The Labour cyberattack: What happened and where did it come from?

Cyberattacks took place during election in the US and France.
Cyberattacks took place during election in the US and France.

By Ray Walsh

The Labour party has suffered what it has called a sophisticated cyberattack on its computer systems. The hack, which was thwarted thanks to the party's robust cybersecurity systems, is believed to have been an attempt to shut down its online services - including its ability to coordinate campaign activities.

For the time being, it is not known who was behind the attack. However, reports coming from within Labour claim that the party has experienced a sudden explosion in the number of attacks that its systems are having to deal with. This is raising concerns that cyberattacks may now be ramping up in the run-up to the general election.

This latest attack was carried out by unknown hackers leveraging a large botnet to carry out a DDoS attack on Labour's systems. DDoS attacks are designed to take internet-connected systems offline by flooding them with requests for data. Based on the servers behind the attacks it would appear the majority originated in Russia and Brazil.


By leveraging a Botnet made up of thousands of compromised devices around the world, hackers had hoped to seriously disrupt Labour's online presence. If successful, the cyberattack could have resulted in Labour's servers being overloaded and put offline. As a result of which, MPs and constituents would have been locked out of being able to access crucial campaign resources.

Most concerning of all, these kinds of attacks are often used by cybercriminals to conceal more damaging intrusions. This means that if these efforts were successful, hackers could potentially have used the DDoS attack as a decoy to distract from another deeper hack.

While the DDoS attack appears to have been dealt with successfully thanks to protection provided by CloudFlare - the attack appears to form part of a much larger cyber campaign focussing its efforts on Labour.

In July, hackers attempted to portray the Labour party as institutionally racist and antisemitic when they attacked an official party Twitter account.

This isn't the first time hackers have attempted to swing a major election by smearing a major political party. During the 2016 US election campaign, a hacker going by the pseudonym Guccifer 2.0 disseminated documents purportedly hacked from the Democratic National Committee.

Many of those documents were later proven to have been fabricated and contained huge amounts of disinformation designed to seed doubt and deceive voters.

Similarly, in 2017, presidential candidate Emmanuel Macron was hacked on the eve of the French elections in what many believe was an attempt to undermine his hopes of becoming president. Those previous events are a reminder of the potential for hacking and data leaks to be used to influence the results of an election - even if potentially no real sensitive data is stolen at all.

While the recent allegations claim that the cyberattack originated in Brazil and Russia, it is worth bearing in mind that hackers often use obfuscation methods and proxies to conceal their real location.

As a result, it is possible that any attacks appearing to originate in Brazil or Russia could have actually originated elsewhere in the world, or even within the UK. For this reason, it is vital not to jump to conclusions and to wait for the attacks to be carefully examined by cybersecurity experts for the necessary digital fingerprints, that will determine whether this attack emerged in Brazil, the Kremlin or somewhere closer to home.

Ray Walsh is a digital privacy expert at ProPrivacy.com.

The opinions in politics.co.uk's Comment and Analysis section are those of the author and are no reflection of the views of the website or its owners.

Comments

Load in comments
Politics @ Lunch

Friday lunchtime. Your Inbox. It's a date.