The news that the UK Labour Party has been hit by a distributed denial of service (DDoS) attack, described as a “sophisticated and large-scale cyberattack” by the political party, has been hailed as a concern for the entire country.
Labour confirmed the DDoS attack, where attackers direct vast amounts of traffic to digital services in an attempt to cripple them, saying that it had reported it to the National Cyber Security Centre and that no data had been breached.
“We have experienced a sophisticated and large-scale cyberattack on Labour digital platforms,” said a Labour Party spokeswoman of the incident.
“We took swift action and these attempts failed due to our robust security systems. The integrity of all our platforms was maintained and we are confident that no data breach occurred.”
Labour also confirmed that the security procedures it was forced to enact had slowed the pace of some election campaign activities, but that these were now “back up to full speed”.
Labour DDoS attack: An attack on the democratic process?
While some of those campaigning against Labour may be pleased by the news, cybersecurity experts have warned that the attack is a blow to UK democracy, not just the party.
“This should be a significant concern to all voters in the UK regardless of their political viewpoints. During a General Election, it is imperative that the main political parties are all given a fair and impartial hearing, and considering the importance of digital campaigning in modern election cycles, a DDoS attack such as this could give other parties an advantage,” said Corin Imai, senior security advisor at DomainTools.
“While there is no indication of where this cyberattack comes from, and it is obviously encouraging that the Labour party said these attempts failed, the incident is an example of just how susceptible to cybercriminal activity our democratic process can be.”
Given the risk, experts have not expressed surprise at the incident.
“It’s hardly surprising that the Labour Party has been targeted given the current political landscape in the UK,” said Brian Higgins, security specialist at Comparitech.com.
“If anything this should serve as a warning to all the other parties and organisations responsible for the secure administration of our democracy to ensure they have their digital houses in order.”
The world of politics has been increasingly under threat from cyberattacks, with government departments, political parties and even voting systems under threat.
“In recent elections around the world, we’ve seen how cyber warfare has begun to take a more prominent role. Be that to manipulate voters through digital propaganda, attempts at leaking confidential information, or as in today’s case, making services unavailable through an apparent DDoS attack,” said Javvad Malik, security awareness advocate at KnowBe4.
Political parties need to not just implement good security across their platforms, but also ensure members are trained up on best practices so as to not fall victim to phishing attacks, or inadvertently leak sensitive information.