Labour Party hit with two DDoS attacks
Party reports double cyber incursion to NCSC
Credit: Steve Parsons/PA Archive/PA Images
The Labour Party has been targeted by a second cyberattack just 24 hours after a similar effort disrupted some of its online systems.
The party confirmed a second Distributed Denial of Service (DDoS) attack – which aims to knock websites offline by flooding them with traffic – had been launched against them on Tuesday afternoon.
It is unclear whether the attack was launched by the same hackers as Monday evening's incident or if it was a copycat attack.
Confirming the second bombardment, a party spokesperson said: "We have ongoing security processes in place to protect our platforms, so users may be experiencing some differences. We are dealing with this quickly and efficiently."
Labour had said the initial attack had been "sophisticated and large scale".
- Why cybersecurity would lead a Labour government’s digital transformation agenda
- Life hacks – a year at the National Cyber Security Centre
- DCLG cybersecurity leader urges councils to prepare for inevitable election attacks
But a source close to the party told Reuters both DDoS attempts were "very unsophisticated" with the second attack starting around 1:20pm on Tuesday and peaking just over an hour later.
Responding to the first attack, Jeremy Corbyn it had left him concerned about hackers attempting to disrupt the general election.
Speaking during a campaign event in Blackpool, the Labour leader said: “It was a very serious cyberattack. We have a system in place in our office to protect us against cyberattacks, but it was a very serious attack against us. So far as we are aware, none of our information was downloaded and the attack was actually repulsed because we have an effective in-house developed system by people within our party.”
He added: “But if this is a sign of things to come in this election, I feel very nervous about it all. Because a cyberattack against a political party in an election is suspicious and something one is very worried about."
The party are also believed to have relied on third-party protection to stop the attacks, which they claim had not breached the "integrity" of their data.
Corbyn likened the incident to the 2017 ‘WannaCry’ ransomware attack which saw thousands of NHS computers taken offline, resulting in non-critical operations being cancelled.
And he said the attack was proof the UK needed “far better” defensive capabilities against cyber strikes.
”A cyberattack has happened in 2017 against our National Health Service is something that is incredibly dangerous to the health records and the healthcare and treatment of potentially millions of people,” he said. “So, we do need far better defensive arrangements against cyberattacks made against us. As to who undertook the attack, we are looking into all that at the moment and we have obviously reported the attack to the National Cyber Security Centre and they will be investigating it as well.”
A spokesperson for the NCSC said following the first incident: "The NCSC has worked closely with political parties for several years on how to protect and defend against cyberattacks. We met the major parties last week ahead of the general election.
"In terms of this incident, the Labour Party followed the correct, agreed procedures and notified us swiftly. The NCSC is confident the party took the necessary steps to deal with the attack. The attack was not successful and the incident is now closed."
Share this page
CONTRIBUTIONS FROM READERS
Please login to post a comment or register for a free account.
Former GCHQ and Home Office leader David Omand expresses disapproval of use of WhatsApp and other platforms for government business
In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...
Officials are warned that, if they choose to use non-corporate channels, they must 'be prepared to defend your choices'
Minister reveals up more than £4m spent on testing, security and other support contracts
Related Sponsored Articles
The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...