
In an email sent to party members, the Conservative Party said that voting packs were on their way but would be delayed until they could add additional security. It goes on to explain that once the ballot company receives a postal vote, they will deactivate the individual's online codes, "reducing the risk of any fraud".
The Telegraph said it understood fears were raised that scores of votes could have been changed by nefarious actors, although there was no specific threat from a hostile state.
A National Cyber Security Centre spokesperson said:
"Defending UK democratic and electoral processes is a priority for the NCSC and we work closely with all Parliamentary political parties, local authorities and MPs to provide cyber security guidance and support. As you would expect from the UK's national cyber security authority, we provided advice to the Conservative Party on security considerations for online leadership voting."
Source - UK Leadership Election Ballot Delayed Over Security Fears - BBC News
Source - UK Leadership Election Ballot Delayed Over Security Fears - Financial Times
Source - UK Leadership Election Ballot Delayed Over Security Fears - ABC News
Source - UK Leadership Election Ballot Delayed Over Security Fears - The Telegraph
NHS 111 Service Attacked
Also here in the UK, it has been confirmed that the software outage experienced by the NHS 111 service last week was caused by a cyber attack.
The attack targeted the systems that are used to refer patients for care, including ambulances being dispatched, out-of-hours appointment bookings, and emergency prescriptions. The NHS has however said that the disruption experienced was minimal.
Advanced, the firm who provides digital services for NHS 111, spotted the attack and has been working with the National Crime Agency.
In a statement, Simon Short of Advanced said:
"We can confirm that the incident is related to a cyber-attack and as a precaution, we immediately isolated all our health and care environments."
Short also assured that the issue had been contained to a small number of servers, although indicated the issue might not be fully resolved until next week.
Source - NHS 111 Service Attacked - BBC News
Source - NHS 111 Service Attacked - Sky News
Source - NHS 111 Service Attacked - The Evening Standard
German Chamber of Commerce Hit By Attack
Finally, we’ll head over to Germany where The German Chambers of Industry and Commerce were forced to shut down all of their IT systems and switch off digital services, telephones, and email servers because of a cyber attack.
For context, The German Chambers of Industry and Commerce (DIHK) is a coalition of 79 chambers representing companies within the German state. The DIHK is comprised of over three million members, with businesses ranging from small shops to large enterprises in the country. The organisation deals with legal representation, consultation, foreign trade promotion, training, regional economic development, and offers general support services to its members. As a precaution, the shutdown of systems was a way to give IT teams time to develop a solution and build up their defences.
Some services are slowly becoming available again following checks that they are safe to use, yet at the time of writing the restoration is only partial.
Michael Bergmann, The General Manager for DIHK, said in the statement on LinkedIn that the attack was “massive”. Though the cyberattack carries the signs of ransomware, with systems being shut down to prevent the spread of the malware, this hasn't been officially confirmed yet. Unfortunately for those businesses looking for a quick resolution, Bergmann also stated that there is currently no way to predict how long the shutdown measures will be in place.
Source - German Chamber of Commerce Hit By Attack - Bleeping Computer
Source - German Chamber of Commerce Hit By Attack - Computing.co.uk