One of the UK’s leading security agencies has stepped in to warn of potentially malicious efforts to alter the result of the upcoming Conservative Party leadership election.
Around 160,000 party members will effectively choose the next Prime Minister of the country when they decide between current foreign secretary Liz Truss and former chancellor Rishi Sunak.
However, the National Cyber Security Centre (NCSC), part of spy agency GCHQ, was forced to alert the party that the voting system for members could be hijacked by hackers.
Party members can vote by post or online. However, a loophole in the system meant that they, or potentially a malicious third party, could have changed online results after they had been cast.
After the NCSC’s intervention, there is now a unique code which will be deactivated once online ballots are cast so that it’s impossible to re-enter the voting site.
“Defending UK democratic and electoral processes is a priority for the NCSC and we work closely with all parliamentary political parties, local authorities and MPs to provide cybersecurity guidance and support,” noted an NCSC statement seen by The Guardian.
“As you would expect from the UK’s national cybersecurity authority we provided advice to the Conservative Party on security considerations for online leadership voting.”
As far back as 2017, GCHQ warned lawmakers of the prospect of Russian state hackers interfering in UK elections. However, in Britain, ballots are cast via post or in person, with electronic counting machines and online voting not used.
It’s unclear why the Conservative Party decided to break with that precedent, given the extra security risks presented by digitizing the process.
The current rules of Britain’s political and electoral system give an outsized role to party members on who becomes the next leader of the country. Most polls currently claim Truss has a commanding lead.