Brute Force Cyber Attack Targets Scottish Parliament

Media Division | August 15, 2017

Cyber attacks upon vital infrastructure and government can be some of the most devastating. With these implements being literally what allows a country to run properly, it can be a complete disaster for them to be struck by a well-aimed attack. And unfortunately, these types of attacks continue to occur far too frequently. Many of them are prevented through adequate security, but others are able to wreak havoc through disruption or theft of valuable data. A good example of the latter was the 2016 election hacking, where Democratic emails were being released online in an effort to smear the candidate. In yet another governmental related incident, Scottish Parliament was targeted in a “brute force” cyber attack on email accounts.

What is a Brute Force Attack?

First off, it is valuable to understand what a brute force cyber attack is. This labeling is generally attributed to a type of attack where the perpetrator will rapidly and heavily attempt to access systems by trying many different passwords, with the end goal hopefully being to find the right one.

Now, as far as the attack upon Scottish Parliament, it does not appear that the perpetrator was able to succeed in the above. Reports seem to indicate that no email accounts were successfully cracked during the assault, though MSPs and Holyrood staff were warned that the attempts could result in account lockouts. Sir Paul Grice, the chief executive of Holyrood had said that their monitoring systems had identified that they were under an attack from external sources. Fortunately, being that the attack was quickly detected, the parliament’s current security measures and readied additional security measures were able to defend from the attack, and all of their IT systems remained in full operation. In addition, an email from Grice had urged staff and MSPs to review the security of their passwords and stated that they would be forcing a password change for additional security. It is fortunate that Parliament had implemented adequate security to prevent this attack from achieving any illicit gains, as this is frequently not the case in a multitude of attacks around the globe.

This attack seems to have been quite similar to an attack upon Westminster in June. Unfortunately, the Westminster attack had resulted in much further consequences. In this attack, up to 90 email accounts with weak passwords were able to be accessed. Reports had not seemed to indicate what data within these email accounts had been affected, but it was enough for experts to warn of politicians being exposed to increased threat of terrorist attack or blackmail as a result. A wide variety of data used within political proceedings could be used for criminal purposes by those with malicious intent.

Implementation of Proper Cyber Security

With how many threats and attackers are now lurking among the cyber realm, it is extremely vital that organizations place focus upon their cyber security. Many organizations still have lacking security in a number of areas, and it has been like this for years. There is far too much at stake with the large amounts of data and funds that we store through digital means for security to lack in any way. Of course, it can sometimes be expensive to implement or revamp security, but it is an investment to the protection and longevity of an organization. Any minimal security hole or vulnerability can lead to great losses, damages, and perhaps even organizational failure. There are many different cyber security tools and services that can allow for proper protection of data and digital assets. Massive Alliance can help any organization to fortify their defense in the digital realm.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.