Iran Blamed for June Parliament Cyber-Attack
Iran was responsible for a major cyber-attack on the UK parliament over the summer which tried to crack account holders’ passwords, according to British intelligence.
The unpublished report, seen by outlets including the Guardian, laid blame at the feet of state-sponsored snoopers, although it’s still unclear what they were after.
Every member of parliament has an account to conduct official business with their constituents, including Prime Minister Theresa May and cabinet ministers.
In the end only 1% of the 9000 accounts were compromised, according to an official notice at the time which suggested these users had failed to follow best practice guidance issued by the Parliamentary Digital Service.
Several commentators questioned at the time why this guidance was merely optional and strong passwords – or the more secure two-factor authentication – weren’t enforced. Either tactic would have made it harder to 'brute force' the accounts.
Interestingly, those responsible are said to have launched follow-on vishing attacks soon after, trying to trick users into divulging their log-ins over the phone.
An email sent to parliamentary account holders at the time had the following:
"This afternoon we've heard reports of parliamentary users being telephoned and asked for their parliamentary username and password.
"The caller is informing users that they have been employed by the digital service to help with the cyber-attack. These calls are not from the digital service. We will never ask you for your password."
The link to Tehran comes at a particularly testing time geopolitically, with US President Donald Trump said to be preparing moves to tear-up a landmark nuclear deal with the Islamic republic.
European nations, including the UK, are looking to maintain the status quo and keep the JCPOA.
It must be clarified that there’s still no official comment on attribution of the June parliament attacks.
Source: Information Security Magazine