MPs and peers left in dark over source of biggest cyberattack on UK Parliament
House of Commons Commission refuses to comment on email hack due to security concerns.
MPs, peers and their staffers will be left in the dark over who launched a cyberattack on the Houses of Parliament in June, it emerged on Tuesday 18 July.
The development comes after Labour MP Grahame Morris asked the House of Commons' cross-party commission whether the source of the email hack had been identified and what deterrence steps have been taken.
Liberal Democrat MP Tom Brake, a member of the commission, told the former shadow minister that it was a long-standing practice of the group not to comment on security matters.
"For this reason, I am unable to comment on the source of the recent cyberattack," he said. "Following the attack, a number of measures have been taken of which honourable Members will be aware, including the enhancement of multi-factor authentication to secure user accounts.
"There is a substantial ongoing programme of work to improve Parliament's cyber security. Parliament has been working with the National Cyber Security Centre (NCSC) to understand the attack and put further mitigation measures in place."
The 24 June attack saw fewer than 1% of parliamentary emails (or under 90 accounts) breached, with the Parliamentary Digital Service (PDS) teaming up with the NCSC to stop the hack.
PDS director Rob Greig told IBTimes UK that the "well resourced" hacker(s) started probing the parliamentary IT systems as far back as 5 June in a bid to find vulnerabilities.
"They specifically hit our user accounts at a rate which meant that it wouldn't trigger our protective monitoring alerts and wouldn't trigger our accounts to locked out," Greig said. "Script kiddies don't do that, they just hit you with everything they can in every backdoor that they can try."
His 10-strong cybersecuirty then locked key accounts in reaction to the hack, with the hacker (s) responding by hitting the system "with everything that they could.
"There were 200,000 attempts [to breach], it was really noisy – anyone with any kind of cybersecurity monitoring would have spotted that," Greig said.
The NCSC and National Crime Agency (NCA), the UK's equivalent of the FBI, are investigating the incident.
"It would be naive to suggest that it was an amateur," Greig said. "All I can say is this was a reasonably well resourced attempt and they were reasonably patient in terms of their attack."
The Canadian Parliament also temporarily deactivated emails as part of "preventative measures" on the same weekend (25 June) as the attack on the UK parliament.
"Preventative steps were taken to maintain the security of IT services. The IT environment remains secure and the investigation is ongoing," an internal memo to the Parliament Hill community said.
Canadian House of Commons authorities would not confirm whether the actions were in response to the hack in Britain, which became public on 24 June.
© Copyright IBTimes 2024. All rights reserved.