Labour Party hit by DDoS attack

The Labour Party has been hit by a “sophisticated and large-scale cyber attack” on its digital systems from an unknown source, although it was confident that security systems ensured there was no data breach.

Party officials reported the attack, which took place on Monday, to the National Cyber Security Centre.

The party did not reveal which digital platforms were targeted, but it is understood some of them were election and campaigning tools, which would contain details about voters. It sent a message to campaigners to explain the attack and why systems were working slowly yesterday.

A party spokeswoman said: “We took swift action and these attempts failed due to our robust security systems – the integrity of all our platforms was maintained and we are confident that no data breach occurred.

“Our security procedures have slowed down some of our campaign activities, but these were restored this morning and we are back up to full speed,” she added.

Labour was reportedly targeted by a distributed denial of service (DDoS) attack, which uses networks of compromised computers to flood a server with requests and overwhelm it.

Even when DDoS attacks succeed, they rarely have implications beyond enforced downtime, as the target waits for the attack to end, or secures extra bandwidth to deal with the new traffic.

Kieran Roberts, head of penetration testing at Bulletproof, explained that DDoS alone is not necessarily a sophisticated attack, the issue is the pure volume of traffic which can also be used as a smokescreen.

“At the moment we don’t have a lot of info, but certainly interesting timing given the government’s refusal to release their report into nation state interference in the Brexit referendum and the last general election.

“In terms of how to catch the culprits, it's almost impossible, the whole point is that the attack is distributed, so working out who is controlling them all is very difficult,” he added.

Dan Pitman, principal security architect at Alert Logic, added: “It’s entirely plausible that someone without any hacking experience paid for the DDoS attack on the ‘dark web’ from what is known as a ‘booter’ – a paid-for service where a hacking group will lease out their existing botnet to perform the attack.

“Whilst attacks have been reported during previous general elections, for example government systems being compromised during the 2015 Election - with some politicians and security services later blaming Russia - a deliberately disruptive attack against a specific party is unusual.”

    Share Story:

Recent Stories


The future-ready CFO: Driving strategic growth and innovation
This National Technology News webinar sponsored by Sage will explore how CFOs can leverage their unique blend of financial acumen, technological savvy, and strategic mindset to foster cross-functional collaboration and shape overall company direction. Attendees will gain insights into breaking down operational silos, aligning goals across departments like IT, operations, HR, and marketing, and utilising technology to enable real-time data sharing and visibility.

The corporate roadmap to payment excellence: Keeping pace with emerging trends to maximise growth opportunities
In today's rapidly evolving finance and accounting landscape, one of the biggest challenges organisations face is attracting and retaining top talent. As automation and AI revolutionise the profession, finance teams require new skillsets centred on analysis, collaboration, and strategic thinking to drive sustainable competitive advantage.