MPs have claimed a voter registration site that crashed in the run-up to last year’s EU referendum could have been targeted by a foreign cyber-attack. IT security experts from Infoblox and Veracode commented below.
Dr Malcolm Murphy, Technology Director, Western Europe at Infoblox:
“While nothing has yet been confirmed, the news that the voter registration site may have been subject to a DDoS attack highlights the current prevalence of large scale attacks of this type, and a pressing need for providers to be able to assuredly identify the signs of a DDoS attack when it takes place in order to take immediate remedial action.
“By using statistical support, administrators can help analyse their data for attack indicators; whilst it may not always be clear what an attack looks like, anomalies should be more easily identifiable. IT teams should scrutinise internet-facing infrastructure for single points of failure by going beyond external authoritative name servers, and checking on the switch and router interactions, firewalls, and connections to the internet.
“The number of DDoS attacks is growing, and organisations need to remain vigilant and create safeguards against increasingly sophisticated and damaging botnet and malware attacks.”
Paul Farrington, EMEA Solution Architects Manager at Veracode:
“As the government continues its drive for increasingly digital services, such as voter registration online, it is imperative that robust cybersecurity techniques are deployed to ensure systems aren’t vulnerable to attackers.
“This is especially critical when considering elections. With citizens’ ability to register to vote allegedly denied by a cyberattack, it leaves us wondering what effect cyberhackers could have on a digital election process, especially in the wake of such initiatives being put forward.
“Hacking an entire election is near impossible, but should digital elections be successfully implemented, any cyber-criminal hoping to create suspicion and disrupt the result of an election could achieve this simply by affecting just a small number of votes. This highlights how a few successful vote-tampering successes in just a few strategically planned areas can cause panic, suspicion and loss of faith in the integrity of the process.
“While today we can’t be sure as to whether a cyberattack has indeed denied citizens their democratic right, it is yet another reminder of the importance of robust cyber defences to plug vulnerabilities and defend against such potential dangers.”