British Elections: Labour Party Suffers Second Attack

The UK Labour Party election campaign has experienced two sophisticated and large-scale cyberattacks by hackers on its digital platforms this week. Labour is reportedly suffering a second cyber-attack after saying it successfully thwarted one on Monday 11th November. The party says it has "ongoing security processes in place" so users "may be experiencing some differences", which it is dealing with "quickly".

The Distributed Denial of Service (DDoS) attack floods a computer server with traffic to try to take it offline. Earlier, a Labour source said that attacks came from computers in Russia and Brazil.

The first attack was reported to the National Cyber Security Centre on Monday. A Labour spokeswoman had said the first cyberattack had ‘failed’ because of the party’s ‘robust security systems’ and that they were confident that no data breach occurred. Labour sources have confirmed it was targeted by a so-called distributed denial-of-service (DDoS) attack, one of the most common forms of cyberattack.

In a DDoS attack hackers flood a target’s online platforms with traffic from various sources, with the aim of slowing down access or causing websites to crash.

In a statement, Labour said: ‘We have experienced a sophisticated and large-scale cyberattack on Labour digital platforms. We took swift action and these attempts failed due to our robust security systems....The integrity of all our platforms was maintained and we are confident that no data breach occurred....Our security procedures have slowed down some of our campaign activities, but these were restored this morning and we are back up to full speed….We have reported the matter to the National Cyber Security Centre.’

Security experts believe that these types of attacks are usually carried out by a group of cyber criminals or a nation state. The last general election in 2017 was disrupted by the worldwide WannaCry attack, which hit hundreds of NHS trusts and GP practices, leading to thousands of appointments and operations being cancelled.

The NCSC subsequently attributed the attack to a shadowy North Korean crime organisation known as the Lazarus group

Following reports of a second cyber-attack, a Labour Party spokesperson said: "We have ongoing security processes in place to protect our platforms, so users may be experiencing some differences. We are dealing with this quickly and efficiently."

NCSC:         Metro:          BBC:     

You Might Also Read: 

Three In Five Politicians’ Websites Don’t Use Cyber Security:

Hackers Came, But the French Were Prepared:

 

 

« Closing The Skills Gap Starts At School
The Future Of Cybersecurity Jobs »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Aurec

Aurec

Aurec provides specialist recruitment and contracting services including ICT professionals.

Infiltrate

Infiltrate

INFILTRATE is a deep technical conference that focuses entirely on offensive security issues.

Forensic Control

Forensic Control

Forensic Control specialise in providing simple & straightforward Cyber Security to organisations, helping them assess, prevent and respond to cyber threats.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

Vintegris

Vintegris

Vintegris are a Certification Authority and manufacturer of innovative systems and applications for the full cycle of digital identity.

Magtech Solutions

Magtech Solutions

Magtech Solutions is a one-stop IT Solutions provider offering Cloud Computing, IT Security, Unified Email Solutions and ERP systems.

Ascend Technologies

Ascend Technologies

Ascend Technologies offers a full suite of managed IT services including: Cloud & Infrastructure Management, Cybersecurity Management, Service Desk Management, Application Management , Data Management

Tetrad Digital Integrity (TDI)

Tetrad Digital Integrity (TDI)

TDI is a world-class consulting firm offering cybersecurity services to government agencies and commercial clients around the world.

ThreatReady Resources

ThreatReady Resources

ThreatReady reduces an organization’s risk by delivering cyber security awareness training based on the latest, state-of-the-art learning science to effectively drive long-term cyber-safe behavior.

OWN

OWN

OWN (formerly SEKOIA) is a major French player in cybersecurity providing tailor-made, informed and adapted cyber support thanks to its DNA of passionate and committed experts.

Cipher

Cipher

Founded in 2000, Cipher is a global cybersecurity company that delivers a wide range of Managed Security Services.

Nitrokey

Nitrokey

Nitrokey is the world-leading company in open source security hardware. Nitrokey develops IT security hardware for data encryption, key management and user authentication.

Byos

Byos

Byos provides visibility of devices across all networks, regardless of location, integrating with your existing security stack.

Torq

Torq

Torq's no-code automation modernizes how security & operations teams work with easy workflow building, limitless integrations and numerous pre-built templates.

Stacklok

Stacklok

Stacklok are an Open Source first security company enabling safe Open Source Software consumption.

2021.AI

2021.AI

2021.AI serves the growing business need for full oversight and management of applied AI.