The weeks running up to a General Election are always tense. But for modern political parties there’s now an extra source of concern: cyber-threats. Attackers have discovered that these organisations may not be as well defended as they should, offering opportunities to compromise voters’ personal data and even undermine elections themselves. A recent DDoS attack on the Labour Party ahead of the UK General Election has raised these concerns to the fore.
The Labour Party appears to have been hit twice in the space of a few days last week with DDoS attempts to disrupt its election and campaigning platforms.
“There were large-scale and sophisticated attacks on Labour party platforms which had the intention of taking our systems entirely offline,” wrote head of campaigns, Niall Sookoo. “Every single one of these attempts failed due to our robust security systems and the integrity of all our platforms and data was maintained.”
The incident was reported to the National Cyber Security Centre (NCSC), although sources told reporters that a “non-state actor” is thought to have been responsible.
Organisations under fire
DDoS attacks have become a commonplace threat for CISOs in virtually all sectors today, although many organisations still under-estimate their potential impact. This is very real: as they are focused on disrupting key web services and applications by flooding the WAN, firewalls and servers, DDoS attacks can cripple employee productivity, damage brand reputation and eat into sales and profits. The more reliant your organisation is on connected services, the more your business could be disrupted. There’s also a growing threat that such attacks could be used as a smokescreen to distract IT security teams while the hackers go after their real target: sensitive customer and corporate data.
What’s more, attackers have a range of DDoS techniques at their disposal today, including volumetric TCP SYN flood, UDP flood, ICMP flood and reflection attacks, as well as application-layer attacks including HTTP-GET, HTTP-Post, and SSL attacks. A thriving cybercrime underground has made launching such attacks child’s play: budding cyber-criminals can simply rent a bunch of compromised computers (bots), choose their victims and fire.
Time to get proactive
DDoS protection is an insurance policy against this worst-case scenario. It can be a significant investment with plenty of variables — so it pays to plan ahead to find the right option for your organisation.
Simply switching on DDoS protection in your Unified Threat Manager (UTM)/next generation firewall, will not do the trick. Instead, we recommend a hybrid approach. This combines: on-premise inline devices, to protect against application layer attacks and signal to the cloud if a volumetric attack is detected; and cloud-based scrubbing solutions which allow sanitised business traffic to pass. Combine such services from a reputable third-party with a mature approach to incident management, and you will be well placed to mitigate the worst effects of DDoS attacks.
Whether the Labour Party DDoS attacks were the work of hacktivists, financially motivated cyber-criminals or nation state hackers, they should serve as a wake-up call to political parties. As the traditional security perimeter continues to disappear, organisations’ attack surface will only expand further, exposing them to new threats.
As we enter a new decade, disruption before elections will become the new normal. It’s better to plan for this reality now rather than scramble to react when the bullets start flying.
For more information on NTT, click here.