BRAZEN HACKERS are calling MPs in a bid to trick them into handing over their parliamentary username and password.
The Telegraph has the scoop and reports that hackers are still attempting to obtain access to the UK’s parliamentary network, following a “sustained and determined cyber attack” last week that forced security services to shut down access to the network for anyone not in Westminster
An email seen by the newspaper confirms that hackers haven’t given up yet, and have taken to calling MPs in an effort to get them to hand over their login details.
“This afternoon we’ve heard reports of parliamentary users being telephoned and asked for their parliamentary username and password,” the message sent to MPs reads.
The caller is informing users that they have been employed by the digital service to help with the cyber attack. These calls are not from the digital service. We will never ask you for your password.”
Parliament also confirmed the incident in a separate statement, saying that “a small number of parliamentary users were telephoned and asked for their parliamentary username and password by a caller claiming to be employed by ‘Windows’ on behalf of the Parliamentary Digital Service to help with the cyber attack.”
This comes just days after four Brits were arrested for scam calling following a two-year investigation by Microsoft and the City of London Police into computer service software fraud.
Parliament noted in its statement that “no usernames or passwords were disclosed in these calls.”
Last week’s 12-hour-long “brute force” attack, which has been described by security sources as the biggest attack on Parliament to date, is reported to have affected “fewer than 1 per cent of the 9,000 users of the IT system”.
The incident was later blamed on human error, with a parliamentary spokesperson saying that the attack was the result of “weak passwords” that did not conform to guidance from the Parliamentary Digital Service.
The Guardian was quick to point the finger of blame in the direction of Russia, with a security source telling the newspaper that this latest attack “was a brute force attack” and ‘appears to have been state-sponsored.”