London, 14 Oct – A cyber-attack on the email accounts of dozens of MPs occurred in June, and according to an unpublished assessment by British intelligence, Iran is to blame.
Disclosure of the report comes at an awkward juncture, as Donald Trump made it clear on Friday that he wants to abandon the Iran nuclear deal. However, European leaders, including Theresa May, want to retain it.
Initial suspicion for the attack fell on Russia, but according to the intelligence assessment, the evidence amassed is pointing to Iran.
A spokesperson for the government body responsible for helping to counter attacks, the National Cyber Security Centre, said, “It would be inappropriate to comment further while inquiries are ongoing.”
The June 23rd cyber-attack on parliament hit the accounts of dozens of MPs and senior ministers, including Prime Minister Theresa May. The network affected is used by every MP for interactions with constituents.
According to what a security source told the Guardian at the time, “It was a brute-force attack. It appears to have been state-sponsored. The nature of cyber-attacks means it is notoriously difficult to attribute an incident to a specific actor.”
The immediate suspicion had fallen upon foreign governments such as Russia and North Korea, both of which have been accused of orchestrating previous hacking attempts in the UK, according to several MPs. The cyber attackers sought to gain access to accounts protected by weak passwords. The parliamentary digital services team say they have now made changes to accounts to block out the hackers. A spokesman for the team said those whose emails were compromised had used weak passwords, despite advice to the contrary. The spokesman added, “Ultimately, it was an all too familiar story of those at most risk being users with weak passwords.”
Conservative MP Andrew Bridgen said that such an attack “absolutely” could leave many people open to blackmail. “Constituents want to know the information they send to us is completely secure,” he said.
Liam Fox, the international trade secretary, connected the news to reports that cabinet ministers’ passwords were for sale online. As reported by The Times, the ministers security information was among stolen credentials of tens of thousands of government officials that were sold or bartered on hacking sites.
Fox said, “We know that our public services are attacked, so it is not at all surprising that there should be an attempt to hack into parliamentary emails, and it’s a warning to everybody, whether they are in parliament or elsewhere, that they need to do everything possible to maintain their own cybersecurity.”