back to article 'Sophisticated' cyber attack on UK Labour Party platforms was probably just a DDoS, says official

The UK's Labour Party says its campaign site has been the target of "sophisticated and large-scale cyber-attack" and has informed GCHQ's National Cyber Security Centre. Jeremy Corbyn's party said the attack took place yesterday, adding that security systems ensured there was no data breach. A spokeswoman said: "We have …

  1. horse of a different color
    Holmes

    It’s the Russians, I tellsya.

    1. Anonymous Coward
      Anonymous Coward

      Not the Russians.

      The Rush'uns - apparently it was deadline day for freepost leaflets (https://twitter.com/MichaelLCrick/status/1194040629602353154)

      What will GCHQ say?

      1. Cederic Silver badge

        Heh, I'd heard that from another source.

        Editor of Wired is saying it's not even being counted at a Category 6 attack by NCSC, although that may mean they just haven't looked at it yet.

        1. Anonymous Coward
          Anonymous Coward

          Stranger and stranger - the DDoS protection worked, only it didn't? While I have no doubt that they received traffic from every continent (as does my home Internet connection hosting zero inbound services according to firewall logs) I'm not sure that makes it a targeted attack either. Checking their DNS history, Cloudflare has been in-place since September, so it wasn't an afterthought once things started going wrong.

          https://twitter.com/rowlsmanthorpe/status/1194224258161008640

          "Confirmed from a Labour source: the DDOS attack came from "a botnet with IPs on every continent."

          Adds: "We use Cloudflare which soaked up the large majority of the traffic, but the DDOS-protection measures did have some knock-on effects on traffic between systems."

          The counter would be hiring a botnet to DDoS a very specific part of a political opponents hours before a deadline for pamphlet printing sounds a little bit too much like " a dog ate my homework, can I have extra time?"

          I'm sure we will see more evidence if it is real or it will quietly be forgotten if the cause was benign.

          1. Anonymous Coward
            Anonymous Coward

            There were reports of further DDoS attacks later in the afternoon, but they were throwing up the Cloudflare protection pages rather than an application error.

            So was the application making callbacks to itself and potentially causing the DDoS?

        2. I ain't Spartacus Gold badge

          According to yet another anonymous government source (I think from a Guardian article) - it's not believed to be a state actor what done it. Obviously all preliminary, and there's notthing to stop state actors from hiring botnets like anybody else.

      2. Cederic Silver badge

        Some time later, and there'll probably be an El Reg story in response, but for posterity Lizard Squad have claimed responsibility for a DDOS attack.

        Link to an online rag's story on the matter:

        https://www.independent.co.uk/news/uk/politics/labour-cyber-attack-lizard-squad-ddos-corbyn-general-election-a9202006.html?amp=1

    2. BazNav
      Trollface

      I thought the Russians usually targeted parties opposed to their world view. What policy could labour have that would make the Russians think Boris was better for them?

      1. Danny 2 Silver badge

        Well, the Russians have been funding the Tories so they must have a reason.

        https://www.theguardian.com/politics/2019/nov/06/no-10-accused-of-ignoring-evidence-of-russian-interference

      2. Anonymous Coward
        Anonymous Coward

        >What policy could labour have that would make the Russians think Boris was better for them?

        https://www.reuters.com/investigates/special-report/britain-eu-johnson-russian/

        Dominic Cummings is also strongly linked to the Golden Visa brigade - in fact he lived in Russia for several years in the nineties. It was not just his sunny disposition which led many Conservatives and civil servants to question his appointment.

        I could go on, but doubtless you are impervious to fact - Labour seem to have taken a similar attitude towards pushing the issue too - which is depressing but not surprising.

        1. Dave314159ggggdffsdds

          What on earth makes you lot think the Russians, or whoever, wouldn't nobble both parties if they were willing to nobble one? Corbyn is simply much cheaper, and has been in Putin's pocket for 20 years. If he tried to deny it, the best he could manage is to look stupid enough to be providing the same service free.

          Obviously Labour can't make a big deal out of it when Corbyn is only leader thanks to Russian fake 'Labour members' voting for him.

          1. Anonymous Coward
            Anonymous Coward

            If you just get in touch with the Bavarian Illuminati at our usual address, we can offer you a really good price on bulk tinfoil.

      3. Anonymous Coward
        Anonymous Coward

        I'll let you off because of the troll icon however it's economics, if the west is destabilised like us leaving the EU or America voting for an imbecile it means other countries can gain such as Russia. I usually take these sorts of accusations with a huge pinch of salt especially when it's Iran or North Korea but in this case they do have something to gain which means it's believable. That's how I see anyway.

        1. Dave314159ggggdffsdds

          Really, it's silly to spend as much effort on Putinology as the media here does, because almost everything he does is almost entirely for domestic propaganda purposes. His supporters want to believe in him when he portrays Russia as still being a big player internationally, so the stories in the western media about Russian interference are read in Russia as a sign that they're so powerful they can get away with these things, rather than that they're an irritant not worth smacking down.

          1. amanfromMars 1 Silver badge

            Zwinger Swingers to Internetional Rescue? :-)

            Really, it's silly to spend as much effort on Putinology as the media here does, because almost everything he does is almost entirely for domestic propaganda purposes. His supporters want to believe in him when he portrays Russia as still being a big player internationally, so the stories in the western media about Russian interference are read in Russia as a sign that they're so powerful they can get away with these things, rather than that they're an irritant not worth smacking down. ....... Dave314159ggggdffsdds

            So .... Putinology presenting a Grand Sun Tzu Master Class, Dave314159ggggdffsdds ..... for Engagement, Employment and Enjoyment with Star Tsar and Tsarina of Mother Russia?

            Or do you think Mother Russia too primitive to perform such Transubstantiations?

            Such a folly as supplies a dogged false disbelief is an immaculate stealth delivered way beyond compare and reproach.

      4. aks Bronze badge

        The Russians usually simply try to sow discord by throwing a cat among the pigeons. The consequent distrust is then encouraged by them as a way to weaken other countries. That part hasn't changed since the days when Putin was running the KGB.

        1. Anonymous Coward
          Anonymous Coward

          Russians Putin KGB FSB boo damn scary

          Howdy, aks. Never did he run KGB, as far as we're all informed. KGB's been in effect in Communist party's times, while FSB is a later Russian Federation's service.

          As for the Cloudflare's ddos - there are times presently, when many and more witness unexplainable failings of the CF's respected anti-DOS policy.

          As though, normally, I'd expect the British resourse hosted in the UK. Ah, never mind.

      5. TomPhan

        Conservatives win, Brexit probably happens, which could mean Europe and Britain have less influence and power. Pretty much in line with Russian goals.

        1. Persona Bronze badge

          And also in line the goals of close to 180 other sovereign states. Perhaps it's a global conspiracy. Odd that all they have managed is a minor DDoS.

    3. Marketing Hack Silver badge

      Wait, aren't the Russians in favor of Labour winning this election? You practically need a program to tell which parties are receiving support from which shady, foreign government these days.

      1. Dave314159ggggdffsdds

        Not the Russians, since it's Corbyn. A different malign international conspiracy to subvert our democracy, that is in no way, no way at all, just an age-old antisemitic conspiracy theory with the word 'Jew' taken out.

      2. Anonymous Coward
        Anonymous Coward

        "Wait, aren't the Russians in favor of Labour winning this election?"

        Based on the findings in the US reports, the Russians don't seem to favour one side or the other too heavily - they are more interested in affecting the trust in the democratic process.

        I suspect the picking sides part will come later once democracy is viewed with distrust and suspicion.

        1. Claverhouse Silver badge

          I never had that 'trust' in the first place.

          Not even as if the bunch of elected thugs in the House have at least shown themselves marginally competent to make up for their pompous judgementalism, venality and corruption.

  2. iron Silver badge

    Did Boris hire some chums from 4chan?

    1. katrinab Silver badge
      Black Helicopters

      No, but his friend Vladimir probably did.

    2. Anonymous Coward
      Anonymous Coward

      >Did Boris hire some chums from 4chan?

      More likely Malcolm Tucker to get some Labour spin in the news.

    3. Anonymous Coward
      Anonymous Coward

      Did you just suggest Boris has friends?

      1. Benson's Cycle

        Friends with benefits, anyway.

  3. OzBob

    Developing story?

    "Leaders of organisations are incredibly thick when it comes to IT; political leaders, doubly so." What else could possibly develop on that story?

    1. Kevin Johnston

      Re: Developing story?

      What could develop is a bunch of script-kiddies seeing the 'We have awesome security' line and thinking Oh Yeah?

      Cue a plethora of attempts over the next week on all the websites of all the major parties to see who has the worst.

    2. Fred Dibnah Silver badge

      Re: Developing story?

      I expect most IT people are incredibly thick on how to lead an organisation or be a politician, too. Horses for courses innit.

    3. Claverhouse Silver badge

      Re: Developing story?

      The American novelist Thorne Smith pointed out Abe Lincoln would be considered a moron back in the 1920s if he could not drive a car.

      Nor would be a highly skilled motorist automatically be a great war lord.

      1. aks Bronze badge

        Re: Developing story?

        I don't see the relevance of your post in this thread but am always glad to see a reference to Thorne Smith.

  4. Ste Van De Mull

    "sophisticated and large-scale cyber-attack"

    DDOS Attacks are very common, looking for a pity us vote. May use it later as excuse why we failed?

    1. Anonymous Coward
      Anonymous Coward

      Re: "sophisticated and large-scale cyber-attack"

      I always cast my vote for whichever political party appears to be the underdog rather than determining my political allegiance on facts and their manifesto.

  5. Anonymous Coward
    Anonymous Coward

    Ask Donnie

    Donnie and his 4chan pals.

  6. PJ H
    Meh

    Meanwhile, over at Guido's..

    .. an alternative explanation is that a last-minute rush to get some things done overloaded their servers...

    "Today was the deadline for Labour CLPs to get their freepost printing done. Could it be that a last-minute scramble has overwhelmed Labour’s servers? [...] True a lot of people logging on can seem like a distributed denial-of-service (DDoS) attack or it could just be a lot of people trying to log on before the deadline."

    1. katrinab Silver badge
      Meh

      Re: Meanwhile, over at Guido's..

      That would be about 600 or so requests at most, not enough to even overload a home server on a domestic connection.

      650 constituencies - take away the 18 Northern Irish ones where Labour aren't standing and would want you to vote SDLP, take away the Speaker's seat, and possibly take away seats where the Co-op Party is fielding candidates, plus of course the seats where they didn't leave it to the last minute.

      1. Anonymous Coward
        Anonymous Coward

        Re: Meanwhile, over at Guido's..

        It's likely significantly more than that - I would imagine that each constituency will have 5-10 pamphlet designs depending on the points they are targeting (i.e. candidate info/general Labour info/Brexit/NHS/education/crime/opponents etc). You can't just assume one size fits all. And they are likely ordering 60+ million items all up (averaging 2 items per household - less in some places, more in others)

        Having said that, it has been available since October, possibly even September, so I would have expected the majority (conservatively 70%+) of the work to have been done with only changes/new lines of campaigning to be going through for most constituencies plus any stragglers that are less well organised remaining.

        1. Paul Herber Silver badge

          Re: Meanwhile, over at Guido's..

          "majority (conservatively 70%+)"

          Is that a prediction? Ok, I won't labour this point ...

      2. Flywheel Silver badge

        Re: Meanwhile, over at Guido's..

        not enough to even overload a home server on a domestic connection

        It's Government/Parliamentary IT remember, so probably more than enough...

        1. Dave the Cat

          Re: Meanwhile, over at Guido's..

          "It's Government/Parliamentary IT remember, so probably more than enough..."

          It's not even that, it's Labour's own IT.

          The National Cyber Security Centre hasn't even classed it as a level six 'attack' which tells us all we need to know. At worst this is a low-level unsophisticated DDoS attack.

          Having previously worked with a Labour constituency office on their GE campaigns, I can guarantee you, the vast majority will not have pre-ordered their leaflets and will have left it to the very last minute before trying to finalise their leaflets. This election, perhaps more than others, has been all about last-minute policy announcements and changes, you can't blame them for leaving it to the last minute so they have the most up-to-date policy information. It's far more likely that the systems have just been overwhelmed with the volume of requests.

          I'm sure there'll be a member of the 'faithful' along shortly to tell us this is yet another example of an underhanded 'establishment' stitch-up.

          1. Dave314159ggggdffsdds

            Re: Meanwhile, over at Guido's..

            Go check Twitter - they're blaming it on Israel, of course.

  7. N2 Silver badge

    Old man wanting publicity

    Move along please, nothing to see here.

  8. Anonymous Coward
    Anonymous Coward

    Why assume mischief when stupidity is just as plausible?

    "Come and look at our website, see what [strike] lies [/strike] promises we are putting in our Manifesto this time..."

    If this was the cause, I fully expect the other big parties to be crying out for help from GCHQ in the next few days...

    1. Dave the Cat

      Re: Why assume mischief when stupidity is just as plausible?

      You don't need to visit their site to know that the offer is 'Free sweets and a unicorn' for everyone.

      1. Dave314159ggggdffsdds

        Re: Why assume mischief when stupidity is just as plausible?

        *Unless you're Jewish, of course.

  9. Anonymous Coward
    Anonymous Coward

    I'm excited for the day when an attack isn't 'sophistictaed'.

    I doubt it's the Russians, they're actually pretty good at this sort of stuff.

    1. Anonymous Coward
      Anonymous Coward

      It's about computers, therefore it is "sophisticated"

      It must be sophisticated because politicians can't comprehend what just happened.

    2. Mrs Spartacus

      So, my attempt at finding the secret address of Comrade Corbyn's dacha in the forest failed.

  10. dave 81

    Politicians can't help spin the issue.

    Make it sound much worse than it is for the extra sympathy and publicity. I hold the lot of them in utter contempt.

  11. Anonymous Coward
    Anonymous Coward

    What?

    All four supporters tried to access the site at the same time?

    1. MyffyW Silver badge

      Re: What?

      @AC remind me again which political party has the most members in the UK?

      1. Dave314159ggggdffsdds

        Re: What?

        Do we mean real members, or are we counting far-right sockpuppets? If the former, it's the SNP. If the latter, then the fash currently in charge of the Labour Party have the numbers on paper.

  12. amanfromMars 1 Silver badge

    Guy Fawkesian Intel for Advanced IntelAIgent Services with Almighty Leverage

    " a security official with knowledge of the matter

    A Source of Interest to Interesting Sources in Official Security Systems. And here Anonymous like Secret Intelligence Services are most always.

    Is Anonymous Worthy of Such Overall Virtual Command with Remote Access to Immaculate Controls?

    If it is something new to you, just suck it and see and try leading with IrresistiblySucculent Offerings...... Advanced Cyber Treats

  13. frank 3

    Interesting wetware hack

    Think of it like building a SQL table relationship in the brains of people not IT literate.

    HACKS = RUSSIA = JOHNSON = DODGY

    I mean, Johnson and dodgy Russian money is a racing certainty. Those oligarchs would have to pay tax under a Corbyn govt. and they hate that idea. Tax is for the little people. Democracy 'Hacks' and Russia is a well-proven thing. So, it's just linking all these up in people's minds into a cloud of hazy emotional notions. Kind of like the daft corbyn is terry wrist. But in reverse.

    Even if it wasn't a sophisticated hack, it's been on the front page of the Beeb all morning.

    So, it is indeed a sophisticated hack, of the news if not of a computer system.

    1. Josco
      Happy

      Re: Interesting wetware hack

      "Tax is for the little people."

      I'm a little person; physically, financially and intellectually. I don't like tax either.

      1. Boris the Cockroach Silver badge
        IT Angle

        Re: Interesting wetware hack

        I'm certainly not little, both in size and interllecteulalljhfyui cleverness, and I hate tax

        However I hate more paying in % terms in tax more than someone 'earning' million of pounds does.

        And since the brexit party has run off from challenging the local tory, I'm left with voting liberal (arggh) or voting labour(aaaiiiieeeeee) ... of course I could vote tory(cue a 20 min rant that includes words such as f***ing, useless , incompetent, w****ers) but then I'd need a lobotomy first

    2. Adrian 4 Silver badge

      Re: Interesting wetware hack

      'Even if it wasn't a sophisticated hack, it's been on the front page of the Beeb all morning.'

      Somewhat lower-rated than the 'it's raining in yorkshire' story, though.

  14. Anonymous Coward
    Anonymous Coward

    Reply to all error

    It's a reply to all error in the email. Send this to everybody you know in the Labour Party

  15. StarGazer

    So what....

    Odd to announce a sophisticated Cyber Attack on the same day Hilory Clinton sticks her oar into the publish the Russian Interference Review Paper.

  16. albaleo

    a security official with knowledge of the matter

    Who was that then? The United States Secretary of Homeland Security perhaps.

  17. GrapeBunch Silver badge

    Oy, Looks like the victim of a sophisticated attack.h

  18. Tromos
    Joke

    Sophisticated attack

    Probably some kid trying to login as 'admin' and trying passwords 'Jeremy1', 'Jeremy2',...

    1. NATTtrash

      Re: Sophisticated attack

      Nah, it's just that the OoO message...

      Dear Reader,

      I will be out of the office to visit some of the people I don't know and would never talk to normally. For urgent issues, please contact Emily at 07***-*********"

      ...wasn't configured correctly and started filling up inboxen.

  19. Danny 2 Silver badge

    BBC website was down today

    From about 10am to about 11am. Never seen that before.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019