In late June, a cyber attack was orchestrated on 90 email accounts within the United Kingdom Parliament.
To initiate the breach, the perpetrator used a particular hacking tactic known as “brute force,” which is characterized by a trial-and-error of testing passwords and codes until the attacker gains entry into the desired platform.
As of late, the brute force method is among the most popular in password-cracking hacks. And in this case, the parliamentary network accounts that were compromised had relatively weak passwords.
As is often the case when hackers intentionally target high-profile entities, there’s a unique set of questions raised by victims and observers almost immediately after the attack— who are the forces behind the breach, what is the reason for the attack and, last but not least, what impact has it had on the affected parties.
These questions are reasonable, and answers need to be found for tension to minimize.
A report carried out by The Guardian indicates that the hack might have been some sort of blackmail attempt. Since the chances are high that this is true, the hack brings about important concerns that may be of national interest.
As such, The Guardian further reports that officials in the affected departments have locked members out of their accounts so as to avoid any further security breaches as they try to come up with a solution.
In The Independent, a parliamentarian mentioned that the National Cyber Security Centre (NCSC) is taking further measures to ensure that the network is secure and hackers are removed from the platform.
In addition to blocking access to email accounts, some unspecified mobile services were put to a halt until security is restored.
In a bid to get more information about the attack, The Independent reached out to former Special Forces Lieutenant Oz Alashe, who is now the CEO of CybSafe, a cyber security platform.
Alashe stated that there is a possibility that this is just the beginning of a much larger cyber attack.
In cyber breaches that target email systems, hackers are often motivated to extract relevant information that could be used to facilitate an even bigger hack in the future.
In the case of the attack in the U.K., it is fortunate the breach was discovered early enough before it became more serious.
However, such hacks always have suspects. In this case, officials are pointing toward Russian state actors as the chief perpetrators.
But some other countries like North Korea and China are on the suspect list, as well.
These countries have a history of carrying out attacks against other states; this is precisely the reason why their involvement cannot be ruled out.
But what is for sure in the eyes of many is that this is a state-sponsored attack.
In documented cases, Russia has been involved in hacking state entities in various countries throughout the globe.
The most notable instance is during the 2016 Unites States Presidential elections, where alleged Russian hackers broke into email accounts belonging to the Democratic National Committee and leaked confidential emails of the party’s nominated candidate, Hillary Clinton.
The hack was so severe that many in the U.S. believe it cost the former Secretary of State the presidential victory.
And it’s obvious that the hack influenced the election results in favor of the current U.S. President Donald Trump.
Investigations are ongoing as new developments emerge almost daily—bringing more questions than answers to the surface.
Another recent indication of Russia’s growing international hacking influence happened in the recent French presidential election.
Russian actors broke into the computer systems of French President Emmanuel Macron before he was elected into office.
Shortly after, Macron’s team was able to feed the attackers false information—evading further, more serious damage.
If the Macron team had not carried out measures to supply their enemies with false information, then the attack would have wielded catastrophic results.
The rising number of email-targeted hacks beg answers for how users can secure their accounts from such damage. It is always advised that one should never use the same password for multiple platforms.
For instance, if an individual uses the same password for their social media accounts and their backup email account, then a hacker can seamlessly break into both platforms and lock the user out of each account simultaneously.
Also, different platforms advocate for passwords of varying strength. In the event you’ve entered a code that the platform considers poor, then it will ask you to create a new password.
This pattern will follow until you’ve entered a password deemed secure by the platform.
As a side note, it is always recommended that a password should not be a word easily found in the English dictionary.
It should consist of at least one uppercase letter, one or more numbers, as well as special characters such as “*” or “!”
Another measure to safeguard your account is setting up Two-Factor Authentication (2FA).
The 2FA makes it impossible for a hacker to gain entry into an account, since they will be required to provide a code sent to multiple platforms or devices.
With the parliamentary accounts that were implicated in the recent U.K. hack, users did not adhere to specific guidelines that are put in place to secure their accounts.
A notable point of evidence for this is that not all accounts were affected, but those with weak passwords were hacked.
Latest posts by C.M. (see all)
- Android Applications Sending Data to Chinese Servers - October 11, 2017
- More than 700 Million Emails Exposed in a Spambot Vulnerability - October 1, 2017
- Speculations on Valhalla - September 26, 2017