Who hacked the UK parliament? Russian hackers suspected to be behind attempted theft of MPs’ records
The British parliament’s networks suffered a breach that began on Friday (23 June) and lasted for 12 hours. Authorities investigating the cyberattack suspect the hand of Kremlin-linked hackers. Russian hackers are suspected to have attempted to breach and steal sensitive data from MPs’ email accounts, specifically targeting those with weak passwords.
The hackers breached less than 1% of parliament’s 9,000 email addresses. Fewer than 90 email accounts of MPs were hacked, according to a parliamentary spokesperson. The Guardian cited an unspecified security source as saying that the breach was a “brute force attack” and that it “appears to have been state-sponsored”.
Although investigation is still in the early stages, Moscow is one of the primary suspects. MPs said that apart from Russia, suspicion has also fallen upon North Korea. Both nations are known to have launched cyberespionage campaigns against Britain in the past.
A parliamentary spokesperson told the Guardian that the people whose emails were breached by hackers had weak passwords.
“Investigations are ongoing, but it has become clear that significantly fewer than 1% of the 9,000 accounts on the parliamentary network have been compromised as a result of the use of weak passwords that did not conform to guidance issued by the Parliamentary Digital Service,” the spokesperson said. “As they are identified, the individuals whose accounts have been compromised have been contacted and investigations to determine whether any data has been lost are under way.”
The hackers hit the network used by both houses of parliament. The affected network is used by every MP, including Prime Minister Theresa May and members of her cabinet. The hackers attempted to gain access to MPs’ accounts, which sparked fears among some of affected individuals that they could potentially be blackmailed by the hackers.
The cyberattack on parliament came on the heels of news breaking out about MPs’ records being traded on Russian-speaking hacking forums on the dark web.
The incident is being investigated by the NCSC (National Cyber Security Centre), which said in a statement that it was “working around the clock with the UK parliamentary digital security team to understand what has happened and advise on the necessary mitigating actions.”