A cyber attack on UK Parliament on Friday 23 June compromised up to 90 email accounts belonging to MPs, peers and lords.
Officials are said to have disabled remote access to the emails of those working in Parliament as a safeguard and as a result fewer than 1% of the 9,000 users of Parliament’s IT system are said to have been affected by the cyber attack.
British security services suspect that the cyber attack was conducted by hackers funded by the Russian government, although those investigating the attack fear this may prove impossible to know for sure. There are fears that the attack could leave those affected open to blackmail.
This is not the first time the Russian government has been linked to the hacking of another government’s computer systems. Last month Russia was linked to the cyber attack on French systems that saw data from Emmanuel Macron’s presidential campaign leaked to the public. US intelligence agencies concluded that Russia hacked Democratic Party communications during the 2016 presidential election and attempted to influence that election.
It has been reported that parliamentary authorities investigating the attack confirmed that this was a sustained attack on Parliament email accounts with the hackers looking to identify weak passwords they could exploit.
International Trade Secretary Liam Fox stated his lack of surprise about the attack following the WannaCry attack on the NHS in May and went onto say:
“It’s a warning to everybody, whether they are in Parliament or elsewhere, that they need to do everything possible to maintain their own cyber security, including having complex and therefore safer code words.”
It does appear that due to early detection the attack was shut down and the hackers locked out, and Parliament will be hoping that no sensitive information was lost in the attack. But this looks to be another warning that even those at the highest level of power must be vigilant when it comes to cyber security.
The National Cyber Security Centre and National Crime Agency are investigating the incident.
How DCI Cyber Essentials can help
The first step to keeping your organisation safe from cyber attack is to be certified with DCI Cyber Essentials. Certification to the Government’s Cyber Essentials Scheme is a mandatory requirement for organisations wishing to win business with the MOD, and can help your organisation prepare and defend itself against malicious cyber attacks.
