The Russian government was responsible for a recent cyber attack on the British Parliament that breached just under 90 MPs’ email accounts, according to a report in?The Guardian.
“It was a brute force attack,” a security source told the newspaper. “It appears to have been state-sponsored.”
“Investigations are ongoing, but it has become clear that significantly fewer than 1 percent of the 9,000 accounts on the parliamentary network have been compromised, as a result of the use of weak passwords that did not conform to guidance issued by the Parliamentary Digital Service,” the Commons Press Office stated on Twitter.
Legacy of the LinkedIn Breach
Last week, The Guardian separately reported that passwords belonging to 1,000 British MPs and parliamentary staff, 7,000 police employees and more than 1,000 Foreign Office staff were being traded online by Russian hackers.
Most of the passwords being traded appear to have been acquired from the 2012 LinkedIn data breach.
International trade secretary Liam Fox told The Guardian that it’s reasonable to suspect the two events may have been connected. “We know that our public services are attacked so it is not at all surprising that there should be an attempt to hack into parliamentary emails,” he said.
Earlier this year, Preempt researchers found that 35 percent of accounts affected by the LinkedIn breach used previously known passwords that could easily be cracked.
“It is important to educate employees, and individuals in general, about password strength and levels of risk following recent breaches,” Preempt director of product management Eran Cohen wrote at the time. “If you use the same user name and/or login for multiple websites, you’re putting yourself at significant risk.”
Targeting Email Accounts
Adam Laub, senior vice president of product marketing at STEALTHbits Technologies, told eSecurity Planet that it shouldn’t be a surprise to see government emails targeted in an attack like this.
“While the body content of an email and the conversations themselves have their own distinct value, email quietly maintains a high ranking position as one of the largest file repositories within any organization,” Laub said. “The amount of files contained within email inboxes is staggering.”
And Glasswall CEO Greg Sim said by email that the attack is yet another example of how cybercriminals are constantly improving their targeting and execution. “Coupled with a slow uptake of innovation by large organizations, especially those in the public sector, hackers are now finding it all too easy to slide through the back door of highly critical networks,” he said.
Implications for Brexit
An unfortunately timely Tripwire survey of 350 information security professionals conducted earlier this month at Infosecurity Europe 2017?found that 69 percent of respondents said they weren’t confident in the U.K. government’s ability to protect itself from cyber attacks in 2017.
Sixty-eight percent of respondents said they thought European Union agencies like Europol and ENISA help keep the U.K. more secure.
“What the results of this survey show is that seasoned cyber security professionals are not confident that the U.K. government is protected from hackers,” Tripwire vice president Tim Erlin said in a statement. “They also value the relationship that the U.K. has with friends and colleagues in the EU-funded agencies.”
“The importance of an EU-wide coordinated effort to combat cyber risk should not be forgotten during withdrawal negotiations, as these efforts are clearly valued by the U.K.’s cyber security community,” Erlin added.