MPs Bombarded by Nearly Three Million Monthly Email Attacks

UK Members of Parliament (MPs) have been targeted by a 60% year-on-year increase in cyber-attacks so far in 2020, according to new data from Parliament Street.

The think tank collected Freedom of Information (FOI) responses to reveal that over 22.3 million cyber-attacks were blocked by parliament from January 1 to August 31 2020.

That averages out at just under 2.8 million attacks per month, almost a million more than the 1.7 million monthly average detected last year, it said.

Parliament Street claimed that the increase could be explained by the pandemic, and attempts to hijack inboxes whilst MPs are working remotely and may be distracted.

Phishing attacks are still the easiest way to compromise an organization, argued Tessian CEO, Tim Sadler.

“Governments, therefore, need to protect their people from falling for phishing attacks, putting solutions in place to automatically detect threats and educating employees on threats like social engineering attacks,” he added.

“Failure to do so and the fallout could be disastrous, as cyber-criminals get their hands on sensitive data and gain illegal access to officials’ email accounts. Consider the damage that could be caused should a hacker successfully take over an MP’s email account.”

Yet despite the risks, parliament has proved pretty resilient to email attacks over recent years. There has been nothing to rival a 2017 incident where suspected Iranian state hackers brute forced a small number of accounts, and followed-up with a vishing campaign.  

Earlier this year, a parliamentary news alert sent to members of the House of Lords warned that the institution was under attack “every minute of every day.”

Over the summer, the role of director of security for parliament was advertised.

To put the FOI stats in perspective, Trend Micro blocked 27.8 billion cyber-threats in the first half of 2020, nearly 93% of which were email-borne.

What’s Hot on Infosecurity Magazine?