MP’s website sees cyberattack ‘traceable to China’, sending users to gambling pages

Sir David revealed in the Commons that his website was subjected to a massive distributed denial of service (DDoS) attack, which saw it hit with "142 million requests, consuming nearly 800 gigabytes (GB) of data" in just 24 hours.

The attacks are believed to have commenced last Thursday morning, initially redirecting users from legitimate links to gambling pages.

Describing the incident, the former Brexit secretary stated: "Last Thursday, my Ipsa (Independent Parliamentary Standards Authority) provided website was compromised. Malicious links were inserted, redirecting users to south-east Asian gambling websites – I guess it could be worse. We took it down immediately. It was restored but then came under sustained distributed denial of service (DDoS) attack, traceable to China. This is not a minor nuisance, it’s a direct interference with a Member of Parliament carrying out his duties."

A DDoS attack involves overwhelming a server or website with internet traffic from multiple sources.

On Monday evening, the website daviddavismp.com displayed a message indicating it was "Briefly unavailable for scheduled maintenance. Check back in a minute."

While the majority of the traffic appeared to originate from China, Sir David’s office has identified a small number of hits from other countries and is collaborating with website hosts to prevent further incidents.

Deputy Speaker Nus Ghani addressed MPs on the matter, stating: "I do not think it would be appropriate to discuss the details publicly about preventative action and how members are supported to protect themselves against these kinds of cyber threats."

She advised members seeking security advice for personal accounts and devices to contact the Parliamentary Security Department (PSD), and for parliamentary accounts and equipment, to reach out to the Parliamentary Digital Service (PDS) service desk.