Russian hackers steal and sells the email addresses and passwords which belonged to the British cabinet ministers, ambassadors, and police officers. This was a report released by the Times. Among the credentials found in the emails, includes the passwords and emails of Justine Greening, Education Secretary. Many government related accounts were also in the email addresses. Similarly, emails and passwords of Business Secretary, Greg Clark and the head of Foreign Officer’s IT department were suspected to be in the hacked email addresses.
A total of 1,000 British Members of Parliament, 7,000 police employees and 1,000 Foreign Office officials are feared to have their information and data exposed in the stolen information. This was a hint released by the two lists of credentials and the UK officials who surveyed the dark web of the Russian hacking sites. After hacking, a report was released revealing that the email addresses and passwords were being sold on particular sites of the dark web. It is suspected that the information may have been placed on trade not less than one time.
The list has been exposed online openly for free access. This stolen data is believed to have come from a data breach which is known to have hit LinkedIn in the year 2102. According to breach tracking website, about 164 million accounts were mixed up in the hack associated with LinkedIn.
Passwords linked with LinkedIn accounts were made particularly obsolete. This was as a result of encryption using the SHA-1 algorithm which leads to obsoleting. This made it easy for cracking to be done since password compromising occurred. The best passwords were not selected for the British government and that may also be one of the reasons as to why hacking was possible. The British government officials ought to have changed their passwords since the 2012 breach, but it may be surprising that up to date, some are still using the same passwords. This would increase chances of being victimized again.
Ori Eisen, a cyber security expert and founder and CEO of identity management company Trusona, told the International Business Times that password selection is very essential. Ori said that it does not matter whether you are a minimum age employee or a prime minister. Vulnerability to passwords faces us all, he added. He said that static passwords have no security and should therefore not be used in the protection of online accounts.
The incidence is suspected to be politically motivated, where Russian hackers linked to Russian government tampered with election systems to interfere with voter rolls. There is a leaked document from the U.S. National Security Agency (NSA) which reveals how the U.S. companies which process election systems were hacked by the Russian military. The report revealed that at least a single voting software was altered. The target was directed on 122 local election officials or more during a period with which election was nearing.
Samuel Liles, the Department of Homeland Security’s acting Director of Cyber Division of the department’s Office of Intelligence and Analysis earlier this week informed the Intelligence Committee that they were under the target of Russian government-linked cyber actors.