Rishi Sunak
Prime Minister Rishi Sunak in London on April 19, 2024. Image: Number 10 / Flickr / Simon Walker

GCHQ to protect UK election candidates’ phones from cyberattacks

BIRMINGHAM, United Kingdom — Britain’s National Cyber Security Centre (NCSC) launched a new service on Wednesday to prevent cyberattacks targeting the mobile phones of high-risk individuals.

The launch of the Personal Internet Protection (PIP) service comes amid a growing trend of attacks targeting personal devices. It will be offered to a range of potential "high-risk" targets, including parliamentary candidates standing in the general election expected later this year. 

“High-risk individuals include those working in political life (including elected representatives, candidates, activists and staffers), academia, journalism and the legal sector,” the NCSC said.

It will work similarly to the NCSC’s Protective Domain Name Service (PDNS), a recursive DNS resolver operated by the agency and delivered by Cloudflare, currently used to prevent cyberattacks on public-sector networks.

The new system will provide “an extra layer of security on personal devices” by configuring the enlisted users’ devices to use a DNS server that prevents outgoing traffic from connecting to suspect domains.

Alongside insulating political candidates’ phones from connecting to the command and control servers used by spyware operators, the service will warn high-risk individuals if they attempt to visit a known malicious domain.

The PDNS system builds a list of malicious domains to block based on a range of intelligence feeds collected by the NCSC, which is a part of signals intelligence agency GCHQ, including from sensitive sources only available to the security agencies.

The NCSC has warned that the personal accounts of political candidates and election officials — alongside their official work accounts — are “almost certainly attractive targets for cyber actors looking to carry out espionage operations.”

It follows the British government recently warning about malicious activity from hackers working for the Russian intelligence services or affiliated with China targeting British institutions and individuals.

In February, it was found that members of the European Parliament’s Subcommittee on Security and Defense were the targets of suspected phone hacking.  In April, Apple reportedly notified users in 92 countries about mercenary spyware attacks targeting their mobile devices.

Jonathon Ellison, the NCSC’s director for national resilience, said: “Individuals who play important roles in our democracy are an attractive target for cyber actors seeking to disrupt or otherwise undermine our open and free society.

“In this significant year of elections around the world, I urge individuals eligible for our services to sign up and to follow our guidance now to bolster their defences.”

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Alexander Martin

Alexander Martin

is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.