Tuesday

10th Dec 2019

EUobserved

MPs and media create Brexit hacking scare

  • Did Russia or China influence the Brexit vote? Not that we know of, but a British parliamentary committee 'does not rule out the possibility'. (Photo: Reuters)

Respectable news agencies from Europe and beyond reported on Wednesday (12 April) that the British referendum that led to the UK's departure from the EU may have been "hacked".

In a news ticker, EUobserver also initially used the word "hacked", which we quickly corrected.

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 20 years of archives. 30-day free trial.

... or join as a group

  • It should be noted that a DDoS attack is different from hacking. (Photo: Sebastiaan ter Burg)

This shocking revelation was reportedly uncovered by a committee in the UK's House of Commons.

However, the media reports appear to be based on a misunderstanding of digital affairs and have quoted the report out of context.

First of all, the use of the word hacking is incorrect.

The UK parliament's public administration and constitutional affairs committee published a report on Wednesday with the title "Lessons Learned from the EU Referendum".

In chapter 4, the committee discusses “software problems”.

On 7 June 2016, the last day on which voters could register for the in/out referendum, the voter registration website collapsed for several hours.

The committee criticised the website's crash, and stated that the British government “clearly failed to undertake the necessary level of testing and precautions required to mitigate against any such surge in applications”.

In a sentence picked up by international media, the committee said that it “does not rule out the possibility that the crash may have been caused by a DDoS (distributed denial of service attack) using botnets”.

It should be noted that a DDoS attack is different from hacking.

Hacking is the digital equivalent of breaking and entering, and possibly stealing something, whereas a DDoS attack is more like a sit-in that prevents people from accessing a building. They are very common.

Last year, security firm Inerva reported that the UK is on the receiving end of 9.3 percent of the world's DDoS attacks, second only to the US.

According to Kaspersky Lab, a cybersecurity software company, during the first half of 2016 there were some 124,000 DDoS attacks worldwide each week.

The attacker does not usually reveal themselves, and the motive often remains unclear. It could be political, but also commercial, or an act of vandalism.

The hacking narrative gives the impression that the Brexit referendum outcome had been influenced.

While the crashed website would have been very inconvenient, a cyber attack causing it would not have changed any of the votes cast in the 23 June referendum, which was won by the Leave side with 52 percent - leading to Brexit.

The only way that an attack would have had an influence on the outcome, was if voters of one of the two sides were more likely to register in the last minute, and were prevented from registering and thus casting their votes.

No evidence

The committee said that “the crash had indications of being a DDoS (distributed denial of service) ‘attack'”.

But it also wrote that it had “no direct evidence” that any foreign power had tried to influence the referendum, only that “it is important to be aware of the potential”.

While several news outlets used headlines that Russia and China may have been involved, that claim is only based on a single sentence, about the differences in understandings of “cyber”, often a shorthand for cyber warfare.

“The US and UK understanding of ‘cyber’ is predominantly technical and computer-network based. For example, Russia and China use a cognitive approach based on understanding of mass psychology and of how to exploit individuals.”

The committee then goes on to say that it is “deeply concerned about these allegations about foreign interference”, without citing any specific allegations.

To news media that do not read reports so diligently, putting the words Russia and China in the same paragraph that discussed possible foreign interference, was a red flag.

It led to CNBC headlining with "Russia, China could have influenced Brexit vote, lawmakers claim".

While the committee's MPs cannot be blamed for the media taking their words out of context, a report that has “no direct evidence” could have been worded more accurately or clearly.

Saying that you can “not rule out the possibility” that the website crash “may have been caused” by a cyber attacker of unknown origin, is an almost gratuitous statement that could be made by anyone.

Investigation

French election faces high cyber threat

French president Francois Hollande has called for "all necessary means" to be used to fend off cyber attacks ahead of the presidential election in April and May. But political parties are still vulnerable.

Column / Brexit Briefing

Don't copy us, we're British

The havoc caused by the unexpected referendum result on June 23 could serve as a stark warning to the EU-27: fail to prepare - prepare to fail.

News in Brief

  1. Orban wants bill to tighten grip over theatres
  2. Dutch reduce terror threat level for first time since 2013
  3. Russia banned from Olympics over doping scandal
  4. EU agrees future human rights sanctions
  5. Greens demand Zahradil conflict of interest probe
  6. EU commission to 'correct mistake' on enlargement
  7. Luxembourg pushes EU to recognise Palestine
  8. Minister: 'All Brussels kids should be trilingual at 18'

Stakeholders' Highlights

  1. Nordic Council of Ministers40 years of experience have proven its point: Sustainable financing actually works
  2. Nordic Council of MinistersNordic and Baltic ministers paving the way for 5G in the region
  3. Nordic Council of MinistersEarmarked paternity leave – an effective way to change norms
  4. Nordic Council of MinistersNordic Climate Action Weeks in December
  5. UNESDAUNESDA welcomes Nicholas Hodac as new Director General
  6. Nordic Council of MinistersBrussels welcomes Nordic culture

Stakeholders' Highlights

  1. UNESDAUNESDA appoints Nicholas Hodac as Director General
  2. UNESDASoft drinks industry co-signs Circular Plastics Alliance Declaration
  3. FEANIEngineers Europe Advisory Group: Building the engineers of the future
  4. Nordic Council of MinistersNew programme studies infectious diseases and antibiotic resistance
  5. UNESDAUNESDA reduces added sugars 11.9% between 2015-2017
  6. International Partnership for Human RightsEU-Uzbekistan Human Rights Dialogue: EU to raise key fundamental rights issues

Join EUobserver

Support quality EU news

Join us