View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 3, 2022updated 17 Aug 2022 9:31am

Tory leadership vote postponed after cybersecurity warning – report

Conservative Party leadership election pushed back three days after it emerges hackers could interfere with online votes.

By Claudia Glover

The upcoming Conservative Party leadership election, which will decide the next prime minister of the UK, has been postponed by three days after the National Cyber Security Centre (NCSC) warned that the online voting system may be vulnerable to outside influence, the Telegraph has reported.

Hackers might have tried to influence the election in order to sow doubt and test out their methods, cybersecurity experts told Tech Monitor.

Foreign hackers may have sought to interfere with the Conservative Party leadership election to sow doubt about its result. (Photo by Andy Wasley/iStock)

Cybersecurity risk over Tory leadership vote

The current Tory leadership contest is the first to allow online voting. The proposed system would have allowed party members to change their choice after casting an initial vote. But the NCSC has warned that, if a cybercriminal were to get hold of members’ unique voting codes, they could change their votes.

The NCSC told the Telegraph that it has not identified a specific threat of election interference but issued the warning to help make the voting process more secure. “As you would expect from the UK’s national cybersecurity authority, we provided advice to the Conservative Party on security considerations for online leadership voting,” it said.

The voting process has been updated so that members may only vote once, after which their voting code will be deactivated. As a result, Conservative Party members will now receive their ballots no later than August 11th, not the 8th as originally planned.

In a letter to Conservative Party members, the government warned that “it is an offence to vote more than once – any member found to have voted more than once will have their party membership withdrawn.”

Are online elections secure?

Online voting systems may never be entirely secure, according to Jason Steer, CISO at security company Recorded Future. “The reality is all software is vulnerable to some extent to someone who has the intent and expertise to interfere,” he told Tech Monitor today.

The Tory leadership contest may well have been the subject of outside interference, given the current tensions between Russia, China and the West, Steer added. “They want to create distrust between governments and break unity within the EU,” he said. “Any opportunity to further examine the integrity of the voting system, therefore, is a good thing.”

Content from our partners
How to turn the evidence hackers leave behind against them
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer

Hackers may also have used the vote as an opportunity to test out techniques for election interference, said Jake Moore, global cybersecurity adviser at ESET. “Although this has the potential of altering the outcome from only two possibilities, it is more likely to be used as a testing ground for more dangerous, deeper attacks in the future,” he said.

“Hackers often only get a short time to test their techniques in large events such as a political voting round, so this could act as a potential first attempt in what is to come,” Moore said.

Read more: How to combat the rise in cyberattacks

Topics in this article:
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU