According to many reports from British newspapers, for the first time the UK Parliament’s internal computer network AKA the Parliamentary Digital Service (PDS) was infected by ransomware.
The hack is the first report of a successful breach on the secure parliament network, used internally by government employees.
Some quickly blamed the cyber-attack on advanced persistence threats (APTs), but in all honesty it’s IsraTechnologies’ opinion that advanced ransomware is usually not in the arsenal of politically driven hackers. This is also because ransomware type infections will always attract attention while APT groups like to work behind the scenes, stealing user information while trying not to alert the victim of their presence.
The incident occured in May 2015 and hackers unearthed confidential documents relating to MP for Newcastle upon Tyne Central, Chi Onwurah – the shadow digital minister among other areas – and her employees.
According to The Times report, a cryptolocker virus was used by attackers to not only infect Mrs. Onwurah’s computer but spread to a shared drive on the Parliament network where confidential files were locked (encrypted).
Once cryptographically encrypted, naturally, the virus displayed a ransom note to the MP with a telephone number and instructs to pay a ransom to unlock the sensitive files.
The MP for Newcastle upon Tyne Central admitted the virus spread fast – but claims it was stopped before it managed to compromise any files containing sensitive data about constituents.
This comes amid broad fears that criminal hackers are winning the cyberarms race against companies and public bodies, like Talk Talk – successfully hacked recently with devastating consequences.
Parliament system administrators cut off Mrs. Onwurah’s network access to attempt to contain the infection, and later wiped and replaced any affected hard drives.
The Parliament’s computer network is utilized by around 8,500 users, with titles ranging from MPs to lords, ministers, and their staff.