Hackers attack UK MPs

26 June 2017 - 08:27 By BEN RILEY-SMITH and ROBERT MENDICK
Hacker. File photo
Hacker. File photo
Image: Gallo Images/Thinkstock

The UK parliament has suffered an unprecedented cyber attack after hackers launched a "sustained and determined" attempt to break into MPs' e-mail accounts.

The "brute force" assault lasted more than 12 hours on Friday as unknown hackers repeatedly probed "weak" passwords of politicians and aides.

Parliamentary officials were forced to lock MPs out of their own e-mail accounts to minimise the damage from the incident.

The network affected is used by every MP including Prime Minister Theresa May and her cabinet ministers.

Experts warned that politicians could be exposed to blackmail or face a heightened threat of terrorist attacks if e-mails were accessed.

MPs also apologised to their constituents and expressed concerns sensitive information shared with them may have leaked.

Fears were raised by cyber specialists that "state actors" such as Russia, China or North Korea could be behind the attack - although government sources said it was too early for conclusions.

It comes just weeks after more than 40 health websites were affected by a cyber attack that locked nurses and doctors out of their computers.

Liam Fox, the International Trade secretary, said the attack was a "warning to everyone we need more security and better passwords".

He said: "You would not leave your door open at night."

The attack was launched on Friday morning and targeted the 9000 people who have e-mail accounts on the parliament's internal network.

All 650 MPs have parliamentary e-mail accounts as well as political aides, constituency staff and officials who work in the building.

A "restricted access" e-mail sent at 10.29pm on Friday and seen by The Sunday Telegraph reveals the scale of the attack.

Rob Greig, director of the Parliamentary Digital Service, wrote: "Earlier this morning we discovered unusual activity and evidence of an attempted cyber-attack on our computer network.

"Closer investigation by our team confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts in an attempt to identify weak passwords. These attempts specifically were trying to gain access to users' e-mails."

Investigators immediately shut down remote access leaving some MPs unable to access their inboxes yesterday, with many taking to social media to issue apologies.

Sean Sullivan, adviser to F-secure, a cyber security company, said: "This is at an early stage but possible perpetrators of this attack include state actors including Russia, China and North Korea. They would all be in the frame."

A parliamentary spokesman said: "We have discovered unauthorised attempts to access e-mail accounts and are investigating this ongoing incident, working closely with the National Cyber Security Centre."

- The Sunday Telegraph