Home sci-tech General election 2019: Labour Party hit by second cyber-attack


General election 2019: Labour Party hit by second cyber-attack

by ace
General election 2019: Labour Party hit by second cyber-attack

Media playback is not supported on your device.

Media caption Jeremy Corbyn: "A cyber attack on a political party in an election is suspect"

The work is undergoing a second cyber attack after saying it successfully foiled one on Monday.

The party says it has "security processes in place" so users "may be facing some differences" that it is dealing with "quickly".

The Distributed Denial of Service (DDoS) attack floods a trafficking computer server to try to take it offline.

BBC's Gordon Corera was informed that Monday's attack was not linked to a state.

Earlier, a Labor source said the attacks came from computers in Russia and Brazil.

Our security correspondent said he was informed that the first attack was a low-level incident – not a sophisticated, large-scale attack.

A spokesman for the National Cybersecurity Center said the Labor Party had followed the correct procedure and briefly notified them of Monday's cyber attack, adding: "The attack was unsuccessful and the incident is over."

Meanwhile, Labor denied that there was a data breach or security breach in its systems after the Times reported that the party's website had exposed the names of online donors.

  • Live: Latest Election News
  • Cyber ​​attacks against British companies 'bounce' in 2019

Following reports of a second cyber attack, a Labor Party spokesman said: "We have security processes in place to protect our platforms so that users may be facing some differences. We are dealing with it quickly and efficiently."

DDoS attacks direct large amounts of Internet traffic to a target in an effort to overload computer servers, causing software failure.

They are usually performed through a network of hijacked computers and other Internet-connected devices known as botnet.

Owners of whom may not be aware that their equipment is involved.

DDoS attacks are usually not recognized as hack as they do not involve hacking into systems of a target to insert malware.

They can vary in sophistication and size and are sometimes used as a deflection tactic to carry out a more damaging radar attack.

Several companies provide services to repel DDoS attacks, but they can be expensive.

The BBC has confirmed that Labor is using software from technology company Cloudflare to protect its systems.

The US company is proud to have 15 times the network capacity of the largest DDoS attack ever, meaning it should be able to absorb any deluge of data directed at one of its customers.

BBC policy correspondent Jessica Parker said Labor Connects, a tool for activists to design and print materials, was discontinued on Monday and was "closed for maintenance" on Tuesday morning.

A message on the site on Monday said it was having problems "due to the high volume of users".

Media playback is not supported on your device.

Explained: What is a DDoS Attack?

Labor leader Jeremy Corbyn said Monday's cyber attack was "very serious" and "suspicious" because it occurred during an election campaign.

"If this is a sign of things to come, I feel very nervous about it," he said.

In a letter to Labor activists, Niall Sookoo, the party's executive director of elections and campaigns, said: "Yesterday afternoon, our security systems identified that in a very short period of time there were sophisticated and large-scale attacks on the Labor Party platforms that were intended to take our systems completely offline.

"All these attempts have failed due to our robust security systems and the integrity of all our platforms and data has been maintained."

Labor Secretary General Jennie Formby said on Twitter that the attack was a "real concern" but added that she was proud of the party team that "took immediate action to ensure our systems and data are secure."

Emily Orton of Darktrace, a cyber intelligence company, told The Radio at One of BBC 4: "Really, this is the tip of the iceberg in terms of the kinds of threats that not only the Labor Party but all politicians without. no doubt the parties experiment daily ".

"I think anyone involved in politics and government needs to be preparing for much more stealthy and sophisticated attacks than that," he added.

Donor Leak

Image copyright
Labor Party

By Leo Kelion, Desktop Technology Editor

The Times revealed that Labor exposed the names of people who donated money through an online tool.

Details can be found through a web RSS feed generated by the site code, which most browsers provide a way to inspect.

In most cases the information was limited to donor names and sums provided.

But as some people mistakenly added their last name to their first name inbox, this was also reported.

Labor denies that this represented a security breach or that a reportable data breach occurred. He also believes that only a small number of full names have been exposed.

However, he made changes to turn off the RSS feed last night.

"The Labor Party takes its responsibilities for data protection very seriously," said a spokesman.

"If concerns arise, we evaluate them in accordance with our responsibilities under the General Data Protection Regulation (GDPR) and the Data Protection Act."

The Information Commissioner's Office told the BBC: "We will not comment publicly on all issues raised during the general election.

"However, we will be closely monitoring how personal data is being used during political campaigns and ensuring that all parties and campaigns are aware of their responsibilities."

Over the next five weeks, we want to help you understand the issues behind the headlines.

Stay up to date with the big questions in our newsletter, Out of the Box.

Sign up for our 2019 election newsletter here.


Related Articles

Leave a Comment

4 − one =

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More