The UK parliament’s network was the subject of a “sustained and determined cyber attack” over the weekend, the House of Commons press office has confirmed.
The attackers sought access to the email accounts of MPs and their staff.
A statement issued by the press office said that “significantly fewer than 1 per cent” of the 9000 accounts on the parliamentary network were compromised.
Weak passwords that did not conform to guidelines produced by the Parliamentary Digital Service were blamed for those accounts that were breached.
“As they are identified, the individuals whose accounts have been compromised have been contacted and investigations to determine whether any data has been lost are underway.”
“The NCSC is aware of an incident and is working around the clock with the UK Parliamentary digital security team to understand what has happened and advise on the necessary mitigating actions,” a spokesperson for the National Cyber Security Centre said.
Earlier this year in the wake of allegations that Russia sponsored the hacking of the Democratic National Committee in an attempt to influence the US election, the Australian government said it would brief political parties on strengthening their information security.
Prime Minister Malcolm Turnbull and the minister assisting the prime minister for cyber security, Dan Tehan said in January they would offer a briefing from the Australian Signals Directorate (ASD) to party leaders.
The government in the 2017-18 federal budget earmarked $10.7 million over four years to create a Cyber Security Advisory Office (CSAO) within the Digital Transformation Agency. At a state level, South Australia, New South Wales and Tasmania have created new whole-of-government chief information security officer (CISO) positions.
- Audit gives myGov a tick, despite budget blowout
- Govt issues warning about new wave of Petya ransomware
- TechnologyOne accuses Brisbane council of trying to wriggle out of contract
- Encryption cracking campaign receives lacklustre support from Five Eyes
- Encryption: UK Defence Sec says tech companies ‘have to do more’, gives no detail