Notorious hackers claim responsibility for Labour cyber attacks and threaten to target Corbyn's family

Lizard Squad claim they were politically motivated

Anthony Cuthbertson
Thursday 14 November 2019 12:11 GMT
Comments
Jeremy Corbyn says Labour's computer systems have repelled 'a very serious cyber attack'

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A notorious hacking group has claimed responsibility for the recent cyber attacks on the Labour Party and warned that there will be more to follow.

Lizard Squad, which has previously targeted singer Taylor Swift and video game companies said that it used a distributed denial of service (DDoS) tool in an attempt to knock the party's digital platforms offline.

Commonly used by cyber criminals, DDoS attacks direct huge amounts of web traffic to a single website or online service in order to cause it to crash.

Labour said the "sophisticated and large-scale" cyber attacks failed because of the party's "robust security systems".

It added that no data was compromised.

Following the attacks, Lizard Squad claimed to be in control of powerful tool known as a botnet that is capable of carrying out such attacks.

“Today’s DDoS attack on the Labour Party is to show that no terrorist-supporting government should allow to rule a country," it stated.

In private messages to The Independent, a member of the group said that more attacks were planned.

"If Labour do win the election, you can expect the whole of the government and Labour websites to go offline," said the member, who shared screenshots appearing to show a botnet tool used to carry out the DDoS attacks.

"Jeremy Corbyn's family members' personal accounts have been compromised and their home internet is under a DDoS attack as we speak."

Cyber security researcher Jonathan Miles said the group has previously advertised its DDoS-for-hire service on Twitter and “may have been hired by unknown entities to undertake the attack”.

Lizard Squad boasted on Twitter about a powerful botnet
Lizard Squad boasted on Twitter about a powerful botnet (Twitter)

Mr Miles, who is the lead researcher at security firm Mimecast, also noted that Lizard Squad typically targets the gaming industry but has a history of being anti-Labour and pro-Brexit.

Tweets from the group in the days leading up to the attacks included the comments ”Leave means Leave” and “f**k off labour supporting freak”.

“This attack, if proven to be associated with Lizard Squad, would represent a significant shift in focus and indicated that they have a means to undertake successful DDoS attacks – a concern in the run up to the general election," Mr Miles told The Independent.

The nature of botnets make them extremely difficult to trace, as they are made up of thousands and sometimes millions of hijacked devices from all over the world.

Speculating on the credibility of Lizard Squad's claims, other security experts pointed to the group's history of carrying out similar attacks as evidence it could have been them.

In 2018, a US judge sentenced a 20-year-old man who identified as a member of Lizard Squad to three months in prison after he pleaded guilty to carrying out cyber attacks.

"That Lizard squad has taken responsibility for the attack, and no other group has done so, is a strong indication of a credible claim," said Andras Somkuti, chief executive of encryption firm Netlock.

"Furthermore, a former member of the Lizard Squad has been arrested for offering DDoS attacks for hire, and the group's history of executing attacks against Playstation Network and others make it plausible."

Lizard Squad denied that the attacks were commissioned by a third party, however the timing of the attacks mean such a possibility can not be ruled out.

Following the attacks, former GCHQ boss Brian Lord suggested that a hostile nation state may have been behind them, potentially even using them as a distraction to carry out more "sinister" data hacks on the Labour Party.

Mr Lord told LBC radio that DDoS attacks would "tie up resources in one area while they perhaps take data out or carry out other activity".

A Labour spokesperson said the Party did not wish to speculate on the motives or origins of the attack, adding that they had not previously heard of Lizard Squad. Labour leader previously said that attacks against a political party made him "suspicious" and "very nervous" about the upcoming general election.

The incident was reported to the National Cyber Security Centre, who said: "The attack was not successful and the incident is now closed."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in