The UK Parliament has shut down external access to e-mail accounts on Saturday after a cyberattack.
According to the authorities, the attack was “sustained and determined,” hackers launched a prolonged brute-force attack against the Parliament email system in the attempt to access accounts.
“Parliament has suffered its biggest ever cyber attack as hackers launched a “sustained and determined” attempt to break into MPs email accounts.” reported The Telegraph.
“The “brute force” assault lasted for more than 12 hours on Friday as unknown hackers repeatedly targeted “weak” passwords of politicians and aides.”
— Chris Rennard (@LordRennard) June 24, 2017
“Earlier this morning we discovered unusual activity and evidence of an attempted cyberattack on our computer network,” wrote Rob Greig, director of the Parliamentary Digital Service.
“Closer investigation by our team confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts.”
“We have been working closely with the National Cyber Security Centre to identify the method of the attack and have made changes to prevent the attackers gaining access.”
According to a spokeswoman from House of Commons, the officials had taken “the necessary steps to protect our systems, any external access to email accounts was suspended.
“We have discovered unauthorised attempts to access accounts of parliamentary networks users and are investigating this ongoing incident, working closely with the National Cyber Security Centre.”
“Parliament has robust measures in place to protect all of our accounts and systems, and we are taking the necessary steps to protect and secure our network. As a precaution we have temporarily restricted remote access to the network.” added a parliamentary spokesperson.
“As a result, some Members of Parliament and staff cannot access their email accounts outside of Westminster. IT services on the Parliamentary Estate are working normally. We will continue to keep Members of both Houses of Parliament and the public updated as the situation develops”.
“Parliament has disabled remote access to protect the network.”
It is not clear if the cyber attack was linked to the recent discovery of the availability of UK politicians’ login credentials for sale on the dark web.
The National Crime Agency said it was “aware of a possible cyber incident affecting parliament”.
— NationalCrimeAgency (@NCA_UK) June 24, 2017
(Security Affairs – UK Parliament, hacking)