British Elections: Labour Party Suffers Second Attack

The UK Labour Party election campaign has experienced two sophisticated and large-scale cyberattacks by hackers on its digital platforms this week. Labour is reportedly suffering a second cyber-attack after saying it successfully thwarted one on Monday 11th November. The party says it has "ongoing security processes in place" so users "may be experiencing some differences", which it is dealing with "quickly".

The Distributed Denial of Service (DDoS) attack floods a computer server with traffic to try to take it offline. Earlier, a Labour source said that attacks came from computers in Russia and Brazil.

The first attack was reported to the National Cyber Security Centre on Monday. A Labour spokeswoman had said the first cyberattack had ‘failed’ because of the party’s ‘robust security systems’ and that they were confident that no data breach occurred. Labour sources have confirmed it was targeted by a so-called distributed denial-of-service (DDoS) attack, one of the most common forms of cyberattack.

In a DDoS attack hackers flood a target’s online platforms with traffic from various sources, with the aim of slowing down access or causing websites to crash.

In a statement, Labour said: ‘We have experienced a sophisticated and large-scale cyberattack on Labour digital platforms. We took swift action and these attempts failed due to our robust security systems....The integrity of all our platforms was maintained and we are confident that no data breach occurred....Our security procedures have slowed down some of our campaign activities, but these were restored this morning and we are back up to full speed….We have reported the matter to the National Cyber Security Centre.’

Security experts believe that these types of attacks are usually carried out by a group of cyber criminals or a nation state. The last general election in 2017 was disrupted by the worldwide WannaCry attack, which hit hundreds of NHS trusts and GP practices, leading to thousands of appointments and operations being cancelled.

The NCSC subsequently attributed the attack to a shadowy North Korean crime organisation known as the Lazarus group

Following reports of a second cyber-attack, a Labour Party spokesperson said: "We have ongoing security processes in place to protect our platforms, so users may be experiencing some differences. We are dealing with this quickly and efficiently."

NCSC:         Metro:          BBC:     

You Might Also Read: 

Three In Five Politicians’ Websites Don’t Use Cyber Security:

Hackers Came, But the French Were Prepared:

 

 

« Closing The Skills Gap Starts At School
The Future Of Cybersecurity Jobs »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Advent IM

Advent IM

Advent IM is one of the UK’s leading independent cyber security specialists, with a unique approach to providing holistic security management solutions.

BSI Group

BSI Group

BSI is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence

Thales

Thales

Thales provides solutions, services and products that help its customers in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions.

Resilience First

Resilience First

Resilience First is a not-for-profit organisation, led and funded by business to strengthen collective business resilience in all areas, including cyber security.

SaferVPN

SaferVPN

SaferVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Wipro

Wipro

Wipro Limited is a leading global information technology, consulting and business process services company.

HCL Technologies

HCL Technologies

HCL offer an integrated portfolio of products, solutions and services built around Digital, IoT, Cloud, Automation, Cybersecurity, Analytics, Infrastructure Management and Engineering Services.

META-Cyber

META-Cyber

META-cyber was founded by engineers with experience in process and control-protection to provide cyber security for industrial infrastructure.

tru.ID

tru.ID

We’re tru.ID, and we're reimagining mobile authentication, one API at a time.

EDGE Group

EDGE Group

EDGE is one of the world’s leading advanced technology groups, established to develop agile, bold and disruptive solutions for defence and beyond.

Fusion Cyber

Fusion Cyber

Fusion Cyber educates students in Zero Trust Risk Management, Defense, and Cyber Offense that lead to taking industry-accepted cybersecurity certifications.

Cybalt

Cybalt

Cybalt is a security services company that provides end-to-end security solutions to help clients achieve their business goals.

ASRC Federal

ASRC Federal

ASRC Federal’s mission is to help federal civilian, intelligence and defense agencies achieve successful outcomes and elevate their mission performance.

BluTinuity

BluTinuity

BluTinuity is a premier management consulting firm with a passion for information security, business continuity, incident response, disaster recovery, and HIPAA security.

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Auto-ISAC provides a forum for companies to analyze and identify threats sooner and share solutions that enhance vehicle cybersecurity.

SPYROS Information & Technology Consulting

SPYROS Information & Technology Consulting

SPYROS specializes in providing highly qualified professionals in Computer Network Operations, Signals Intelligence, Technical Training and Certifications, Network Administration and Security.