News by VICE

U.K. lawmakers allege that foreign states may have interfered in the Brexit vote

by David Gilbert
Apr 12 2017, 7:39am

U.K. lawmakers have alleged that a foreign government may have interfered with the Brexit vote via a voter-registration website, but they don’t seem to have any firm evidence, leading one expert to accuse the MPs of crying wolf.

Amid ongoing investigations into Russian interference in the U.S. election and fears that similar campaigns may be targeting the upcoming French election and September’s German elections, U.K. lawmakers want to know if the Brexit vote was also influenced by state-sponsored actors — in this case, with botnets.

On June 7 of last year, following a televised debate about the referendum to leave the EU, the “Register to Vote” website — which allowed U.K. citizens to sign up to take part in the referendum — crashed at 10:15 p.m, shortly before the midnight deadline. At the time, the government said it was the result of an overwhelming volume of traffic, adding that “there is no evidence to suggest malign intervention.”

In a report published Wednesday, MPs on the parliamentary public administration and constitutional affairs committee contested that explanation, saying they do “not rule out the possibility that the crash may have been caused by a DDOS (distributed denial of service attack) using botnets.”

When asked on what evidence the committee based its claim that “the crash had indications of being a DDOS attack,” a spokesperson for the group referred VICE News to another report prepared by software consultants Equal Experts. That pointed to yet another report from the group that operated the website, saying: “A report from FCO Services highlighted that no DDOS attack was ongoing at the time of the incident.”

When asked to clarify what specific “evidence” of a cyberattack he was pointing to, the spokesperson said he was “trying to seek clarification.”

While stopping short of naming any culprits directly, the committee’s own report does include the following paragraph:

“The U.S. and U.K. understanding of ‘cyber’ is predominantly technical and computer-network-based. For example, Russia and China use a cognitive approach based on understanding of mass psychology and of how to exploit individuals. The implications of this different understanding of cyberattack, as purely technical or as reaching beyond the digital to influence public opinion, for the interference in elections and referendums are clear. PACAC is deeply concerned about these allegations about foreign interference.”

Asked what “allegations” the report was referring to, the spokesperson again failed to respond.

Professor Alan Woodward, a cybersecurity expert at the University of Surrey, believes that pointing the finger of blame at someone without proper attribution “is a big problem in security at the moment. There is a real problem of crying wolf.”

Woodward thinks the government’s initial explanation of what happened sounds plausible. “The problem the Register to Vote site has is that everyone panics and tries to register at the last minute. It wouldn’t surprise me if it didn’t fall over because of the volume of people,” he told VICE News.

Javvad Malik, a security advocate at AlienVault, says the sudden spike in traffic may simply have looked like a cyber attack. “It’s quite likely that a sudden huge spike in traffic could be attributed to a DDoS attack as opposed to an increase in demand,” Malik said. “At times, it can be difficult to differentiate between the two without having detection controls that can identify the source and type of traffic, or behavioral controls that look at the traffic flow and seeing whether the flow differs from what would resemble normal behaviour.”

A similar problem happened when the Canadian immigration website crashed minutes after sources started reporting that Donald Trump was about to win the U.S. election — something that was caused by a sudden and unexpected flood of traffic.

The U.K. committee’s report calls on the government to establish a cybersecurity center to monitor potential cyberthreats to U.K. elections and referendums — particularly from any foreign actors trying to influence public opinion and disrupt the democratic process.