The British parliament admits it experienced a sustained cyber attack
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!
June 26, 2017
Today, the British parliament has admitted that it experienced a sustained cyber attack over the weekend and asserted that about ninety email accounts have been compromised in the attack.
The incident struck on Saturday afternoon and late that evening Parliament issued a ”Statement regarding a cyber mishap” admitting that “We have discovered several unauthorized attempts to access accounts of parliamentary network users and are investigating this ongoing attack”.
The parliamentary IT team “temporarily restricted remote access to the network” and warned that “As a result, some Members of Parliament and staff cannot access their email accounts outside of Westminster,” the government asserted.
The email accounts cover members of Parliament, from the prime minister down, plus thousands of salaried staffers. All other IT services continued to work well.
The Parliamentary Digital Service later weighed in and said “Closer investigation by our team confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts in an attempt to identify weak passwords. Those attempts specifically were trying to gain access to users emails.”
Such email accounts certainly represent an interesting target if users left sensitive data in their inboxes, or if Parliamentary email credentials let attackers get deeper into Parliamentary resources.
Removing remote access privileges appears to have stymied that attack relatively quickly and effectively, while leaving the elected representatives tragically unable to respond to constituents concerns late on Saturday night and most of Sunday.
Britain's cyber defence department swung into action more or less as planned: the National Cyber Security Centre acknowledged the attack on Saturday night and said “it is working around the clock with the Parliamentary digital security team to understand what has happened and advise on the necessary mitigating actions.”
The Parliamentary Digital Service was also quick in explaining what happened. Left unexplained is why Parliamentary staffers are able to set sub-standard passwords and what resources are available to those who manage the IT infrastructure.
Source: The British Parliament.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.