Who launched the cyberattack on the UK parliament and why?
Mystery surrounds password breach as the National Cyber Security Centre investigates.
As the rest of the nation headed home for the weekend, the UK parliament's 10-strong cyber security unit sprang into action on Friday 23 June.
Just three months after a knife-wielding terrorist launched an attack on the Palace of Westminster in March and a month after the WannaCry ransomware assault on the NHS in May, the heart of British democracy was facing a new threat.
The Parliamentary Digital Service, led by the Royal Opera House's former chief technology officer Rob Greig, fought off at least 48,000 attempts to get into its network during a 24-hour-long cyber battle.
"They were pretending to be a legitimate email client and methodically trying every password, but not frequently enough to lock out any accounts," Greig wrote.
"We had to find what we call 'indicators of compromise' in the data to help identify and combat the hack."
Unfortunately, the hackers had taken advantage of weak passwords and around 90 email accounts belonging to MPs and peers, representing 1% of parliamentary accounts, were breached.
"We are still working hard to identify any compromised data and will provide further updates when we have a clearer picture," a parliamentary spokesperson told IBTimes UK. The Westminster authorities, as is best practice, also informed the Information Commissioner's Office (ICO).
"According to our Data Protection Act guidelines, individual MPs are data controllers in their own right," a spokesperson for the data watchdog said.
"Any MPs who have been affected should consider whether they have suffered a personal data breach and if so, report it to us accordingly."
But there is a still a mystery around who launched the cyber attack on the UK parliament and, probably more importantly, why. The National Cyber Security Centre (NCSC), which was created in 2016 to simplify the British government's response to such attacks and co-operate with the private sector, is still investigating the breach.
The organisation will not discuss operational intelligence while the investigation is ongoing.
However, European government sources have told news agency Reuters that a nation-state, such as Russia, China or North Korea, was not behind the attack. If that information is accurate, that leaves rank amateurs or crime gangs in the frame.
© Copyright IBTimes 2024. All rights reserved.