The UK parliament is blaming Iran for the “brute force” cyber attack they suffered in June this year.
An unpublished assessment by the British Intelligence confirmed that Iran is responsible for the brute force cyberattack which infiltrated the UK parliament network in June earlier this year.
The 12-hour-long attack took place on 23 June and targeted the email addresses of UK parliament members. During the “sustained and determined” attack dozens of parliamentary email accounts were compromised including high-profile accounts belonging to Prime Minister Theresa May, and several other senior ministers.
An investigation confirmed that a total of 90 email accounts were targeted, which comprises less than 0.5% of parliament’s current total of 9 000 email addresses. According to officials, hackers pursued accounts with weak passwords that were not in compliance with Parliamentary guidelines regarding cybersecurity.
Fingers were first pointed towards Russia, who has previously admitted to experimenting with cyberwarfare. However, investigators concluded that the evidence pointed towards Iran. The findings were revealed in a report published by the times. The attack marks the first significant cyber attack Tehran has launched against the UK.
A security researcher stated in The Guardian shortly after the attack, that the brute force attack showed unmistakable signs of being state-sponsored. The researcher also said that due to the nature of the attack, investigations seeking to find a specific actor may prove futile.
While no clear motive has yet been established for the attack, many theories and conspiracies have circulated since the June attack. The Guardian stated that the attack seemed to be classic espionage to gain access to material which could prove harmful to UK interests. The attack could also have been launched in order to unearth material that could be used against UK officials.
A source stated in The Times that the attack was not necessarily sophisticated, but that this attack was rather just hackers testing their abilities and scope.
Despite the obscure nature of the attack, the responsible hackers did leave a digital footprint or calling card.
Both The National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) have confirmed to currently investigating the attack. However, an NCSC spokesperson stated that they will decline to comment on the case while the investigation is still ongoing.
The attack and its investigation follow in the wake of US President Donald Trump who recently refused certification of the landmark 2015 nuclear deal with Iran. The president has launched some criticism against the so-called “terrible” deal. President Trump continued to accuse Iran of sponsoring terrorism and not holding up their end of the nuclear agreement.
Despite Trump’s criticisms, all other European leaders, including Theresa May, have voiced support of the deal.
German Chancellor Angela Merkel and French president Emmanuel Macron also recently released a joint statement which confirmed that they will uphold the nuclear deal as it is in their respective countries shared national security interest. They also emphasized their commitment to the deal and its full implementation in both Germany and France respectively.
The statement continued to urge the US Administration and Congress to reconsider the security implications of both the US and perhaps the Western world if they choose to undermine the Joint Comprehensive Plan of Action (JCPoA) in any way. They also caution the US on the implication of re-imposing sanctions on Iran.
The foreign policy chief of the European Union, Federica Mogherini stated that the US cannot unilaterally choose to end the agreement. She emphasized that the international community must be cautious of dismantling an effective nuclear agreement. She also stated that no one president has the power to end the agreement, not even the president of the US.