Former GCHQ chief explains 'cyber attack' on Labour to James O'Brien

12 November 2019, 12:15

The Labour Party says it was targeted in a "large-scale and sophisticated cyber attack" - and a former GCHQ chief explained what this actually means.

Managing Director of cyber security company PGI & former Deputy Director of GCHQ, Brian Lord, explained 'cyber attacks' to James O'Brien.

Lord said: "The phrase cyber attack is generally a phrase designed specifically to create that frisson of fear that you and a lot of people hear and I don't think it's a very helpful description at all because, as you say, they can go from what I consider to be low-level vandalism all the way up to activities which can cover almost a state of war and everything that sits in between.

So I think, in that sense, it's not helpful. Therefore it's important, I think, for everybody to understand what different types mean."

James O'Brien asked how likely it is that the 'malicious online activity' is state-sanctioned.

Lord replied: "Yes, of course there is state-sponsored attack just as there is any other type.

"I think looking at the description of what's been made available morning is that it's what's called a distributed denial of service attack, which is simply aimed at disabling the functionality of either websites or systems by flooding them with so much traffic that it ceases to operate.

In layman's terms, just imagine trying to get 1000 people through a single door at the same time and translate that upwards."

Former GCHQ chief explains 'cyber attack' on Labour to James O'Brien
Former GCHQ chief explains 'cyber attack' on Labour to James O'Brien. Picture: PA

Lord took issue with Labour referring to it as a "sophisticated" attack.

He said: "Even if you wanted to do it but didn't know how to, you can pay somebody to do it."

Clearly, he argued, Labour had protection in place that does "load balancing".

James asked who could have done this and why.

Lord said: "So what kind of people do this? So first of all, there are people who just don't like another entity and therefore decide they want to mess up how they operate.

"Sometimes criminals will do it in a kind of if you pay a certain amount of money we'll stop doing it.

"But the other interesting point, which I think is why it's still a good question, is some organisations including more sophisticated actors will use a basic denial of service attack as a masquerade for have a slightly more sinister motives.

"So quite often they will tie up resources in one area while they perhaps take data out or carry out other activity and I think when the Labour Party say 'we are satisfied that no data is being breached, I think they probably need to probably do enough investigation to make sure this denial of service wasn't in fact simply a diversionary tactic for other things.

"But at this point, it's very difficult to know it could be any number of malicious cyber attackers.

It's a very, very common thing. About 500,000 attacks like this happen every day."