Skip to main content

Cyber Interference: UK Democracy

Volume 742: debated on Thursday 7 December 2023

With permission, I will make a statement about attempted cyber interference in British democracy. I know hon. and right hon. Members across this House will recognise the seriousness of this issue.

The Government have long highlighted the threat to the UK and our allies from malicious cyber activity conducted by the Russian intelligence services. I can confirm today that the Russian Federal Security Service, the FSB, is behind a sustained effort to interfere in our democratic processes. It has targeted Members of this House and the other place. It has been targeting civil servants, journalists and non-government organisations. It has been targeting high-profile individuals and entities with a clear intent, using information it obtains to meddle in British politics.

Madam Deputy Speaker, you and parliamentary security have been briefed on the details of that activity. We want to be as open as we can with the House and the British public. Our commitment to transparency stands in sharp contrast to the efforts of the KGB’s successors to exert influence from the shadows. What can we confirm today? I want to stress five particular points of our assessments.

First, Centre 18, a unit within Russia’s FSB, has been involved in a range of cyber-espionage operations targeting the UK.

Secondly, Star Blizzard, a cyber group that the National Cyber Security Centre assesses is almost certainly subordinate to Centre 18, is responsible for a range of malign activities targeting British parliamentarians from multiple parties.

Thirdly, using those means, the group has selectively leaked and amplified the release of sensitive information in service of Russia’s goals of confrontation. In 2020, when he was Foreign Secretary, my right hon. Friend the Member for Esher and Walton (Dominic Raab) confirmed to the House that Russia had done that before the 2019 elections with documents related to UK-US trade. I can now confirm that we know Star Blizzard was involved in this operation.

Fourthly, these cyber actors use a combination of targeting, tailoring their operations in a far more sophisticated way than is usually the case with, for instance, commonplace cyber criminals. They typically engage in thorough research and preparation, including via social media and networking platforms. Having thus identified ways to engage a target, they create false accounts, impersonating contacts to appear legitimate, and create a believable approach, seeking to build a rapport before delivering a malicious link to either a document or website of interest. While they have targeted business and corporate emails, the group predominantly targets personal email addresses.

Finally, the targeting of this group is not limited to politicians, but includes public-facing figures and institutions of all types. We have seen impersonation and attempts to compromise email accounts across the public sector, universities, media, non-governmental organisations and wider civil society. Many of those individuals and organisations play a vital role in our democracy. As an example, the group was responsible for the 2018 hack of the Institute for Statecraft, a UK think-tank whose work included initiatives to defend democracy against disinformation, and the more recent hack of its founder, whose account was compromised from 2021. In both cases, documents were subsequently leaked.

The Government’s assessment is based on extensive analysis from the UK intelligence community and supported by a range of close international partners. Today, allies from the Five Eyes and the Euro-Atlantic region are joining us in illuminating the pervasive nature of this threat to our shared democratic values. I pay tribute to the dedicated public servants, in our own agencies and those of our partners, whose painstaking work has allowed us to expose the reality of the threat we face.

Taken together, the UK Government judge that these actions demonstrate a clear and persistent pattern of behaviour. Russia’s attempted interference in political and democratic processes, through cyber or any other means, is unacceptable. I reassure the House that we have identified targeting of parliamentary colleagues and engaged with victims through both the National Cyber Security Centre and the parliamentary authorities.

The Government will continue to expose and respond to malign cyber activity, holding Russia accountable for its actions. To that end, the UK has designated two individuals under the UK’s cyber sanctions regime, following a thorough investigation by the National Crime Agency into the hack of the Institute for Statecraft. In doing so we send a clear message that these actions have consequences. This morning, the Foreign, Commonwealth and Development Office has summoned the Russian ambassador to the Foreign Office to convey that message.

We have robust systems in place to protect against the threat from foreign malign influence. The Minister for Security, my right hon. Friend the Member for Tonbridge and Malling (Tom Tugendhat), leads the defending democracy taskforce, which drives work to improve our resilience against these threats. Our National Cyber Security Centre, alongside Five Eyes partners, today published a technical advisory to provide guidance to organisations and individuals at risk of being targeted to help defend against such attacks. We will continue to defend ourselves from adversaries who seek to threaten the freedoms that underpin our democracy. It is and always will be an absolute priority to protect our democracy and elections.

A key component of increasing our resilience is supporting the National Cyber Security Centre and parliamentary authorities to deliver an enhanced cyber-security offer to right hon. and hon. Members, and to Members of the other place, that aims to better protect them against this insidious threat and support the resilience of our lively democratic society. We hope that this statement helps to raise awareness of the threat and allows those in public life, in this House and beyond, to recognise how they may be targeted by such operations.

Russia has a long-established track record of reckless, indiscriminate and destabilising malicious cyber-activity, with impacts felt all over the world. In recent years, the Government have, alongside allies, uncovered numerous instances of Russian intelligence targeting of critical national infrastructure, for example. We have worked in close co-ordination with our intelligence partners to expose sophisticated cyber-espionage tools aimed at sensitive targets. The irony of Russia’s abusing the freedoms that it denies its own people to interfere in our politics will not be lost on anyone.

Of course, our political processes and institutions have endured in spite of those attacks, but the cyber threat posed by the Russian intelligence services is real and serious. All right hon. and hon. Members should pay careful attention to it in the course of their work and their daily lives. Many in this House may not consider themselves a potential victim. I want to underline to the whole House that the targeting can be extremely convincing. We must all play our part in exercising good cyber practices, using appropriate caution and following the good guidance of the National Cyber Security Centre and others to mitigate the threat. That is how we defend ourselves and our precious democracy. I commend this statement to the House.

I am grateful to the Minister for advance sight of his statement.

The news that the Russian intelligence service is behind an effort to target Members of this House and the other place, civil servants, journalists and NGOs is not just concerning; it is an attack—not only on individuals, but on British democracy, on both sides of this House, and on the public we represent. Labour, along with the whole House, condemns it in the strongest terms.

The news comes as we approach 2024, the year of elections not only in Britain, but in the United States, India and the EU, with more than 70 elections scheduled in 40 countries across the world. Democracy is built on trust, and trust must be built on the confidence that politicians on all sides are able to conduct the business of democracy free from interference.

Let me ask the Minister some specific questions about these revelations. First, is he confident that the Government have uncovered the full extent of the cyber-attack and every person who was affected?

Secondly, on the response, I welcome the announcement of the designation of two individuals following the hack of the Institute for Statecraft, but has any specific action been taken to respond to the cyber-attack on parliamentarians that the Minister has revealed today? If not, why not?

Thirdly, as we approach the general election, what additional steps are the Government taking to ensure the integrity of the democratic process? Will they make their officials available to ensure that Members on both sides of this House are free from interference; to train, equip and support Members and all staff to better identify and respond to the challenge; and to ensure not just that their digital communications are protected, but that their offices, staff and families are, too?

This revelation is shocking but not unexpected. It is the latest episode in a long pattern of hostile activities by Russia and other hostile states, including Iran and the Democratic People’s Republic of Korea, against Britain and our allies. There is more that we can do. Labour has committed to the establishment of a democratic resilience centre in Government to work with our allies to protect our democratic values, political institutions, elections and open societies. Will the Government commit to creating one? As the shadow Home Secretary, my right hon. Friend the Member for Normanton, Pontefract and Castleford (Yvette Cooper), has outlined, we do not yet have a robust and long-lasting equivalent of the cross-Government counter-terrorism strategy—CONTEST —for dealing with hostile states. Will the Government commit to creating one?

Labour has proposed a joint cell between the Home Office and the Foreign Office to speed up decision making, share intelligence and expertise, and remove traditional barriers between Departments. Will the Government commit to creating one? They still have not amended terror legislation to allow the Government to ban hostile state-sponsored organisations that are undermining our national security. Will they commit to doing so? The Russia report has still not been fully implemented. Will the Government urgently update the House on when that will be completed?

This is not just about cyber-attacks and direct digital interference; it is about wider malign activity, including the use of artificial intelligence and deepfakes to seed false narratives, spread lies and foment divisions. That includes the widespread use of disinformation, misinformation and malinformation to undermine our democracy, through mainstream and social media, and other means. Labour has committed to urgently introducing binding regulation of companies developing the most powerful frontier AI, which could be used to disrupt elections. Will the Government commit to doing so too? Will they also commit to ensuring adequate resourcing for the National Cyber Security Centre, the intelligence agencies and the defending democracy taskforce?

I give the Minister every assurance that the Labour party will work in partnership and full co-operation with the Government and all relevant authorities to take every necessary step to address this threat and protect the integrity of our political process from hostile interference. As politicians from different parties, we have all stood united across the House against Putin’s imperial aggression in Ukraine. That unity is a source of strength and pride. In the face of these threats, this House must remain united, Britain must remain united and democracies must remain united in defence of our institutions and against those who seek to undermine the great values that our society is founded upon.

I am grateful for the tone and constructive content of the right hon. Gentleman’s response. He is right to say that 2024 is a bumper year of elections, involving some 70 elections and billions of people across 40 countries. This is a matter of trust and confidence, which is why we have made this statement now, to ensure that its full deterrent effect is properly timed.

The right hon. Gentleman asked whether we are confident that we have uncovered the full extent of the activity. We have a high degree of confidence with regard to this specific incident, but of course it is a question and our duty is to remain ever vigilant. The lesson of this sort of activity is that a higher degree of vigilance is necessary, and that is the posture that we now maintain in terms of any future activity.

I am grateful that the right hon. Gentleman welcomed the designation. Specific action has been taken by the NCSC, in accordance and together with House authorities, to ensure that all of the individuals affected have a higher degree of preventive measures in place. The posture of the House authorities, and the security offer available, have been enhanced. However, as I have said, it is a matter of improved vigilance on all sides. As for additional steps we might take, there is the collective deterrent impact of our naming and shaming these individuals and designating them in our sanctions, as well as the diplomatic effort to call Russia out, combined with personal cyber-security measures on behalf of individuals—those important steps that all colleagues need to take.

The right hon. Gentleman asked about the Whitehall structure in this area and pointed to his own policy of calling for a joint cell. We are confident that the defending democracy taskforce, led by the Security Minister, represents a robust and cross-departmental response. On the wider picture of disinformation, the right hon. Gentleman is right to say that we need to up our game to counter disinformation, call Russia out and better resource and energise our own security posture in the cyber domain. That has been done; there is an enhanced degree of resource, organisation and political will. This public statement today is part of the hugely important deterrent effect.

The Intelligence and Security Committee was one of the first to sound the alarm on this issue in its Russia report. More recently, we have highlighted the risk that China poses through interference in democratic discourse, for example, in think-tanks and universities. Will the Minister update the House on what action the Government are taking in response to the recommendations made in those two substantial reports?

My right hon. Friend makes a very good point. Clearly, this statement is about Russia, but she draws a comparison with the activity of China. That is an appropriate reference and I am pleased that in our domestic legislation we have the ability to ensure that countries with malign intent do not use think-tanks or other fronts to influence domestic political discourse in a way that is contrary to the health of our democracy.

I thank the Minister for prior sight of his statement. It makes for disturbing reading and I absolutely agree that Russia’s actions are completely unacceptable. That Members of this House and others have had their email accounts hacked is deeply concerning, but we know that this has happened before—indeed, it is probably happening right now—and we must accept that it will almost certainly happen again.

As the Minister said, Russia’s actions demonstrate a clear and persistent pattern of behaviour. Given that, have the Government considered making cyber-security training mandatory for all MPs and their staff? He will be aware of the belief that one of our weakest links in our cyber defences is our staff, who are constantly targeted by unscrupulous external actors. Although they are not House employees, it would be a reasonable precaution for MPs’ staff to receive in-house training on exactly what to look out for, how to avoid getting sucked into a trap and what they should do if they have even the slightest suspicion that they are being targeted.

Democracy is under attack. Just last week, the Canadian Government’s Communications Security Establishment released a new report on cyber threats to elections saying that at least a quarter of national elections around the world were targeted by some manner of threat, and that China and Russia were the most active countries and were launching increasingly sophisticated influence operations by spreading disinformation and seeking to push elections in a specific direction. Perhaps most worryingly, the Canadian report states in relation to AI undermining elections:

“We assess it very likely that the capacity to generate deepfakes exceeds our ability to detect them.”

With MPs facing having their emails hacked, the democratic process being undermined and the UK general election just around the corner, what are the Government doing to proactively defend the integrity of those elections, and when can the House expect to hear about it?

I am grateful for the hon. Gentleman’s comments and questions. He is absolutely right about the scale of the threat. Alongside our calling Russia out and describing the nature of the threat, it is important that we point out that Russia has failed in its intent to undermine our domestic politics. It was a genuine attempt that failed, and we are now more aware and resilient. That is why we are calling Russia out, but we should also be proud that the institutions of our democracy remain resilient. Russia has failed in its efforts and it will continue to fail because we will continue to call it out.

The hon. Gentleman made a very good point about staff training. I do not think we should mandate that, but we have worked on a much-enhanced offer to ensure that cyber-security is, root and branch, part of the normal working practice of MPs and staff. That offer has radically improved. The House authorities will continue to keep colleagues up to date. A higher degree of awareness in our working practice is very important and that is part of the rationale behind today’s statement.

I welcome my hon. Friend’s update. I am sure that I am not alone in having received a large number of template emails on particular subjects. When I have diligently written back to those individuals, they have said that they did not send the emails. It is quite clear that hostile actors are collecting our constituents’ email addresses and using them to subvert the democratic process. Will my hon. Friend take the message not only back to the Foreign Office, but across the House, that this needs to be investigated and stopped?

My hon. Friend makes a very good point. This practice, using emails to insert malware or to entice users to click on a malicious link, is sometimes extremely convincing. Staff have to deal with a great volume of such emails, which is why we are pleased that the House authorities have greater awareness. Staff should seek guidance from the House authorities on taking a more secure approach.

The Minister contributed to a very good debate in the UK-EU Parliamentary Partnership Assembly, which met in Westminster earlier this week, and touched on some of these issues. We are clearly dealing with hybrid warfare—there is no other phrase for it.

Although I commend the Minister for coming to the House to give us this information, the response of sanctioning two people seems rather mild. Will he say more about that? Will he also say something about the co-ordination across western democracies and allies on next year’s year of elections? We must all co-ordinate so that we can spot patterns in order to deal with this threat.

The hon. Lady should be reassured that, although today’s announcement pertains to two individuals, it is indicative of a huge and sustained institutional effort to tackle this threat by way of a vastly improved defensive cyber-capability right across our nation. Our global response is working hand in glove with Five Eyes partners, and there is a huge diplomatic and security effort to make sure this activity is called out and pursued. That is not just deterrence; it is also enhanced resilience. Although the number of individuals is small, the hon. Lady should be reassured that the institutional work is tremendously well resourced and entirely determined.

I thank the Minister for his statement. I am incredibly grateful to the Speaker’s Office, the Security Minister and the House authorities for their work to increase our awareness and to improve our protection within Parliament, but we are in a very privileged position. Frankly, the fabric of our society that is most at risk are those parts that do not have access to such information, whether they are small and medium-sized enterprises that supply critical national infrastructure, whether they are the parts of the economy that keep us going or, indeed, whether they are those who protect our elections. Will the Minister speak a little about what protections and information will be offered to them so that they can support us?

My hon. Friend makes a very good point. This affects us all. It not only affects parliamentarians or those in public life; it affects those in commerce. The National Cyber Security Centre has published guidance and is available to provide guidance to those businesses that need to ensure they have a higher degree of cyber- security and resilience, particularly those involved in, for example, critical national infrastructure.

This is a refreshing statement, but what action will be taken? This is a very serious challenge to our democracy. Indeed, it is not only a serious challenge to Members of Parliament. I know of a major takeover of a British company by a Chinese entity. The senior executives said that, when they attended meetings, the Chinese knew information about the company, its secrets and its background that they could have known only by illegal means. It is everywhere, and it is particularly coming from Russia, China and perhaps Iran and North Korea. Can we have action? Yes, we need to train our staff and Members of Parliament, but I was brainwashed as a child by the James Bond novels—maybe you were too, Madam Deputy Speaker. We have a wonderful intelligence system, but are our intelligence services up to the job? Do they need more resources?

The hon. Gentleman asks about action. It is a good question, and I can give a good answer: in terms of our domestic legislation, we are now thankfully in a position to ensure that foreign countries with malign intent cannot freely invest in critical national infrastructure without the permission and outside the purview of Ministers. Ministers have taken specific action to ensure that divestment has taken place in certain commercial entities where a national interest is at stake, and that will continue to be the case. The Government posture has altered radically in recent years, and we should all be encouraged by that.

The hon. Gentleman made a welcome reference to James Bond. Of course, it is the Government’s policy never to comment on the security services, but I can ensure the hon. Gentleman that they are up to speed and very well resourced.

This is shocking, but not at all surprising. We have heard before about possible interference in the Brexit referendum, and then we had the Russia report, which was not implemented. We are on the cusp of a general election—which may come sooner rather than later—so my question to the Minister is, what conversations are being had with the Electoral Commission and the political parties, because it is not just MPs we need to think about, but candidates? Also, what plans does he have to take a whole-of-society approach so that voters can build resilience, and our democratic process and the ballot are completely secure?

The hon. Lady makes a good point and asks a good question. The threat is significant, but I should reiterate that it has failed, which I think points to the resilience of our democratic institutions. That does not mean that we should not be eternally vigilant—we will be. That work involves all parties across the House and candidates. A lot of the preventive work is being carried out by the Defending Democracy Taskforce, which is specifically looking at this issue under the Security Minister. The hon. Lady should be reassured that they have the bit between their teeth.

I thank the Minister for his statement. What we have seen is malevolent behaviour, and I am glad to hear some of the Government’s plans. However, Labour is committed to establishing a democratic resilience centre, so can I press the Minister to ensure that the Government consider following our lead?

That work is already in place under the Defending Democracy Taskforce and the wholly re-energised and newly founded National Cyber Security Centre, established under this Government with tremendous resource and energy. Whatever we call it, there is now a significant effort to ensure that we deter these things and that MPs and everyone across the political spectrum are in a much more secure position.

As a new Member of this House, I obviously find this statement concerning. Will the Minister therefore outline some of the additional support that can be offered to new Members and their staff, particularly because there is a lot to navigate? There is an induction process, which I welcome because it has helped very much, but there was about 10 minutes on cyber-security, so it definitely could do with being updated.

The hon. Lady makes a good point, and she is absolutely right. An improved and enhanced offer is being worked up together with the House authorities. Cyber-security and cyber-hygiene should be a default daily practice. All colleagues should be aware of the offer, and it should be made available to all colleagues and staff.

I thank the Minister very much for his statement. Our Government have been prepping for cyber-warfare for some time. Indeed, the rationale behind lessening investment in recruitment into the armed forces has been that cyber-warfare is a bigger threat. That being the case, will the Minister confirm that the Government are prepared to act, should these newspaper claims have even a slither of truth? How can we send the message today that the UK is prepared to face the cyber-threat as readily as any other threat?

We are well placed. The threat is significant, and the risk to national resilience is significant in the cyber-age. The Deputy Prime Minister has led a huge amount of work on national resilience. Defensive cyber is an important part of that, and the National Cyber Security Centre has an important role to play. The challenge is huge, but the Government have covered a huge amount of ground. However, there is more work to do.