LONDON (Labour Buzz) - On November 12, as per The Independent and other reporting, the Lizard Squad conducted two distributed denial of service (DDoS) attacks on the Labour Party website. Such attacks often involve multiple and often compromised systems being used to drive large amounts of “visitor” traffic to a website, more than the site can handle, causing it to crash.
Tweets and messages appearing to be from Lizard Squad say a botnet was used to incorporate millions of devices in order to “enable more power to process such attacks.”
The DDoS attacks seem to have been unsuccessful so far
However, in this instance the attack appears to have failed with the Labour Party saying the “sophisticated and large-scale” attack was thwarted by its “robust security systems,” and that no data was compromised.
As per Computer Weekly, Lizard Group has targeted popular celebrities in the past as well as Sony’s PlayStation and Microsoft’s Xbox networks and reportedly Malaysia Airlines. A Twitter account believed to belong to the group said:
“Today’s DDoS attack on the Labour Party is to show that no terrorist supporting government should allow to rule a country.”
“Terrorist supporting” is believed to be a reference to Labour Party leader Jeremy Corbyn’s alleged views and actions during the Northern Ireland peace process.
Computer Weekly writes that the Labour Party’s service provider Cloudflare also help to thwart attacks and that other DDoS attacks have often hidden a “more pernicious attack.” The Labour Party will need to monitor its systems for malware and other breaches just in case. Government Communications Headquarters (GCHQ) chief Brian Lord told LBC radio another party could have been behind the attack and it could even be a distraction to disguise a more “sinister” attack.
The Independent has exchanged private messages with the Lizard Squad which gave a warning that more attacks were planned and occurring:
“If Labour do win the election, you can expect the whole of the government and Labour websites to go offline.”
The alleged group member added:
“Jeremy Corbyn’s family members’ personal accounts have been compromised and their home internet is under a DDoS attack as we speak.”
Lead cybersecurity researcher at Mimecast, Jonathan Miles, said it was possible that Lizard Squad “may have been hired,” to conduct the attack as it had been known to offer a “DDos-for-hire” service via Twitter. Though Miles also commented that the group are known to be anti-Labour and supportive of Brexit. Miles added:
“This attack, if proven to be associated with Lizard Squad, would represent a significant shift in focus and indicated that they have a means to undertake successful DDoS attacks – a concern in the run up to the general election.”
As per reports, other security experts believe Lizard Squad has the capability to conduct such an attack.
Euronews says that just after the attacks on the Labour Party website, the Conservative Party website was also attacked. The attacks have been reported to the National Cyber Security Centre (NCSC).
ISC report on cyber-interference is still being held back by the UK government
These cyberattacks further highlight concerns that a report by Parliaments Intelligence and Security Committee (ISC) into possible interference in the 2016 Brexit referendum and 2017 general election has yet to be published. The ISC submitted the report to Prime Minister Boris Johnson on October 17 and stated at the time that it “expects to be in a position to publish the report imminently.”
Experts say usually such reports are published within 10 days however the UK government is defending its holding of the document telling Euronews:
“There are a number of administrative stages and processes which reports such as this, which often contain sensitive information, have to go through before they are published.”
(Written by Melanie Kramer, edited by Michael O'Sullivan)