A senior lecturer at Cranfield University has warned that the cyber-attack on the Labour Party may be precursor to bigger, more sophisticated attacks.
And he has said that it wouldn’t take much to create disruption in the UK’s ‘delicate political environment’.
“The UK Government’s decision to withhold the publication of the report on alleged Russian interference in UK politics adds to the growing tension around the UK democratic elections,” said Dr Duncan Hodge, senior lecturer in Cyberspace Operations
“Small attacks, equivalent to physically knocking over a political party’s sign, are one thing, but larger co-ordinated attacks could have more detrimental consequences. Any attack on our democratic process or that affects the ability to conduct a fair election, and hence respect the outcome of that democratic process we should take very seriously.”
Distributed Denial-of-Service (DDOS) attacks occur when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers.
Such an attack is often the result of multiple compromised systems flooding the targeted system with traffic.
“DDOS attacks are really quite common, we see these all the time and it’s possible to hire this capability for as little as $100.
“You can also decide which countries the attack should appear to come from. So the fact this cyber-attack appears to have come from Russia and Brazil actually doesn’t mean anything.
“A DDOS attack involves a whole set of bots or ‘zombie machines’ that make what appear to be valid requests from a website. This causes a huge surge in traffic and requests which seem legitimate, so the website will try to fulfil them causing massive problems.
“These sort of DDOS attacks can be used by sophisticated cyber actors, despite their simplicity, for two reasons. Firstly they create a lot of noise and interest in one area, and this distraction means they can get in in another way, sneaking in a side door. Secondly they could be a test run, creating an attack to see how the organisation responds, what processes they follow and how quickly they involve the National Cyber Security Centre. This information gathering mission will be looking at the window of opportunity attackers may have for other activity.
“I wouldn’t call this attack sophisticated, but it is certainly co-ordinated and large scale in that it involved multiple attacks. We shouldn’t be confident that this is over, we have seen this type of attack used as cover for further activities.”