With more and more people connected to the Internet now, the possibilities of major cyber attacks skyrocket. It has been reported that on June 23rd, the UK Parliament has experienced an unprecedented cyber attack that targeted email accounts of hundreds of MPs, aides, and so on. The security services sure had some things to do during the Midsummer celebrations, as they had to shut down the system access to anyone in order to contain the attack. While it does not look like a lot of damage has been made, the occurrence itself proves that major public establishments are now more than ever vulnerable to major cyber attacks.
The How
Security services in cooperation with the National Cyber Security Centre have determined that a well-coordinated attack aimed to retrieve passwords from official email accounts. With more than 9000 email accounts on the network (with the PM Theresa May using the same network as well), less than 90 accounts are said to be compromised. It means that less than 1% of the data could have been acquired by the hackers. Officials attribute minimal damage to the fact that the infection was apprehended and isolated very early on.
Also, the hackers did not have specific passwords for each account, and the attack was carried out using brute force. In cyber world lingo, a brute force attack refers to a method when a program tries out all the possible symbol combinations that can be used for a password until finally the right combination is discovered. This kind of attack might take a lot of time (especially if the accounts are protected by strong passwords), and it also requires a lot of resources. That is also the reason why security specialists believe that the attack could not have been organized by a standalone hacker group. To their minds, it must have been state-funded.
The Who
Although it is still too early to say who could have been responsible for the hack, various news outlets suggest that the Russian government could be the one behind this. Other potential suspects could be North Korea, China, and Iran, but for the most part, the security officials lean towards the version that says Russia is the culprit. The reason Russia is labeled as the most likely culprit is the fact it has been involved in similar hacking incidents before. Whether its role has been proven or not, the Russian government has been directly and indirectly accused of meddling with the presidential election in the United States, France, as well as engineering other cyber attacks in the UK.
The attack comes right after the reports that Russian hackers have put up for sale passwords from UK official’s accounts. It is not clear whether both incidents are related, but both of them prove that having strong passwords is important to protect one’s accounts from potential attack. Hackers could steal the mentioned passwords because people tend to use the same passwords across many accounts. So if a password was stolen from some insecure social media account, and the same password is used on an official business account, it would be no surprise if the criminals gained access to that account.
What’s Next?
To prevent official data from being stolen, the UK Parliament security services have blocked the remote access to the official email accounts. It means that anyone outside of Westminster cannot access their accounts even if they have the right passwords.
Despite this disturbing incident, both Parliament Houses are meeting as planned, although some MPs have informed people through their social media that they might not answer their messages for the time being, and that if anyone wants or needs to contact them immediately, they should send a text message.
Depending on the information targeted by the hackers, the reason behind this attack could vary. Some security specialists say that if the hackers stole some important data, it could be obviously used for blackmail later on. Also, it could be a trial run before a much wider attack.
Keeping in mind that the notorious WannaCry Ransomware, that infected thousands of computers worldwide, has just been making rounds less than a month ago, it looks like cyber attacks coordinated at a state level will become a daily occurrence. After all, security specialists have concluded that WannaCry infection was released by North Korea.
At the same time, security officials say that the cyber threat has not become bigger. The main reason we see so many attacks nowadays is the fact we have more people connected to the network. And with many users online, we are bound to have someone who is more prone to getting infected. Therefore, to protect yourself, your network, and your data, it is important that you take note of all the precautions listed by your cyber security specialist.
Resources:
- Lizzie Dearden. Parliament hit by cyber attack as hackers attempt to access MPs’ email accounts. Independent
- Ewen MacAskill and Rajeev Syal. Cyber-attack on UK parliament: Russia is suspected culprit. The Guardian.
- Associated Press. UK Parliament investigates cyber attack on user accounts. WDNT
- Parliament cyber-attack ‘hit up to 90 users.’ BBC