The Labour Party’s campaign website has suffered a “sophisticated and large-scale” cyber attack, a spokesperson has said.
Security procedures had “slowed down” some election campaign activities, but the party believes that no sensitive data was compromised.
The incident has nonetheless been reported to the National Cyber Security Centre.
What happened?
The party was vague in its description of the incident, saying: “We have experienced a sophisticated and large-scale cyber-attack on Labour digital platforms.
“We took swift action and these attempts failed due to our robust security systems.
“The integrity of all our platforms was maintained and we are confident that no data breach occurred.”
Subsequent reports suggest it was a DDoS (distributed denial-of-service) attack. This is a type of cyber attack that’s designed to disrupt an organisation’s ability to operate rather than to steal information.
The Labour Party might therefore want to hold off on praising its “robust security systems” for preventing a data breach.
That said, DDoS attacks are notoriously hard to stop, so this shouldn’t be taken as a sign that the Labour Party’s security systems aren’t up to scratch.
DDoS attacks occur when criminal hackers use a network of compromised computers, known as a botnet, to inundate a target site with traffic. The site is unable to process such a high volume of requests and crashes.
“It was really very everyday, nothing more than what you would expect to see on a regular basis,” a security official with knowledge of the matter told Reuters.
Are you equipped to handle a cyber attack?
With cyber threats playing such a big role in business and politics these days, it’s concerning that the Labour Party’s assessment of this incident was off the mark.
Of course, it’s possible that experts inside the party were aware of the true nature of the attack but spun the story to highlight the fact that no breach took place.
You certainly couldn’t begrudge that – particularly with one month until the UK General Election.
At the very least, it’s a positive story of an organisation experiencing a cyber attack and responding quickly – something we could use more of.
Continuing education is the key to cyber security, which is why we’re urging organisations to do more to train their staff on how to spot and respond to incidents.
When you book a training course with IT Governance, you’ll automatically go into our Rewards Club and a receive 25% discount off courses for life.
