A computer security tip for those campaigning in the UK general election

Graham Cluley

A computer security tip for those campaigning in the UK general election

A computer security tip for those campaigning in the UK general election

Against a backdrop of a highly divisive decision for the UK to leave the European Union (better known by the ghastly word “Brexit”), British Prime Minister Theresa May has called a snap general election for 8 June.

I’m not going to get into my views as to whether the UK should leave Europe or not (you can read my Twitter account if you want to know my feelings about that), but here’s some important piece of advice for anyone working for a political party on its election campaign:

Think before you click

As we saw during the US election campaign, those working on election campaigns can be remarkably lax when it comes to their online security – reusing weak passwords between different sites, being duped by phishing emails, having their social media accounts hijacked and – most damagingly – having their private email conversations and documents stolen and leaked to the media.

It’s probably unfair to focus on one particular individual’s security snafu that may have influenced the US election, but hey… it seems clear that the hack of Hillary Clinton’s campaign chief John Podesta was enormously damaging, and made things easier for the Trump team.

This is the bogus email that Podesta received from a cybercriminal gang hell-bent on cracking into his webmail account.

Podesta phish 3

If you’re campaigning in the UK election, don’t be a Podesta.

Whatever political party you are fighting for, ensure that you’re careful to use strong, unique passwords, that you have enabled two-step verification on your online accounts where possible, that you are always cautious about clicking on links and unsolicited email attachments, and wary of entering your passwords on sites that may be attempting to phish you.

Check out our recent “Smashing Security” podcast for more tips on securing webmail accounts to prevent your private emails making the headline, and perhaps derailing your campaign.

Listen on Apple Podcasts | Google Podcasts | Other... | RSS
More episodes...

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

2 Replies to “A computer security tip for those campaigning in the UK general election”

  1. Thanks for this Graham, I do wonder why their is radio silence regarding the hacking of the postal vote website? There has been a large amount of electoral postal fraud over the years, and not much commentary on it. I'm very curious to understand how we are protected, were there no forensics on the matter, the US government and law enforcement are a lot more transparent than our own, if you reflect on the past 6 months. I bet there were not, cyber security in England is always seen as secondary until something bad happens. I would ask, were there intrusion detection systems? were those logs monitored in real-time through a SOC? I doubt it very much. It will be classed as SECRET and no one can whistle-blow; as the Official Secrets Act does not protect Whistle-blowers. All speculation of course. I would ask though, that if PCI-DSS for the banks is good enough to protect our money, why is there no equivalent for Government systems. The Ritz balcony case law (think ISO 27001 as well as prescriptive good practices from PCI) for standards would be an interesting comparison in this case, possibly.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES