Britain’s parliament has been hit by a cyber attack aiming to crack weak email passwords, officials said on Saturday.
It comes just a month after hackers crippled part of the country’s National Health Service using ransomware.
The House of Commons said it was working with the National Cyber Security Centre to defend Westminster’s network and was confident it had protected all accounts and systems. As a precaution, it restricted remote access to the network, leaving some MPs and parliament staff locked out of their emails over the weekend.
Statement regarding cyber incident. pic.twitter.com/fAbDkAfdbj— Commons Press Office (@HoCPress) June 24, 2017
Sorry no parliamentary email access today – we’re under cyber attack from Kim Jong Un, Putin or a kid in his mom’s basement or something…— Henry Smith MP (@HenrySmithUK) June 24, 2017
Secretary of State for International Trade Liam Fox said the attack was not a surprise and should serve as a warning to Britons.
“We know that there are regular attacks by hackers attempting to get passwords. We’ve seen reports in the last few days of even Cabinet Ministers’ passwords being for sale online,” Fox said.
“We know that our public services are attacked so it’s not at all surprising that there should be an attempt to hack into parliamentary emails and it’s a warning to everybody whether they are in parliament or elsewhere that they need to do everything possible to maintain their own cyber security including having complex and therefore safer code words,” he added.
Cyber security attack on Westminster Parliamentary e.mails may not work remotely Text urgent messages
LibDemLords</a> <a href="https://twitter.com/LabourLordsUK">LabourLordsUK
Torypeers</a></p>— Chris Rennard (LordRennard) June 24, 2017
Chris Rennard, a member of the Liberal Democrat party in the upper House of Lords, was the first to draw attention to the problem using Twitter: “Cyber security attack on Westminster, Parliamentary emails may not work remotely, Text urgent messages.”
Oz Alashe, a former special forces Lieutenant Colonel and chief executive officer of cyber security platform CybSafe, told The Independent that the recent general election and resultant changes in parliamentary staff made it a “prime time” for hackers to try to obtain email passwords as part of a wider attack.
“Email accounts represent a rich source of information for hackers, so compromising these accounts would often be the first step in a sophisticated cyber attack,” Alashe told the newspaper.
The National Crime Agency said it was working with the National Cyber Security centre on the issue.
Part of the GCHQ spy agency, the National Cyber Security centre was set up in October last year to tackle what the government believes is one of the biggest threats to British security.
Britain’s National Health Service was hit by a massive ransomware worm in May which crippled the computer system and forced some hospitals to turn away patients and divert ambulances.
We’re aware of a possible cyber incident affecting parliament & are actively cooperating with
ncsc</a> who're leading the operational response <a href="https://t.co/YOvPwQvn37">pic.twitter.com/YOvPwQvn37</a></p>— NationalCrimeAgency (NCA_UK) June 24, 2017