Just one month before the UK’s general election, Labour has revealed it has been hit by two large-scale cyberattacks on its digital platforms. Whilst the Labour party states its IT systems have withstood the first attack with no detected data breaches, the distributed denial of Service (DDoS) attack has left the website running at sub-optimal speed, with a second attack now plaguing its platform.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
Distributed denial of service (DDoS) attacks present one of the most dangerous forms of cyber threat for political parties and can cause serious reputational and financial damage. This is especially prominent during a General Election campaign when the party will be engaged in influencing voters, thus widening their cyber footprint. The UK Labour Party has suffered two DDoS attacks in quick succession, indicating that similar, future attacks are likely.
While the political parties participating will be on-guard following this latest attack, they all must be prepared for even more sophisticated, multi-vector application layer attacks throughout the remainder of the election period, that could seriously undermine their campaign.
An always-on DDoS protection system between the open web and servers is essential. Network security professionals need to embrace an extensible and adaptable position to detect both application and network attacks. The choice of defensive policy will be determined by the size of the enterprise and its resources. But as the number of high-profile campaign blackouts skyrockets, it’s worth reassessing expenditure and risk levels to combat these threats.
Ultimately, key political parties that cannot ensure that their campaign communication channels are continuously available, risk severely damaging their election campaigns – and may appear untrustworthy in the eyes of constituents. The key is to be prepared: the question is not if but when an attack will come. As we’ve seen in the last three years, cyber-attacks are now commonplace when nationwide elections or referendums are taking place.
Outside interference in general elections from malicious parties and cyber criminals can jeopardise trust in the democratic process. Tackling this growing threat requires all political parties to take the risks posed by hackers extremely seriously, particularly when confidential voter data including contact details and home addresses are at risk in a breach. All too often we’re seeing online criminals gain access to databases using stolen log-in details and passwords bought in the dark web. With this behaviour on the rise, adopting a zero-trust approach is critical, ensuring every worker can verify that they are who they say they are to keep hackers at bay.
With the general election in full swing and all the main parties investing heavily in digital campaigns, it’s no surprise that malicious hackers are hoping to cause chaos and damage the democratic process. This incident is another reminder of why ensuring the highest standards of cyber security are in place to protect party websites and confidential voter data from theft. Additionally, it’s vital that all staffers are fully up to speed with the latest data protection rules and regulations and are aware of the risks posed from phishing and malware attacks.
A DDoS (Distributed Denial of Service) attack attempts to disrupt a network service by bombarding it with requests. A DDoS attack could shut down a webpage, for instance, if too many computers request the webpage at once, thus causing the webserver to be unable to handle the magnitude of responses. Such an attack can be issued to a specific network service/resource or its surrounding infrastructure.
To carry out a DDoS attack, the attacker utilizes zombie machines (i.e., machines infected with malware) connected to a so-called Command and Control server which can issue a command to them. The zombie machines then fulfill the command and attack the target. Zombie machines can include computers as well as IoT devices.
It is a complex task to find the issuer of a DDoS attack. One would need to first find the computer from which the DDoS has been issued, see the malware that is responsible for the attack command and then investigate the criminal or group that issued it.
It is however promising to see that a robust security strategy and a prepared cyberattack procedure have prevented further damage. This scenario illustrates that a mature security initiative and well-prepared incident response plan are crucial.
DDoS is done to deny service, disrupt business or to punch your opponent square in the mouth. Most DDoS attacks are not particularly sophisticated and can be readily handled with the right products and services. However, most organisations aren\’t prepared for high volume or application-level attacks to their networks. DDoS attacks are notoriously difficult to attribute to particular actors or players, such as rogue hackers, a disgruntled hacktivist group, or the unlikeliest a nation-state group.
As we head into Brexit, the UK general election on December 12 and the 2020 US Presidential elections, this is a reminder that we should all become more resilient. Whether this is simply DDoS for hire for pennies for a gigabit is largely irrelevant. While it is early to speculate on this particular attack being a test of the network security capabilities of the Labour Party, based on previous misinformation campaigns targeting elections in the UK, U.S. and against other nations, expect additional threats to surface and the Labour Party to be tested time and time again in the future.