UK Parliament cyberattack: What we know so far about hackers' 12-hour-long siege to steal MPs' records
Fears of MPs being blackmailed emerge after hackers launched a 'sustained and determined' cyberattack on Parliament.
The British Parliament was hit by hackers late last evening (24 June) in what is being described as a "sustained and determined" cyberattack. The attack reportedly saw hackers target both houses of parliament and networks that are used by Prime Minister Theresa May and her cabinet members.
The attack reportedly lasted for 12 hours and saw hackers go after "weak" passwords of MPs and their staff, presumably in an attempt to steal politicians' records.
The attack has prompted fears of politicians being potentially open to blackmail by hackers, the Guardian reported. The attack forced parliamentary officials to lock MPs out of remotely accessing their emails via phones and tablets as a precautionary measure.
The House of Commons issued a statement that said that they had discovered "unauthorised attempts to access accounts of parliamentary network users". The statement said the House was investigating the incident with the NCSC (National Cyber Security Centre). The statement also assured that parliament has "robust measures in place to protect all accounts and systems".
The Telegraph reported that following the attack, MPs apologised to their constituents, amid fears that personal and sensitive information may have been stolen by hackers and leaked online.
Although the identity of the hackers behind the attack still remains unknown, some experts indicated that the cyberattack could be the handiwork of state-sponsored hackers affiliated with Russia, China or North Korea. All three nations are known to have highly active state-sponsored hacker groups that have targeted organisations across the globe.
Henry Smith, the Conservative MP for Crawley, said on Twitter: "Sorry, no parliamentary email access today – we're under cyber-attack from Kim Jong-un, Putin or a kid in his mom's basement or something."
The Guardian cited an email alert sent to all those affected by the attack, which stated that the "hackers were carrying out a sustained and determined attack on all parliamentary user accounts in an attempt to identify weak passwords".
The NCSC issued a statement that read: "The NCSC is aware of an incident and is working around the clock with the UK parliamentary digital security team to understand what has happened and advise on the necessary mitigating actions."
The attack came just hours after news broke out about MPs' account log-ins being traded on the dark web by Russian hackers. Mere weeks prior to the recent attacks, Britain's NHS was crippled by a massive global ransomware attack. The nearly successive attacks likely hint at Britain's current security measures.
It still remains unclear if the hackers were able to successfully exfiltrate data during the attack.
"Nearly every aspect of modern life has reliance on digital systems, be that the government, banking, healthcare, or any aspect of personal lives," Javvad Malik, security advocate at AlienVault told IBTimes UK. "It is therefore of utmost importance that organisations invest in appropriate security controls to ensure threats can be quickly detected and responded to, so as to ensure ongoing business resilience."
© Copyright IBTimes 2024. All rights reserved.