British Elections: Labour Party Suffers Second Attack

The UK Labour Party election campaign has experienced two sophisticated and large-scale cyberattacks by hackers on its digital platforms this week. Labour is reportedly suffering a second cyber-attack after saying it successfully thwarted one on Monday 11th November. The party says it has "ongoing security processes in place" so users "may be experiencing some differences", which it is dealing with "quickly".

The Distributed Denial of Service (DDoS) attack floods a computer server with traffic to try to take it offline. Earlier, a Labour source said that attacks came from computers in Russia and Brazil.

The first attack was reported to the National Cyber Security Centre on Monday. A Labour spokeswoman had said the first cyberattack had ‘failed’ because of the party’s ‘robust security systems’ and that they were confident that no data breach occurred. Labour sources have confirmed it was targeted by a so-called distributed denial-of-service (DDoS) attack, one of the most common forms of cyberattack.

In a DDoS attack hackers flood a target’s online platforms with traffic from various sources, with the aim of slowing down access or causing websites to crash.

In a statement, Labour said: ‘We have experienced a sophisticated and large-scale cyberattack on Labour digital platforms. We took swift action and these attempts failed due to our robust security systems....The integrity of all our platforms was maintained and we are confident that no data breach occurred....Our security procedures have slowed down some of our campaign activities, but these were restored this morning and we are back up to full speed….We have reported the matter to the National Cyber Security Centre.’

Security experts believe that these types of attacks are usually carried out by a group of cyber criminals or a nation state. The last general election in 2017 was disrupted by the worldwide WannaCry attack, which hit hundreds of NHS trusts and GP practices, leading to thousands of appointments and operations being cancelled.

The NCSC subsequently attributed the attack to a shadowy North Korean crime organisation known as the Lazarus group

Following reports of a second cyber-attack, a Labour Party spokesperson said: "We have ongoing security processes in place to protect our platforms, so users may be experiencing some differences. We are dealing with this quickly and efficiently."

NCSC:         Metro:          BBC:     

You Might Also Read: 

Three In Five Politicians’ Websites Don’t Use Cyber Security:

Hackers Came, But the French Were Prepared:

 

 

« Closing The Skills Gap Starts At School
The Future Of Cybersecurity Jobs »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

International Organization for Standardization (ISO)

International Organization for Standardization (ISO)

ISO is an independent, non-governmental international standards organization. The ISO/IEC 27001 is the standard for information security management systems.

Backup Systems

Backup Systems

Backup Systems is a leading backup and disaster recovery systems provider across the UK.

Cyber Threat Intelligence Network (CTIN)

Cyber Threat Intelligence Network (CTIN)

CTIN provides cyber threat intelligence services including training, platform evaluation, ISAC/ISAO systems development and counter botnet operations.

Foresite

Foresite

Foresite is a global service provider, delivering a range of managed security and consulting solutions.

ClearDATA

ClearDATA

The ClearDATA Managed Cloud protects sensitive healthcare data using purpose-built DevOps automation, compliance and security safeguards, and healthcare expertise.

Zeneth Technology Partners

Zeneth Technology Partners

Zeneth is a consulting firm providing information technology and cybersecurity services to federal and commercial clients.

PlainID

PlainID

PlainID provides IAM teams with a simple and intuitive means to control their organization’s entire authorization process.

Cyber Struggle

Cyber Struggle

At Cyber Struggle, our aim is training and certifying the special forces of the cyber world.

Mosaic 451

Mosaic 451

Mosaic451 is a bespoke IT managed services provider and consultancy specializing in information security, operations and design.

Crypto Valley Association

Crypto Valley Association

Crypto Valley Association is an independent, government-supported association established to build the world’s leading blockchain and cryptographic technologies ecosystem.

Echosec Systems

Echosec Systems

Echosec Systems is a data discovery company delivering social media and dark web threat intelligence. Our web based security software delivers critical information for situational awareness.

Audea

Audea

Audea is a consultancy firm specialising in cybersecurity, risk and compliance. We provide professional services addressing all areas of Cybersecurity and GRC.

AnaVation

AnaVation

AnaVation is a trusted partner delivering high-value, cost-effective solutions that solve the most complex technical and analytical problems for our customers.

UncommonX

UncommonX

UncommonX offers enterprise-class cybersecurity protection for mid-size organizations by combining adaptive threat and intelligence software with 24/7 industry experts.

MedSec

MedSec

MedSec is the only company of its type focused solely on cybersecurity for hospitals and medical device manufacturers, offering both a cybersecurity software solution and consulting services.

SquareX

SquareX

Squarex secures your online activities without compromising productivity.