Scottish Parliament Confirms Brute Force Cybersecurity Incident

Bruno Cirelli
Agosto 16, 2017

The Scottish parliament has been hit by a "brute force" cyber attack according to an internal memo, an attack that was nearly identical to the one that hit Westminster's email system in June.

Holyrood officials said they were not aware of any compromised email accounts, but staff and MSPs were warned the attack could mean some people were locked out of their accounts.

The attacks on Westminster MPs' email accounts in June, meanwhile, has been blamed on hackers linked with the Russian government.

He said parliamentary staff are working with the National Cyber Security Centre (NCSC) to contain the attack and security measures put in place so far have seen account lock-outs decrease.

Sir Paul Grice the Clerk/Chief Executive of the Scottish Parliament has issued an update on yesterday's Holyrood cyberattack.

Urging all staff to ensure their security provisions were as secure as possible, he added, "The parliament's monitoring systems have identified that we are now the subject of a brute force cyber attack from external sources".

MSPs and Holyrood staff were warned on Tuesday that as-yet unidentified hackers were running "brute-force" attacks on systems in the devolved assembly, The Guardian reports. They hope trial and error attacks will eventually result in guessing the correct password.

The attack was from an external source and was similar to the one that affected the Westminister in June earlier this year.

He said it is "not uncommon for brute force attacks to be sustained over a period of days", and he urged users to remain vigilant.

He added that the parliament's "robust cyber security measures" were able to identify the attack early, and that additional security safeguards were deployed before accounts were compromised.

"At this point there is no evidence to suggest that the attack has breached our defences and our IT systems continue to be fully operational", the Scottish parliament said in a statement.

Staff were also advised to change their network account passwords, which are now subject to stricter rules.

However, Grice claimed that the parliament's IT systems are still fully operational as the attack was identified at an initial stage.

Altre relazioni OverNewsmagazine

Discuti questo articolo