momius - stock.adobe.com
The number of malicious spam or phishing emails targeting the inboxes of Westminster MPs has risen by 60% in the space of just a year to an average of 2,790,182 attacks every month, according to data obtained through a Freedom of Information (FoI) Act request from the Parliament Street think tank.
In its disclosure, the government revealed it had seen a total of 22,321,459 malicious email attacks targeting MPs from 1 January 2020 to 31 August 2020. All these emails were successfully blocked, it added.
This surge in cyber attacks comes following Parliament’s 2019 announcement that it had implemented a two-year programme dedicated to building and maintaining “cyber capabilities”, and reducing the risk facing staff and data.
However, it is likely that, as with other sectors such as the NHS, the Covid-19 pandemic and the attention it has drawn to the public sector, has been the cause for this anomalistic surge in cyber attacks.
“Members of Parliament have been under added pressure over the last year, as the coronavirus continues to disrupt services, society and cause havoc for the general public,” said Absolute Software vice-president Andy Harcup.
“As a result, cyber attackers have attempted to infiltrate some of the most confidential data imaginable – governmental data – by overloading MPs with malicious phishing, scam or malware attacks, in an attempt to use a time of national crisis to their advantage.
Tim Sadler, Tessian
“Unfortunately, working from home has made it much harder to combat this growing threat, and governmental departments must seriously consider adopting robust endpoint security which enables full visibility, control and access to an entire network of dispersed endpoints. This would mean a central IT manager could ensure public sector devices are kept as secure as possible, from anywhere in the country,” said Harcup.
Cyber attacks on governments around the world have become an increasingly common occurrence in recent years. Most recently, an attempt on the internal email systems of the Norwegian Storting has led to the introduction of a more robust national cyber security programme in Norway. A 2017 attack on Westminster led to the compromise of 26 parliamentary email users, including constituency officers, personnel and administrators, and one member of the House of Lords, in an incident subsequently described by the Parliamentary Digital Service as a “perfect storm”.
Tessian CEO Tim Sadler said the new findings highlighted the scale of the threat malicious emails pose to all organisations, not just government bodies.
“With millions of malicious emails being sent, the odds that one might work are high, especially if they are carefully crafted to evade detection. It just takes one busy and stressed employee to miss the cues or one very convincing message for cyber criminals to breach an organisation’s security and access highly sensitive information,” he said.
“Hacking humans on email is still the easiest way for cyber criminals to hack into organisations and institutions. Governments, therefore, need to protect their people from falling for phishing attacks, putting solutions in place to automatically detect threats and educating employees on threats like social engineering attacks.
“Failure to do so and the fallout could be disastrous, as cyber criminals get their hands on sensitive data and gain illegal access to officials’ email accounts. Consider the damage that could be caused should a hacker successfully take over an MP’s email account. The threat of phishing isn’t going away any time soon, but organisations can find ways to proactively prevent their people from falling for the scams,” added Sadler.
Read more about business email compromise
- Newly identified Russian threat group Cosmic Lynx is targeting large organisations with increasingly dangerous business email compromise attacks.
- Business email compromise and email account compromise attacks are increasing and evolving. To keep up with threat actors, Proofpoint says a new approach is required.
- Microsoft went to court to seize several malicious domains that were used by cyber criminals in extensive phishing and BEC attacks on Office 365 accounts amid the current pandemic.