General election 2019: 'Cyber-attack' on Labor Party digital platforms – BBC News, BBC News

        

            

Media playback is unsupported on your device

      

               

    

The Labor Party says it has successfully defeated a cyber-attack targeted at its digital platforms.

Labor said the attack “failed” because of the party’s “robust” security system and no data breach had occurred.

The Distributed Denial of Service (DDoS) attack floods a computer server with traffic to try to

A Labor source said that attacks came from computers in Russia and Brazil but the BBC’s Gordon Corera has been told the attack was not linked to a state .

Our security correspondent said he had been told the attack was a low-level incident – not a large-scale and sophisticated attack.

A National Cyber ​​Security Center spokesman said the Labor Party followed the correct procedure and notified them sw iftly, adding: “The attack was not successful and the incident is now closed.”

Meanwhile, Labor has denied that there has been a data breach or a security flaw in its systems afterthe Times reported the party’s website had exposed the names of online donors.

DDoS attacks direct huge amounts of internet traffic at a target in an effort to overwhelm computer servers, causing their software to crash.

They are often carried out via a network of hijacked computers and other internet-connected devices known as a botnet.

The owners of which may be unaware their equipment is involved.

DDoS attacks are not normally recognized as being a hack as they do not involve breaking into a target’s systems to insert malware.

They can vary in sophistication and size, and are sometimes used as a diversionary tactic to carry out a more damaging attack under the radar.

Several companies provide services to repel DDoS attacks, but they can be costly.

The BBC has confirmed that Labor is using software by the technology company Cloudflare to protect its systems.

The US-based company boasts it has 15 times the network capacity of the biggest DDoS attack ever recorded, meaning it should be able to absorb any deluge of data directed at one of its clients.

BBC political correspondent Jessica Parker said “Labor Connects”, a tool for campaigners to design and print materials was disrupted and remains “closed for maintenance”.

A message on the site on Monday said it was experiencing issues “due to the large volume of users”.

            

Media playback is unsupported on your device

      

               

    

Labor leader Jeremy Corbyn said the cyber-attack was “very serious” and also “suspicious” because it took place during an election campaign.

“If this is a sign of things to come, I feel very nervous about it, “he said.

In a letter sent to Labor campaigners, Niall Sookoo, the party’s executive director of elections and campaigns, said: “Yesterday afternoon our security systems identified that, in a very short period of time, there were large-scale and sophisticated attacks on Labor Party platforms which had the intention of taking our systems entirely offline.

“Every single one of these attempts failed due to our robust security systems and the integrity of all our platforms and data was maintained.”

Labor’s general secretary Jennie Formby said on Twitter the attack was a “real conce rn “but she added she was proud of the party’s staff who” took immediate action to ensure our systems and data are all safe “.

Emily Orton, from Darktrace , an AI company for cyber-security, told BBC Radio 4’s The World at One: “Really this is the tip of the iceberg in terms of the types of threats that, not just the Labor Party, but all political parties are going to be without a doubt experiencing on a daily basis. “

” I think anyone involved in politics and in government need to be preparing themselves for a lot more stealthy, sophisticated attacks than this, “she added.

                                                                                                                      

Donors leak

                                                                                                      Image copyright                 Labor Party                                                  

By Leo Kelion, Technology desk editor

The Times has revealed that Labor exposed the names of people who had donated money via an online tool.

The details could be found via an RSS web feed generated by the site’s code, which most browsers provide a way to inspect.

In most cases the information was limited to the donors’ first names and the sums given.

But because some people had mistakenly added their surname to the first name input box, this too was disclosed.

Labor denies this represented a security flaw or that a reportable data breach had occurred. It also believes that only a small number of full names were exposed.

However, it made changes to shut down the RSS feed last night.

“The Labor Party takes its responsibilities for data protection extremely seriously, “a spokesman said.

” If any concerns are raised, we assess them in line with our responsibilities under GDPR [General Data Protection Regulation ] and the Data Protection Act. “

The Information Commissioner’s Office told the BBC:” We will not be commenting publicly on every issue raised during the general election .

“We will, however, be closely monitoring how personal data is being used during political campaigning and making sure that all parties and campaigns are aware of their responsibilities. “

                                                                                                                      

                                                                                                                      

Over the next five weeks, we want to help you understand the issues behind the headlines.

Keep up to date with the big questions in our newsletter, Outside The Box.

Sign up to our 2019 election newsletter here.