Labour was hit by a second cyber attack on Tuesday afternoon, asJeremy Corbyn warned the targeting of the party’s digital platforms could be a “sign of things to come” in the general election.
The Labour leader said the timing of the first attack on Monday – which slowed some of the party’s campaign activities – was “suspicious” and had made him “nervous” about what might happen in the rest of the campaign.
A second attack took place on Tuesday afternoon and was big enough to trigger the party’s highest level security protocols, one source said.
The so-called “distributed denial-of-service” (DDoS) attack on Monday, was described by the party as “sophisticated and large-scale”.
However, a source at the National Cyber Security Centre (NCSC), which is investigating the incident, said it was relatively “low level” with no evidence of “state-sponsored activity”.
In a DDoS attack, hackers flood a target’s online platforms with traffic from various sources, with the aim of slowing down access or causing websites to crash.
Labour said the attack had failed due to the “robust security systems” it had put in place and that it was confident there had not been any data breach.
While its security procedures had led to a temporary slowdown in it its campaigning activities, they were later back up to “full speed”.
However, speaking at a Labour campaign event in Blackpool, Corbyn expressed concern about the implications for the rest of the election campaign.
“We have a system in place in our office to protect us against these cyber attacks, but it was a very serious attack against us,” he said.
“So far as we’re aware, none of our information was downloaded and the attack was actually repulsed because we have an effective in-house developed system by people within our party.
“But if this is a sign of things to come in this election, I feel very nervous about it all because a cyber attack against a political party in an election is suspicious, something one is very worried about.”
Corbyn referred to the WannaCry attack, which caused widespread disruption to the NHS during the 2017 general election and was subsequently blamed on North Korean hackers known as the Lazarus Group.
“A cyber attack, as happened in 2017 against our NHS, is something that is incredibly dangerous to the health records and the healthcare and treatment of potentially millions of people, and so we do need far better defensive arrangements against cyber attacks made against us,” he said.
DDoS attacks are among the most common form of cyber attacks and experts said they could vary enormously in the level of sophistication.
Edward Apeh, principal academic in computing at Bournemouth University, said it could be very simple if it was just a novice, but that more sophisticated operators could put in place measures making it difficult to detect who was responsible.
“Attribution for this problem here right now will be very hard, except if a group comes out and says they are responsible – it’s going to be very hard to attribute the attack to any particular person,” he said.
“It’s a technique used by all the known typical attackers from the North Koreans, the Lazarus Group, to even the Anonymous group, so any group can actually do this, it depends who’s driving them.”
An NCSC spokesman said: “The Labour Party followed the correct, agreed procedures and notified us swiftly.
“The NCSC is confident the party took the necessary steps to deal with the attack. The attack was not successful and the incident is now closed.”
The centre met the major parties last week as part of its ongoing work with politicians to protect and defend against cyber attacks, the spokesman added.