Labour Party experiences 'sophisticated and large scale cyber attack'

12 November 2019, 10:17

File photo: The Labour Party was subject to the failed attack on Tuesday
File photo: The Labour Party was subject to the failed attack on Tuesday. Picture: PA

By Megan White

The Labour Party has experienced a "sophisticated and large scale cyber attack.”

A spokeswoman said the attack on the party’s digital platforms had "failed" because of "robust security systems" and that they were confident that no data breach occurred.

They have reported the matter to the National Cyber Security Centre.

Some campaigning activities were temporarily slowed, but the systems were back up to speed by Tuesday morning.

The spokeswoman said: "We have experienced a sophisticated and large scale cyber attack on Labour digital platforms.

"We took swift action and these attempts failed due to our robust security systems. The integrity of all our platforms was maintained and we are confident that no data breach occurred.

"Our security procedures have slowed down some of our campaign activities, but these were restored this morning and we are back up to full speed.

"We have reported the matter to the National Cyber Security Centre."

Labour sources later confirmed it was a so-called distributed denial-of-service (DDoS) attack - one of the most common forms of attack - although they would not comment on who they thought might be responsible.

In a DDoS, hackers flood a target's online platforms with traffic from various sources, with the aim of slowing down access or causing websites to crash.

Brian Lord, Managing Director of cyber security company PGI & former Deputy Director of GCHQ, told LBC's James O'Brien: “The phrase cyber attack is generally a phrase designed specifically to create that frisson of fear that you and a lot of people hear.

“I don’t think it’s a very helpful description at all because as you say, they can go from low-level vandalism all the way up to activities which can cover almost a state of war and everything that sits in between.

“I think in that sense it’s not helpful and I think it’s important for everybody to understand what different types mean.”

He continued: “Looking at the description of what’s been made available this morning, it’s what is called a distributed denial-of-service (DDoS) attack, which is simply aimed at disabling the functionality of either websites or systems by flooding them with so much traffic that it ceases to operate.

“In layman’s terms, just imagine trying to get a thousand people through a single door at the same time and translate that upwards. It’s simply intended to disable capability.

“Now, I’ve heard the phrase “sophisticated” being used in the media – this is a not a sophisticated attack.

“Just about anybody with any basic understanding of how the internet works can do it, and in fact even if you wanted to do it but didn’t know how to, you can pay somebody to do it.

“In and of itself it’s not a sophisticated attack, in terms of how it was dealt with, the Labour Party have quite plainly got some kind of protection in place which does what is called load balancing, which tends to move the data around so it doesn’t have an effect, but may slow systems down a little bit and that’s what appears to have happened.

“So at one level, I don’t see this as being a sophisticated attack – it could have actually been done by anybody."