NetworksSecurityWorkspace

Scammers ‘Telephoning MPs To Obtain Passwords’

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Follow on: Google +

Following the attack on Parliament’s network two weeks ago MPs were targeted by scam callers in an effort to obtain passwords

Scammers have telephoned MPs in an effort to obtain their passwords to the parliamentary network, Parliament’s digital service has confirmed.

The scam calls follow a sustained attack two weeks ago that forced administrators to lock users out of their accounts on the network, which is used by all MPs, including the prime minister, to interact with constituents.

Scam calls

It has now emerged that in the week week following the network attack scammers telephoned MPs and tried to obtain their passwords.

In an alert sent to the network’s users last Thursday, Parliament’s digital service warned that the callers identified themselves as being official staff helping remediate the earlier attack, according to a report by The Telegraph.

government parliament big ben public sector failure disaster storm clouds © CristinaMuraca Shutterstock“This afternoon we’ve heard reports of parliamentary users being telephoned and asked for their parliamentary username and password,” the alert reads. “The caller is informing users that they have been employed by the digital service to help with the cyber attack. These calls are not from the digital service. We will never ask you for your password.”

Parliament confirmed the incident in a separate statement.

“On Thursday afternoon a small number of parliamentary users were telephoned and asked for their parliamentary username and password by a caller claiming to be employed by ‘Windows’ on behalf of the Parliamentary Digital Service to help with the cyber attack,” Parliament stated. “No usernames or passwords were disclosed in these calls.”

Network attack

The network attack involved bombarding the network with login attempts in an effort to crack weak passwords. It was first detected on Friday, 23 June and continued over the weekend.

In response Parliament’s network administrators were forced to temporarily bar all remote access from outside the Palace of Westminster for the 9,000 accounts on the network.

An alert set to users by Parliament’s digital service described the incident as a “sustained and determined attack on all parliamentary user accounts in an attempt to identify weak passwords” and “gain access to our emails”.

On the following Monday Parliament issued a statement confirming that a number of accounts had been successfully compromised “as a result of the use of weak passwords”.

It specified that the something fewer than 90 accounts had been compromised, saying “fewer than 1 percent” of the 9,000 accounts were successfully cracked.

Parliament hasn’t yet disclosed whether any data was lost in the incident, saying its investigation is ongoing.

g-cloud government westminster big ben © Shutterstock QQ7
“As they are identified, the individuals whose accounts have been compromised have been contacted and investigations to determine whether any data has been lost are under way,” Parliament stated.

LinkedIn breach

Late last month it was reported that security credentials belonging to tens of thousands of government officials, including 1,000 MPs and parliamentary staff, 7,000 police employees and more than 1,000 Foreign Office staff were sold or swapped on Russian-language hacking sites following a large-scale data breach at professional social network LinkedIn in 2012.

The breach led to hacks on the accounts of a number of high-profile figures, including Facebook founder Mark Zuckerberg, who had used their LinkedIn passwords on other accounts.

A government spokesperson described the incident as “historic” and noted that LinkedIn had advised users to change their passwords in 2012 and again last year, when it emerged that the data was being sold by criminals.

Do you know all about security in 2017? Try our quiz!