Cyber Incident Victim: Conservative Party
Date:
Nov 2019
Location:
United Kingdom
Summary
Hackers conducted multiple distributed denial-of-service (DDoS) attacks against the UK's Labour and Conservative political parties in close succession, attempting to overwhelm their digital platforms with malicious traffic during an election period. The initial attack targeted Labour's infrastructure but was successfully mitigated without data compromise, followed by subsequent assaults on both parties' websites that were similarly repelled by existing security measures. While UK security agencies had previously warned of potential foreign interference in the election, sources indicated no evidence linking these incidents to state actors. The attacks caused temporary disruptions but failed to take down any websites due to effective defensive protocols implemented by the parties and the National Cyber Security Centre, which confirmed the incidents as common DDoS attempts with widely available mitigation techniques.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 11, 2019, hackers launched distributed denial-of-service (DDoS) attacks against the UK's Labour and Conservative political parties in rapid succession. The Labour Party first reported experiencing a "sophisticated and large-scale cyberattack" targeting its digital platforms on Tuesday morning, which it successfully repelled without data compromise. Later that same day, Labour's website and online services faced a second DDoS attack, followed by a third attack targeting the Conservative Party's website shortly before 1600 GMT. Sources indicated the Conservative attack was larger in scale and potentially conducted by different actors than the Labour incidents, though neither attack succeeded in taking party websites offline. Britain's National Cyber Security Centre (NCSC) confirmed all incidents involved DDoS techniques designed to overwhelm websites with malicious traffic.
The attacks occurred during heightened security concerns ahead of the December 12 general election, with UK agencies having previously warned about potential foreign interference attempts. Labour leader Jeremy Corbyn confirmed defenses thwarted the initial attack when it began on Monday but expressed concern about election-related cyber threats. The NCSC noted DDoS attacks are common across threat actors and difficult to attribute, with available mitigations proving effective in these cases. While security agencies had previously warned about possible Russian interference, sources stated there was no immediate evidence linking these specific attacks to foreign states. The Conservative Party did not immediately acknowledge the attack when contacted by Reuters. No data breaches or persistent website outages resulted from the incidents, though Labour advised users might experience temporary service differences during mitigation efforts.