The Scottish Parliament has been hit by a “brute-force” cyber attack comparable to the one that recently struck Westminster, affecting numerous MPs.
Email accounts were barraged by repeated attacks in attempt to gain access, resulting in a number of MPs being left unable to use them. At this point it is thought that none were in fact breached in the attack.
MPs have been strongly encouraged to change passwords and make them suitably complex to bolster the defences of their accounts. This is familiar advice as people generally do not practice optimum password security.
Jon Geater, CTO, Thales e-Security: “Even as organisations and institutions across the UK continue to work to fortify their digital defences, hackers will stop at nothing to disrupt this and stay one-step ahead in the cyber war. This latest brazen attempt to access sensitive information shows that no holds are barred in this fight: even guessing of information is on the table…and, if it fails, it will still lock out users and cause havoc when they come in for work in the morning.”
The “brute-force” attack method stands in contrast to the more sophisticated attacks that are used today, however it is the basic attacks such as phishing and ransomware that appear to be the most effective.
“With such crippling effects to a government’s bottom line and public reputation, the risk of falling victim to a severe cyber-attack is without doubt depriving today’s business leaders of much needed sleep. A watertight data security and encryption strategy to ensure data privacy is now an indispensable element of an organisation’s wider cyber security strategy,” said Geater.
Business leaders must be aware of the pressing importance of cybersecurity preparations, not only for the sake of maintaining a strong reputation, but also to avoid the devastating fines that could be imposed by GDPR.
The Thales e-Security CTO said: “The continued increase in the number of large-scale cyber-attacks impacting businesses and pubic bodies highlights just how vulnerable we remain to data breaches meaning organisations cannot continue to treat cyber security as a box-ticking exercise and risk falling foul to these harmful attacks.”
This article is from the CBROnline archive: some formatting and images may not be present.