Labour reveals large-scale cyber-attack on digital platforms
The Labour party has experienced a “sophisticated and large-scale cyber-attack” on its digital systems from an unknown source, it has said, adding that it is confident its security systems ensured there was no data breach.
Party officials have reported the attack, which took place on Monday, to the National Cyber Security Centre, the government agency that supports and advises organisations on such incidents.
Labour has not said which digital platforms were targeted, but it is understood some of them were election and campaigning tools, which would contain details about voters. The party has sent a message to campaigners to say what happened, and to explain why the systems were working slowly on Monday.
A party spokeswoman said: “We have experienced a sophisticated and large-scale cyber-attack on Labour digital platforms. We took swift action and these attempts failed due to our robust security systems. The integrity of all our platforms was maintained and we are confident that no data breach occurred.
“Our security procedures have slowed down some of our campaign activities, but these were restored this morning and we are back up to full speed. We have reported the matter to the National Cyber Security Centre.”
Whitehall sources said the initial indications were that the attack was carried out by a “non-state actor”.
The party sent a message to campaigners to tell them what happened, and to explain why systems were working slowly on Monday.
In the message, the party’s head of campaigns, Niall Sookoo, wrote: “Yesterday afternoon our security systems identified that, in a very short period of time, there were large-scale and sophisticated attacks on Labour party platforms which had the intention of taking our systems entirely offline.
“Every single one of these attempts failed due to our robust security systems and the integrity of all our platforms and data was maintained. I would I like to pay tribute to all the teams at Labour HQ who identified this risk and acted quickly to protect us.”
The party was reportedly targeted by a distributed denial of service (DDoS) attack, which uses “botnets”, networks of compromised computers, to flood a server with requests and overwhelm it.
Such attacks can vary in sophistication, but are generally easily mitigated. Web records show Labour is a customer of Cloudflare, which provides DDoS protection services to a large proportion of the web. The company protects customers from DDoS attacks by providing extra capacity as needed, filtering traffic so that only legitimate requests are dealt with, and storing “cached” versions of websites on its own servers.
Even when DDoS attacks succeed, they rarely have implications beyond enforced downtime, as the target waits for the attack to end, or secures extra bandwidth to deal with the new traffic. At their simplest, DDoS attacks can be hard to distinguish from legitimate traffic spikes, as when cinema websites collapse on the release of a new film.
DDoS attacks are cheap to pull off. Multiple criminal actors offer “DDoS as a service”, selling time on their botnets. One report from 2017 found a 300-sec attack, with a total bandwidth of 125Gbps, could be purchased for €5; a longer attack, aimed at knocking a website offline for an hour, for €90. Others were even cheaper, offering three hours of downtime for $60.
Brian Higgins, a security specialist at Comparitech.com, said the attacks “don’t normally represent any threat to data or information and can be defended against and recovered from quite easily if the victim has robust cybersecurity policies in place. It’s hardly surprising that the Labour party has been targeted given the current political landscape in the UK.”