This initiative is a response to the concerted efforts by Russian intelligence and Chinese-affiliated hacking collectives to compromise UK institutions, eminent figures, and legislators.
The National Cyber Security Centre (NCSC) of the UK, an extension of the GCHQ intelligence body, is set to offer a Personal Internet Protection service to notable individuals deemed vulnerable to aggression from adversarial nations. According to security authorities, the personal and professional digital accounts of those involved in elections are likely coveted targets for these hostile entities.
In 2023, the UK government acknowledged that since at least 2015, a hacking faction associated with Russia's FSB security apparatus has been executing spear-phishing attacks against MPs across the political spectrum. Furthermore, in March 2024, revelations surfaced of a Chinese governmental hacking syndicate's campaign against the email accounts of over 40 UK parliamentarians, particularly those critical of China or affiliated with the Inter-Parliamentary Alliance on China (IPAC).
The NCSC is poised to extend an elective cyber defense service to MPs and other individuals at high risk, designed to issue alerts upon the detection of malevolent activities on their email accounts or devices. This service is underpinned by the NCSC's Protective DNS (PDNS) system, operational since 2017, which impedes access to harmful web domains, including those associated with phishing, spyware, and malware.
The World Economic Forum, in January 2024, pinpointed the menace of election disruptions by antagonistic nation-states as a prime global threat. Jonathon Ellison, the NCSC's Director for National Resilience and Future Technology, remarked, "Key figures in our democratic process are prime targets for cyber adversaries intent on disrupting or subverting our open and free society."
The NCSC has disseminated advisories to civil society factions—journalists, activists, scholars, legal professionals, and dissidents—warning of potential targeting by malevolent cyber entities. The NCSC's Protective DNS service, widely utilized by public sector entities, currently processes in excess of 2.5 trillion site requests and thwarts access to around 1.5 million nefarious domains.