Iran to blame for cyber-attack on MPs' emails – British intelligence
The cyber-attack on parliament on June 23 hit the accounts of dozens of MPs, including Theresa May, the prime minister. and senior ministers. The network affected is used by every MP for interactions with constituents.
A security source told the Guardian at the time: “It was a brute-force attack. It appears to have been state-sponsored. The nature of cyber-attacks means it is notoriously difficult to attribute an incident to a specific actor.”
MPs contacted by the Guardian said the immediate suspicion had fallen upon foreign governments such as Russia and North Korea, both of which have been accused of orchestrating previous hacking attempts in the UK. The attackers sought to gain access to accounts protected by weak passwords. The parliamentary digital services team said they had made changes to accounts to block out the hackers. A spokesman said those whose emails were compromised had used weak passwords, despite advice to the contrary.
Conservative MP Andrew Bridgen said at the time that such an attack “absolutely” could leave some people open to blackmail. “Constituents want to know the information they send to us is completely secure,” he said.
Liam Fox, the international trade secretary, connected the news to reports that cabinet ministers’ passwords were for sale online. “We know that our public services are attacked, so it is not at all surprising that there should be an attempt to hack into parliamentary emails,” he said. “And it’s a warning to everybody, whether they are in parliament or elsewhere, that they need to do everything possible to maintain their own cybersecurity.”