Britain's opposition Labour Party suffered two cyberattacks early this week, causing concern from party leaders that cyber criminals can interfere with the election process, just as the country is gearing up for a crucial national election on December 12, in an attempt to break the UK parliament’s deadlock over plans to leave the European Union. This appears to be yet another politically motivated distributed denial of service (DDoS) attack, attempting to disrupt the democratic process. According to the New York Times, “Britain's National Cyber Security Centre, part of the GCHQ signals intelligence agency, said the first attack was a distributed denial-of-service (DDoS) attack - a technique used by hackers to take down websites by overwhelming them with traffic.”
According to the BBC, one of the party’s websites, called “Labour Connects,” which is a tool for campaigners to design and print materials, was disrupted on Monday, November 11 and was still “closed for maintenance” on Tuesday morning.
Was it an act of cyber warfare or of political hacktivism? Experts don’t know. That comes as no surprise, as it is usually virtually impossible to determine the true source of a DDoS attack; typical DDoS attacks use multiple compromised computer systems that are almost certainly not directly related to either the attacker, those who funded the attacks, or the geographical region in which they are located.
When launched by non-state actors, these types of cyberattacks are more often a form of political hacktivism; but when performed by government agents they are considered to be cyber warfare. The British government assumes the attack on the Labour Party may have been a lone wolf actor, as there is currently no evidence it was conducted by a nation-state, though in the past British security agencies have warned that Russian government hackers tried to launch cyberattacks.
Incidents like this clearly demonstrate the need to have DDoS protection as part of a comprehensive cybersecurity defense. DDoS attacks on campaign or voting systems can have serious negative impacts on the democratic process, so it is especially important for government agencies and political parties to guard against them. One can imagine the trouble that would arise if a campaign website, or worse, a website for voting or registering to vote, became disabled during a crucial election period.
Political campaigns and government agencies must protect the integrity of the systems being used for the democratic process. To be prepared, they need real-time, always-on, automated DDoS protection as part of their cybersecurity defense. Such organizations can easily get the protection they need, because DDoS protection is available for on-premise, cloud, virtual and hybrid environments, and they need not strain their budgets to do so, as many Internet Service Provider and Hosting Providers now offer affordable DDoS protection as a service.
For over a decade, Corero has been providing state-of-the-art, highly-effective, automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall® DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. If you’d like to learn more, please contact us.