View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

UK parliament hit by cyber attack targeting MPs email accounts

The UK's Parliament was hit by a cyber attack over the weekend which targeted 90 email accounts of MPs and users of the same network.

By Hannah Williams

The UK parliament was hit with its biggest cyber attack on Friday, by hackers who attempted to gain access to the email accounts of MPs.

The attack hit almost 90 email accounts, which were all compromised during the attack.

According to a parliamentary spokesperson, the attack lasted 12 hours, leaving MPs unable to access their emails.

In an interview with Press Association, Tory MP Andrew Bridgen said that an attack like that which hit UK parliament could “absolutely” leave some people open to blackmail and “constituents want to know the information they send to us is completely secure.”

It is believed that the affected network is used by all members of the parliament, including the Prime Minister Theresa May and all cabinet ministers.

In a statement released by parliament after the attack, a spokesperson said: “Parliament has robust measures in place to protect all of our accounts and systems, and we are taking the necessary steps to protect and secure our network.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

“As a precaution we have temporarily restricted remote access to the network.”

The action taken to restrict all remote access to the network seemed to be the only option as the attack, which was described as a “brute force” attack, could have resulted in blackmail.

Anurag Kahol, CTO at Bitglass, said: “Since the UK Parliament disabled email access for even legitimate users, these attackers have effectively achieved a denial of service attack.

“Strong authentication policies, including multifactor authentication, combined with user behaviour analytics not only within applications, but across applications, could have prevented the need to block users from being able to access work applications.

“This holds especially true for cloud based applications which, by definition, are available from any device, anywhere.”

The attack, which targeted over 9,000 people with email accounts connected to the parliament’s network, comes just weeks after 48 UK NHS trusts were victims of a cyber-attack.

Read more:NHS held to ransom as massive cyber attack hits hospitals nationwide

Andrew Clarke, UK Director at One Identity, said: “It appears that the parliament IT team have done a good job in closing down access to their email systems – this would serve to protect them until the nature of the intrusion is understood.

“This may be inconvenient for MP’s wishing to access emails over the weekend, but we should acknowledge the pro-active response taken here is actually protecting their environment.”

Both House of Parliament will meet today as planned and according to officials, plans are currently being put in place to resume its wider IT services.

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU