British lawmakers hit by cyber security attack on their email

The UK’s National Cyber Security Centre said that it is working with the UK Parliamentary digital security team to know what has happened

British Parliament Hit by Cyberattack, Affecting Emails

The incident is now being investigated by the National Crime Agency and the National Cyber Security Centre.

Both House of Parliament will meet today as planned and according to officials, plans are now being put in place to resume its wider IT services.

It said the attack had compromised fewer than one percent of the 9,000 accounts on Parliament's network.

The on-going investigation has so far revealed a brute-force style attack that that attempted to identify "weak passwords that did not conform to guidance issued by the Parliamentary Digital Service". He also adds that email should not be used for any sensitive communications.

Britain's parliament was hit by a "sustained and determined" cyber attack on Saturday created to identify weak email passwords, just over a month after a ransomware worm crippled parts of the country's health service.

An earlier statement described the attack involving hackers carrying out a sustained and determined attack on all parliamentary user accounts in an attempt to identify weak passwords. "These attempts were specifically trying to gain access to users emails".

Jordan Spieth goes full 'Happy Gilmore' in celebrating walk-off win
Spieth said he had never felt that kind of energy reverberating off him as the gathered crowd at the 18th hole lost their minds. Spieth beat hard-charging Daniel Berger , who had birdies on three of the last six holes of regulation, to force a playoff.

To protect member and staff accounts and "secure our network", the statement added, "we have temporarily restricted remote access to the network". All of the affected accounts were using passwords that fell below the security standards set by the Parliamentary Digital Service. "It appears to have been state-sponsored", one source tells the Guardian.

MPs contacted by the Guardian said the immediate suspicion had fallen upon foreign governments such as Russian Federation and North Korea, both of which have been accused of being behind hacking attempts in the United Kingdom before.

An NCSC spokesperson added: "The NCSC is aware of the incident and is working around the clock with the United Kingdom parliamentary digital security team to understand what has happened and advise on the necessary mitigating actions".

"Today, two-factor authentication (2FA), advanced IP filtering and anomalies detection systems are a must-have for critical systems accessible from the Internet", said Kolochenko.

"Strict password policies and regular audits for weak and non-compliant passwords are also vital for corporate security".

Anurag Kahol, CTO at security firm Bitglass, said the apparent failure to implement the correct controls effectively had resulted in a denial of service attack because legitimate users were locked out for most of the weekend. "This holds especially true for cloud-based applications which, by definition, are available from any device, anywhere".

Latest News