Britain’s Labour Party has been targeted in a second cyberattack, the party said Tuesday, less than a day after it withstood a ‘‘sophisticated and large-scale’’ cyberattack on its digital platforms.
The attacks interfered with party websites and slowed some campaign activities, officials said, flooding them with fake traffic in an effort to crash the party’s computer servers, weeks before a critical national election. The first attack failed due to the party’s ‘‘robust security systems,’’ a party spokeswoman said Tuesday. Hours later, a second attack was underway, but the party is still confident no data breach occurred.
‘‘We have ongoing security processes in place to protect our platforms, so users may be experiencing some differences,’’ a Labour spokeswoman told The Guardian. ‘‘We are dealing with this quickly and efficiently.’’
Authorities told The Guardian that the attack does not appear to be linked to a state actor. But foreign election interference has been an issue in Britain and the US.
In the US the Senate Select Committee on Intelligence confirmed that Russian actors deployed misinformation campaigns and hacked Democratic Party computer systems in the lead up to the 2016 US presidential election.
In Britain, Parliament’s Intelligence and Security Committee has prepared a report on Russian efforts to interfere with the 2016 Brexit referendum and 2017 general election, but the government has not given approval for its publication and will not do so until after the Dec. 12 election.
The move has drawn criticism from Labour officials, who say holding up the report is politically motivated.
Labour party leader Jeremy Corbyn called the timing of the cyberattacks ‘‘suspicious’’ while speaking to reporters Tuesday.
‘‘If this is a sign of things to come in this election, I feel very nervous about it all because a cyberattack against a political party in an election is suspicious and something one is very worried about,’’ Corbyn said.
Hackers employed a Distributed Denial of Service (DDoS) attack on the Labour Party platforms, which floods servers with fake traffic in an attempt to crash them. Such attacks are common and cheap to mount, but vary in size and sophistication. A week-long DDoS attack capable of taking a small organization offline can be purchased for $150 on the black market, according to Digital Attack Map.
The party alerted the National Cyber Security Center, the United Kingdom’s top cybersecurity organization, but no action was needed by the agency.
Such attacks have spiked in 2019, according to a Neustar report, and are growing more complex. But even if they’re successful, DDoS attacks rarely do much damage beyond disrupting service to the targeted sites, although even short outages can cost companies tens of thousands of dollars. Clouldflare, the San Francisco-based security company that services the Labour Party, has a network capacity that is 15 times greater than the biggest DDoS attack ever recorded.
Ahead of a 2017 general election, Britain was hit by the ‘‘WannaCry’’ ransomware attack, which affected more than 200,000 computers in 150 countries and wreaked havoc on Britain’s National Health Service, disrupting thousands of appointments and operations. The attack ultimately cost the NHS £92 million.