Dr Duncan Hodges, Senior Lecturer in Cyberspace Operations is warning that the cyber-attack on the Labour Party may not be the last on political parties at this election.
Dr Hodges warns that Distributed Denial of Service (DDoS) attacks while unsophisticated can often be cover for more elaborate attacks.
Commenting on the cyber-attack on the Labour Party, Dr Duncan Hodges, Senior Lecturer in Cyberspace Operations says: “DDOS attacks are really quite common, we see these all the time and it’s possible to hire this capability for as little as $100. You can also decide which countries the attack should appear to come from. So the fact this cyber-attack appears to have come from Russia and Brazil actually doesn’t mean anything.
“A DDOS attack involves a whole set of bots or ‘zombie machines’ that make what appear to be valid requests from a website. This causes a huge surge in traffic and requests which seem legitimate, so the website will try to fulfil them causing massive problems.
“These sort of DDOS attacks can be used by sophisticated cyber actors, despite their simplicity, for two reasons. Firstly they create a lot of noise and interest in one area, and this distraction means they can get in another way, sneaking in a side door. Secondly they could be a test run, creating an attack to see how the organisation responds, what processes they follow and how quickly they involve the National Cyber Security Centre. This information gathering mission will be looking at the window of opportunity attackers may have for other activity.
“I wouldn’t call this attack sophisticated, but it is certainly co-ordinated and large scale in that it involved multiple attacks. We shouldn’t be confident that this is over, we have seen this type of attack used as cover for further activities.
“With the delicate political environment, it doesn’t take much to create disruption. We have increasingly seen attacks on our democracies and our election apparatus, in France before the election sustained attacks were successfully defended, and we have seen cyber-attack situations in the US around elections too. The UK Government’s decision to withhold the publication of the report on alleged Russian interference in UK politics adds to the growing tension around the UK democratic elections. Small attacks, equivalent to physically knocking over a political party’s sign, are one thing, but larger co-ordinated attacks could have more detrimental consequences. Any attack on our democratic process or that affects the ability to conduct a fair election, and hence respect the outcome of that democratic process we should take very seriously.”