Labour’s Cyber-Attack in the News – What Do We Know?

Posted on 12 November 2019

The Labour Party has reported a “sophisticated and large-scale cyber-attack” on its digital platforms. In light of these recent developments, here’s some notes on defending your organisation, should malicious actors target your business.

 

According to recent reports, hackers attempted to infiltrate the Labour party’s digital platforms via a Distributed Denial of Service attack. A DDoS attack floods a computer server with huge amounts of internet traffic in a bid to overwhelm their computer servers, with the aim of forcing a complete software crash. While this sort of attack doesn’t involve breaking into a system and injecting malware, it is often used as a diversionary tactic to distract an organisation, while hackers carry out more damaging attacks under the radar.

A Labour spokeswoman has announced that thankfully, every single attack failed as the party has “robust security systems” and is therefore confident that no data breach occurred. The failed hacking attempt has since been reported to the National Cyber Security Centre.

As a result of this incident, some of Labour’s election campaign activities were slowed down yesterday, but everything is now “back up to full speed,” with the party’s main website, as well as its Facebook and Twitter accounts all fully functioning. This is due to the swift response from the party’s staff, who “took immediate action” to maintain the integrity of Labour’s systems and data.

Everyone’s a Target

Labour’s attacker has not been identified, but a source told the BBC that “attacks mostly originating from Russia and Brazil” had been detected. Whereas this doesn’t necessarily mean that those states were directly involved, they’re almost certainly where the equipment was located. The culprit(s) could have a number of motivations: political, financial, or maybe just disruption for the sake of it. In situations like this, the finger is quickly pointed at rival parties and their affiliates, opposing governments, and cyber terrorist groups.

Governments and political parties are huge targets for malicious actors, and we’ve seen both failed and successful attempts on political targets in our headlines a lot recently, as many countries gear up for elections in the near future. One thing this attack does prove is that not just businesses that malicious actors can target – any organisation, however large or small, can fall victim to a cyber-attack, by anyone, for any reason.

Securing Your Organisation

As the headlines would suggest, threats come in all shapes and sizes, with Labour’s DDoS attack just one example. So, how can organisations keep the wolves from the door and their treasure trove of data secure? Well, when it comes to cyber-crime, a good defence is the best offence – and the following solutions can help build that defence:

  • Microsoft’s Azure DDoS Protection provides advanced DDoS mitigation capabilities, automatically geared towards protecting your specific Azure resources. Users are provided near real-time alerts and threat analytics, and can enjoy peace of mind knowing the measure is backed by the elasticity and scale of Azure.
  • Banish lurking cyber-criminals with lightning fast threat detection from Microsoft’s Azure Sentinel. The solution improves both threat detection and response with the help of sophisticated AI – a tool to keep cyber-criminals on their toes.
  • Identity and Access Management will ensure that only the right users have access to sensitive information, this important element will shut down any opportunity for unauthorised users to view and potentially send out sensitive information, or create problems within your systems.
  • Meanwhile, password management is another important defence tactic when protecting your organisation from cyber-criminals. Having a strong password policy is the first step, but also consider SSO and MFA to ward off more sophisticated threats and take password security to the next level.
  • A well-trained workforce is essential in the fight against cyber-attacks. Nefarious parties often exploit users via social engineering scams, so keeping your team clued up on basic information security is a must.

 

Keep Your Wits About You

Political battles are increasingly being fought online, with social media playing a huge part in swaying public opinion, and news sites on all sides of the political spectrum vying for clicks by any means necessary.

As such, political parties know that a hacking attempt is never too far away, so threat detection and mitigation should be as high up on the agenda as sorting out Brexit. Similarly, organisations of all shapes and sizes – and industries – are faced with evolving threats on a daily basis.

Politics can be divisive, but no matter your political leanings, something we can all agree on is the importance of robust cyber security – and learning from the cases hitting the headlines is crucial.

If you’d like to know more about defending against cyber-attacks, feel free to get in touch with a member of our team – and keep up to date with story developments on Twitter.

 

A few people we've already done it for
X