A Labour Party spokeswoman announced today that the party’s digital systems were targeted by a “sophisticated and large-scale cyber attack” but its robust security systems were successful in warding off the attack.
According to BBC, the Labour Party has reported the cyber attack to the National Cyber Security Centre. It quoted the spokeswoman to state that security procedures implemented by the Labour Party had “slowed down” some election campaign activities but they were now “back up to full speed“.
“We have experienced a sophisticated and large scale cyber attack on Labour digital platforms. We took swift action and these attempts failed due to our robust security systems.
“The integrity of all our platforms was maintained and we are confident that no data breach occurred.
“Our security procedures have slowed down some of our campaign activities, but these were restored this morning and we are back up to full speed. We have reported the matter to the National Cyber Security Centre,” the spokeswoman said.
Commenting on the cyber attack targeting the Labour Party’s digital systems, Corin Imai, senior security advisor at DomainTools, said that the cyber attack should be a significant concern to all voters in the UK regardless of their political viewpoints.
“During a General Election, it is imperative that the main political parties are all given a fair and impartial hearing, and considering the importance of digital campaigning in modern election cycles, a DDoS attack such as this could give other parties an advantage.
“While there is no indication of where this cyber attack comes from, and it is obviously encouraging that the Labour party said these attempts failed, the incident is an example of just how susceptible to cybercriminal activity our democratic process can be,” she added.
Carl Wearn, head of e-crime at Mimecast, said that given the particular targeting of this attack it is almost certain this is some form of hacktivism or hostile state-sponsored activity.
“Although still essentially criminal activity in its nature, given recent geopolitical events over the last few years, this attack could obviously well be aimed at exfiltrating sensitive information from the Labour parties infrastructure as we approach an election.
“I would urge them, and anyone suffering from a similar form of attack, to carefully review their logs and internal data for any indicators of compromise following such an attack to ensure that no long term compromise or data exfiltration has taken place,” he added.
Cyber attack targeting the Labour Party was a DDoS attack
According to Sky News’ Technology Correspondent Rowland Manthorpe, the cyber attack targeting Labour was a DDoS attack aimed at shutting down the party’s digital systems. Brian Higgins, security specialist at Comparitech.com, told TEISS that these types of attacks rely on directing large amounts of traffic at target websites to make them crash.
“They [DDoS attacks] don’t normally represent any threat to data or information and can be defended against and recovered from quite easily if the victim has robust cybersecurity policies in place. It’s hardly surprising that the Labour Party has been targeted given the current political landscape in the U.K.
“If anything this should serve as a warning to all the other parties and organisations responsible for the secure administration of our democracy to ensure they have their digital houses in order,” he added.
Piers Wilson, Head of Product Management at Huntsman Security, said that while there have been widespread attempts to manipulate elections and public opinion through hostile media and social media activity in the past, direct disruption or manipulation of the election process itself, news media or political parties could cause chaos, disruption or disinformation on a much larger scale.
“We must ensure that our elections – and our democracy – are secured from cybercriminals and other outside bodies looking to influence and subvert both the election and run-up to it. The announcement today may not be the last: all parties and other organisations must be ready to defend themselves from potential hackers to ensure that the election can take place in a fair and unbiased manner,” he added.