Hackers tried to access MPs’ email accounts
On Friday, the British Parliament was hit by a cyber attack. Hackers tried to get access to all email accounts of the members of the Parliament and the parliamentary staff. In order to secure the network, the email service was shut down immediately. MPs were unable to login to their emails remotely or via phones.
Members of the Parliament were informed that these inconveniences were made due to unauthorized attempts to access their accounts. The incident is currently under investigation and security services are working on protection measures.
Undoubtedly, emails of the Parliament members contain lots of valuable and confidential information. Thus, hacking accounts and collecting sensitive information might lead to blackmailing and another assault.
The attack was held after ministers’ login details were published for sale
The incident occurred as soon as reports about thousands of British ministers, ambassadors, and senior police officers passwords and login details being sold by Russian hackers has shown up.
According to the The Times, criminals managed to steal and publish passwords of 1,000 MPs, 1,000 Foreign Office officials and 7,000 police employees. What is more, the list of stolen credentials included login details of the head of IT department as well.
Currently, it’s not confirmed whether these two events are related. The British Parliament started the investigation with National Cyber Security Centre (NCSC). Thus, all the details about the attack and who is standing behind it might be revealed soon.
It’s not the first attack towards British Parliament
Nevertheless, British Parliament was hit by phishing attack earlier this year; the scale of the current assault cannot be compared. While the previous attack was aimed at no more than ten MPs, this one targeted all members of the Parliament.
HuffingtonPost published the official release stating about the attack. Here authorities describe the assault as a “sustained and determined attack” which was used to identify weak passwords and get access to email accounts.
It’s assumed that cyber criminals launched a brute force attack. This method allows trying different password combination in a short period of time. Thus, if some weak passwords were detected, hackers may have accessed targeted email accounts.
However, specific details about the attack are still unknown. There’s no confirmed information if attackers managed to obtain sensitive information or not. The investigation will also reveal if the assault was held by an individual or foreign country.