The 23 June 12-hour brute force hack-attack against 9,000 parliamentary email accounts, including minsters and the PM, is now being blamed on Iran.
If correct, this unpublished assessment by British intelligence reported in the Times and claimed to be independently verified by The Guardian, would be Iran’s first significant act of cyber-warfare against the UK – disclosed at a time when the UK is opposing Trump moves to rescind an agreement to drop sanctions against Iran if it ceased nuclear arms development.
The initial speculation that Russia or North Korea was behind the attempt to gain access to accounts protected by weak passwords. It was reported that the attack succeeded in the case of dozens of MPs who had not followed official password guidance, with reports that cabinet ministers’ passwords were for sale online.
According to The Guardian, the assessment says the evidence amassed is pinpointing Iran, however the NCSC has declined to confirm the secret assessment on the basis that investigation is ongoing.
This article originally appeared on SC Media UK