Cyber attacks against democratic elections could rob governments of their legitimacy and more must be done to deter the threat, the foreign secretary is expected to say today.
Jeremy Hunt will warn that hostile states view free elections as key vulnerabilities as he sets out a plan to raise the cost to perpetrators of deploying cyber weapons, according to extracts of a speech he is due to give in Glasgow.
He will say that while Britain has seen no evidence of successful interference in its polls, adversaries seek to use cyberspace to undermine democracies.
The freedom to pass judgement on your leaders and change your government peacefully, through the ballot box, is the defining quality of a liberal democracy. Millions of people have made immense sacrifices for the sake of that essential liberty, Mr Hunt is set to say.
Events have demonstrated how our adversaries regard free elections – and the very openness of a democratic system – as key vulnerabilities to be exploited…. authoritarian regimes possess ways of undermining free societies that yesterday’s dictators would have envied.
He is due to add: For every example of publicly attributed interference, there have been others that never saw the light of day…the implications are profoundly disturbing.
At a minimum, trust in the democratic process is seriously undermined. But in a worst case scenario, elections could become tainted exercises, robbing the governments they produce of legitimacy.
His comments emerged after Sky News revealed the National Crime Agency is leading an investigation into a suspected cyber attack on a British institute that seeks to counter Russian disinformation.
Whitehall sources said it is highly likely that Russia’s military intelligence service (the GRU) carried out the hack-and-leak of files from the little-known Institute for Statecraft.
The move may have been in response to Britain implicating the GRU in the Salisbury spy poisoning last year and pledging to shine a light on the agency’s covert activities, they said.
The foreign secretary will say that Britain seeks to discover which country or individual was behind any malign cyber activity and defeat any attempts to hide their tracks.
That could include naming and shaming the perpetrator in public, in concert with our allies, exposing not only who carried out the action but, so far as possible, how it was done, thereby helping the cyber security industry to develop protective measures, he will say.
We will aim to prosecute those who conduct cyber crimes, demonstrating they are not above the law.
Mr Hunt will set out four principles behind a doctrine of deterrence to make sure potential attackers realise they could be punished economically and diplomatically as well as being named and shamed.
The UK has become increasingly willing to attribute cyber attacks publicly.
In October Britain and other allies named the GRU for a series of cyber attacks, including against the World Anti Doping Agency and the Democratic National Congress.
On the same day, the Netherlands and UK exposed an attempt by the GRU to hack the world chemical weapons watchdog at the time the Organisation for the Prohibition of Chemical Weapons (OPCW) was examining samples from the Salisbury poisoning.
Mr Hunt is expected to highlight a decision by the European Union to create a new sanctions regime to punish cyber attacks.
After Brexit, the UK will be able to impose cyber-related sanctions on a national basis, he will say.
Britain’s offensive cyber capabilities provided by GCHQ and the Ministry of Defence will be mentioned in terms of their cyber operations against Islamic State.
The foreign secretary will also announce an increase in the number of so-called cyber attaches – diplomats who work with governments on cyber issues.