Russia allegedly behind cyberattack on Scottish MPs’ email accounts

The Scottish Parliament was hit by an alleged nation-state cyberattack targeting MPs’ email accounts on Tuesday, closely resembling the brute force attack on computer systems at Westminster in June, The Guardian writes.

In an internal bulletin from Holyrood Chief Executive Sir Paul Grice, MPs and Holyrood staff were warned about the attack and told that hackers were trying to crack their passwords to access their email accounts. Some accounts were locked for safety purposes.

“The parliament’s monitoring systems have identified that we are currently the subject of a brute force cyber-attack from external sources,” wrote Grice.

“This attack appears to be targeting parliamentary IT accounts in a similar way to that which affected the Westminster parliament in June. Symptoms of the attack include account lockouts or failed log-ins.”

“The parliament’s robust cybersecurity measures identified this attack at an early stage and the additional security measures which we have in readiness for such situations have already been invoked. Our IT systems remain fully operational.”

An internal investigation by IT staff found many email accounts used weak, easy-to-break passwords through accessible software. Employees were urged to immediately update their passwords and use strong combinations of letters and numbers.

Like the attack on Westminster, when 90 accounts were compromised, the attack on the Scottish Parliament is said to have been launched by either Russia or North Korea. However, sources say the Russian government is more likely to have been involved, following its links to political cyberattacks in France and the US.

Lessons to learn after hackers hijack HBO’s Facebook and Twitter accounts

It’s never a dull day if you’re working in HBO’s IT security team.One day you’re dealing with the unauthorised leaking of upcoming episodes of “Game of Thrones”, next you’re facing multi-million dollar extortion demands from hackers who’ve broken into your network and stolen 1.5 terabytes data and the personal contact details of your celebrity cast, then you’re finding that yet more unaired episodes of your hit TV shows have made it out in the wild due to staff error.And now? Well, now HBO’s social media accounts have been hacked.As Variety reports, the notorious OurMine gang seized control of a number of HBO social media accounts, including the main Twitter account for their most famous TV show.

Talk about kicking a company when it’s down…Clearly HBO didn’t have the right protection in place to secure its social media accounts, and made it too easy for the OurMine gang to gain access. Although some may think the spate of recent security incidents involving HBO can’t be a coincidence, I don’t believe that the OurMine gang is involved in the other breaches the company has suffered.OurMine’s past hijacks of social media accounts have typically exploited organisations’ carelessly reusing passwords or falling for phishing attacks.In light of the other problems that HBO has suffered in recent weeks it would be great to think that they had raised awareness amongst their staff of risks, and ensured that vulnerable properties (such as corporate Twitter and Facebook accounts) were locked down with two-step verification and (just in case) had had their passwords changed to new, strong, unique alternatives.Whatever the precise nature of how the hackers managed to get their hands on HBO’s passwords – it seems unlikely that the company had enabled Facebook and Twitter’s additional authentication facilities.Twitter calls its additional security measure “Login verifications”, and I strongly recommend that all users of the site enable the feature as it means that even if your password is compromised, that won’t be enough to allow hackers to hijack your account.A similar feature is available to Facebook users to help defend their accounts against hackers.At least OurMine can consider itself in good company. As we’ve previously reported, past victims of social media hacking include Netflix and Facebook founder Mark Zuckerberg, who had some of his accounts compromised due to the combination of poor security practices and some disastrous password choices.Don’t rest on your laurels. Take action today to secure your company’s presence online and keep hackers out of your accounts.And if you ever do suffer a serious security breach, take time to think what else might be at risk and use the opportunity to raise awareness inside your organisation of the continuing risk of other assets being hacked, and take measures to prevent a bad situation from potentially getting worse.Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.Photo credit: “Balaclava” by Vlad is licensed under CC BY 2.0