On Wednesday, the parliamentary Public Administration and Constitutional Affairs Committee (PACAC) published a report on the 'Lessons Learned from the EU Referendum'. In a section of the report dedicated to cybersecurity, the committee warned that it was "deeply concerned" over "allegations of foreign interference" in the run-up to the Brexit vote.
Commenting on the crash of a key voter registration website just days before to the referendum, the Committee emphasized that it could "not rule out the possibility that the crash may have been caused by a DDOS (distributed denial of service attack) using botnets."
And although the report does not directly accuse any country of involvement, it does point to Russian and Chinese approaches to cybersecurity, and how these differ from those of the US and the UK, thus hinting at these countries may have somehow been involved in a DDOS attack on the voter registration website.
The Cabinet Office, which commissioned its own report on the crashed website, told the BBC that its findings were that that the crash was caused by too many users on the site at once.
"We have been very clear about the cause of the website outage in June 2016. It was due to a spike in users just before the registration deadline," the Cabinet Office's statement to the BBC stated. "There is no evidence to suggest malign intervention. We conducted a full review into the outage and have applied the lessons learned. We will ensure these are applied for all future polls and online services," it added.
We already told you we hacked #brexit ⬇️⬇️⬇️ pic.twitter.com/N0kZo3bZ3d
— Russia Hack Team (@CompIeteIynew) 12 апреля 2017 г.
Speaking to Radio Sputnik about what to be the latest allegation in a never-ending series of 'Russian hacking' claims, Simon Ruwhof, an independent IT security consultant and professional hacker, explained that he was not impressed with the report.
"[From] what I've seen in the evidence in the news articles supporting these claims with regard to the United Kingdom's Brexit [vote], it's not substantiated that Russia interfered. I would like to see more evidence of this claim from the UK's members of parliament," the expert noted.
The cybersecurity expert recalled that there have also been a lot of rumors and insinuations in his country — the Netherlands, about Russia's alleged manipulation of the recent Dutch elections via 'fake news'. "There is a lot of rumor and speculation, but not a lot of evidence that substantiates that Russia or China might be behind the attacks."
Remainers want any excuse to try & explain the Brexit vote. Brits wanted freedom it is that simple https://t.co/MnfPB7ROQ0
— David Jones (@DavidJo52951945) 12 апреля 2017 г.
Ultimately, Ruwhof suggested that it could be seen as normal for lawmakers to speculate and spread rumors, since most of them have no actual understanding of cybersecurity issues. "This is just normal behavior for people in parliament. They don't know anything specific about cyberattacks, and they just give their opinion. I don't think there's anything bigger behind it," he said.
"But it's an important case," Ruwhof admitted. "I think we should keep computers and websites completely out of the democratic voting process, as these make the process quite vulnerable and open to all kinds of attacks. I think that within a democratic election process, there should be no doubt over the results."
