Who was behind Labour’s cyber attacks?

Labour was hit with two cyber attacks in two days this week in what the party called a “sophisticated and large-scale” attempt to disrupt its digital systems.

Labour referred the attacks to the National Cyber Security Centre (NCSC), the government agency that supports and advises organisations on such matters.

An NCSC spokesperson said that Labour had followed the correct procedure, adding: “The attack was not successful and the incident is now closed.”

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

What happened?

The party was subjected to a Distributed Denial of Service (DDoS) attack, which overwhelms a computer server with traffic in an attempt to take it offline, says the BBC.

DDoS attacks use a network of “zombie computers” – remotely controlled hacked computers or bots – to form a network of bots called a “botnet”. This botnet is then used to flood websites, servers and networks with more incoming data than they can cope with, says antivirus firm Norton.

DDoS attacks are simple to carry out and relatively cheap, and can range in their sophistication from those “offering three hours of downtime for $60” to large state-sponsored attacks, says The Guardian.

A Labour spokeswoman said on Tuesday: “We have experienced a sophisticated and large-scale cyber-attack on Labour digital platforms.

“We took swift action and these attempts failed due to our robust security systems. The integrity of all our platforms was maintained and we are confident that no data breach occurred.”

Labour uses software by the technology company Cloudflare to help repel DDoS attacks and protect clients’ systems. The company provides extra capacity when needed so that it is much harder for attackers to overwhelm clients’ servers.

Who’s responsible?

Labour has not revealed who it suspects is behind the attacks, but the BBC says it was told that Monday’s attack was not linked to a state, and Whitehall sources say early indications suggest they were the work of a “non-state actor”.

A Labour source had previously told the BBC that the attack came from computers in Russia and Brazil.

The Conservative-supporting Daily Telegraph says Labour has been accused of “hamming up” the cyber attack to gain political capital – although it hasn’t suggested what advantages Labour could be trying to seek.

But speaking on the campaign trail in Blackpool, Labour leader Jeremy Corbyn described the attack as “very serious”.

“If this is a sign of things to come in this election then I feel very nervous about it all because a cyber attack against a political party in an election is suspicious and something one is very worried about,” he said.

He added that the party was investigating who may have been behind the attack, says the Financial Times.

Brian Higgins, a security specialist at Comparitech.com, said the attacks “can be defended against and recovered from quite easily if the victim has robust cybersecurity policies in place.

“It’s hardly surprising that the Labour Party has been targeted given the current political landscape in the UK,” he told the Guardian.