Movatterモバイル変換

[0]ホーム

Jump to content

2017 Westminster data breach

Русский

Edit links

From Wikipedia, the free encyclopedia

Cyberattack targeting UK politicians

The2017 Westminster data breach occurred on 23 June 2017, when an unauthorised attempt was made to gain access toemail accounts belonging to a number of politicians at the United Kingdom'sHouses of Parliament.^[1]Whitehall officials have claimed thatIran was behind the attack.^[2]

The incident was followed by an attempt to hack accounts belonging to politicians at theScottish Parliament in August 2017.

Events

[edit]

Parliamentarians were told about thecyberattack on the evening of 23 June, and it was made public knowledge the following day byChris Rennard, aLiberal Democrat member of theHouse of Lords who posted a request onsocial media asking people needing to contact him urgently to do so viatext message.Remote access to politicians email accounts was disabled.

However, a spokesperson for theHouse of Commons said that this was a precautionary measure to protect security rather than a consequence of the cyberattack itself. The matter is being investigated by theNational Cyber Security Centre with assistance from theNational Crime Agency.^[3]

Westminster authorities described the attack as "sustained and determined", and follows media reports that the email passwords of government ministers had been obtained by hackers and were being sold online.^[4]

On 25 June, a Westminster spokesperson confirmed the cyberattack had been an attempt to hack email accounts with weak passwords, but that an investigation had found less than 1% of the 9,000 email addresses associated with parliament had been compromised—a figure representing around 90 email accounts. However, it was still being treated as a serious security breach: "The figure is less than many feared, but is still a breach."^[5] MPs subsequently said that agencies with links to either Russia or North Korea were suspected of being behind the attack.^[6]

Holyrood cyberattack

[edit]

On 15 August, officials atHolyrood, home of theScottish Parliament warned that accounts belonging toMembers of the Scottish Parliament (MSPs) were currently the subject of aBrute-force attack which was attempting to crack weak passwords, but that no accounts had been compromised. However, MSPs were warned they may find themselves temporarily locked out of their accounts for security reasons. News outlets, such asThe Guardian reported the attack was similar in nature to the one that had occurred at Westminster.^[6] The following day officials said that Holyrood was working with the UK'sNational Cyber Security Centre to increase security measures.^[7]

References

[edit]

^"Cyber-attack on parliament leaves MPs unable to access emails".The Guardian. 24 June 2017.Archived from the original on 24 June 2017. Retrieved24 June 2017.
^"Iran blamed for Parliament cyber-attack".BBC News. BBC. 14 October 2017. Retrieved20 December 2020.
^"Parliament hit by cyber-attack".BBC News. BBC. 24 June 2017.Archived from the original on 24 June 2017. Retrieved24 June 2017.
^Riley-Smith, Ben (24 June 2017)."Parliament hit by 'sustained and determined' cyber attack leaving MPs unable to access their emails remotely".The Telegraph. Telegraph Media Group.Archived from the original on 24 June 2017. Retrieved24 June 2017.
^Syal, Rajeev (25 June 2017)."Parliament cyber-attack hits fewer than 90 email accounts".The Guardian.Archived from the original on 30 June 2017. Retrieved1 July 2017.
^^a ^bCarrell, Severin (15 August 2017)."Scottish parliament hit by cyber-attack similar to Westminster assault".The Guardian.Archived from the original on 27 August 2017. Retrieved28 August 2017.
^"Ongoing Holyrood cyber attack fails to breach security".BBC News. BBC. 16 August 2017.Archived from the original on 30 August 2017. Retrieved28 August 2017.

Hacking in the 2010s

← 2000s

Timeline

2020s →

Major incidents

2010	Operation Aurora (publication of 2009 events) Australian cyberattacks Operation Olympic Games Operation ShadowNet Operation Payback
2011	Canadian government DigiNotar DNSChanger HBGary Federal Operation AntiSec PlayStation network outage RSA SecurID compromise
2012	LinkedIn hack Stratfor email leak Operation High Roller
2013	South Korea cyberattack Snapchat hack Cyberterrorism attack of June 25 2013 Yahoo! data breach Singapore cyberattacks
2014	Anthem medical data breach Operation Tovar 2014 celebrity nude photo leak 2014 JPMorgan Chase data breach 2014 Sony Pictures hack Russian hacker password theft 2014 Yahoo! data breach
2015	Office of Personnel Management data breach HackingTeam Ashley Madison data breach TalkTalk data breach VTech data breach Ukrainian Power Grid Cyberattack SWIFT banking hack
2016	Bangladesh Bank robbery Hollywood Presbyterian Medical Center ransomware incident Commission on Elections data breach Democratic National Committee cyber attacks Vietnam Airport Hacks DCCC cyber attacks Indian Bank data breaches Surkov leaks Dyn cyberattack Russian interference in the 2016 U.S. elections 2016 Bitfinex hack
2017	SHAttered 2017 Macron e-mail leaks WannaCry ransomware attack Westminster data breach Petya and NotPetya 2017 Ukraine ransomware attacks Equifax data breach Deloitte breach Disqus breach
2018	Trustico Atlanta cyberattack British Airways data breach SingHealth data breach
2019	Sri Lanka cyberattack Baltimore ransomware attack Bulgarian revenue agency hack WhatsApp snooping scandal Jeff Bezos phone hacking incident

Hacktivism

Groups

Individuals

Majorvulnerabilities
publiclydisclosed

Evercookie (2010)
iSeeYou (2013)
Heartbleed (2014)
Shellshock (2014)
POODLE (2014)
Rootpipe (2014)
Row hammer (2014)
SS7 vulnerabilities (2014)
WinShock (2014)
JASBUG (2015)
Stagefright (2015)
DROWN (2016)
Badlock (2016)
Dirty COW (2016)
Cloudbleed (2017)
Broadcom Wi-Fi (2017)
EternalBlue (2017)
DoublePulsar (2017)
Silent Bob is Silent (2017)
KRACK (2017)
ROCA vulnerability (2017)
BlueBorne (2017)
Meltdown (2018)
Spectre (2018)
EFAIL (2018)
Exactis (2018)
Speculative Store Bypass (2018)
Lazy FP state restore (2018)
TLBleed (2018)
SigSpoof (2018)
Foreshadow (2018)
Dragonblood (2019)
Microarchitectural Data Sampling (2019)
BlueKeep (2019)
Kr00k (2019)

Malware

2010	Bad Rabbit Black Energy 2 SpyEye Stuxnet
2011	Coreflood Alureon Duqu Kelihos Metulji botnet Stars
2012	Carna Dexter FBI Flame Mahdi Red October Shamoon
2013	CryptoLocker DarkSeoul
2014	Brambul Black Energy 3 Carbanak Careto DarkHotel Duqu 2.0 FinFisher Gameover ZeuS Regin
2015	Dridex Hidden Tear Rombertik TeslaCrypt Project Sauron
2016	Hitler Jigsaw KeRanger Necurs MEMZ Mirai Pegasus Petya and NotPetya Philadelphia X-Agent
2017	BrickerBot Kirk LogicLocker Rensenware Triton WannaCry XafeCopy
2018	Annabelle VPNFilter
2019	Grum Joanap NetTraveler R2D2 Tinba Titanium ZeroAccess botnet

Parliamentary Estate

Palace of Westminster

House of Commons	House of Commons Library Members' Lobby Speaker's House Strangers' Bar Visitors' Gallery
House of Lords	House of Lords Library
Old Palace	Court of Requests Jewel Tower Painted Chamber Star Chamber Westminster Hall White Chamber
Paintings and sculptures	Armada Tapestries (lost) Richard Coeur de Lion (statue) (inOld Palace Yard) Statue of Margaret Thatcher,Statue of Winston Churchill (in theMembers' Lobby) The Death of Nelson (1859 –1864),The Meeting of Wellington and Blücher after the Battle of Waterloo (1861) (in theRoyal Gallery)

History

Gunpowder Plot (1605)
Assassination of Spencer Perceval (1812)
Burning of Parliament (1834)
Provisional IRA bombing (1974)
Assassination of Airey Neave (1979)
2017 Westminster data breach (2017)
Westminster attacks
- 2017
- 2018

In art

The Death of the Earl of Chatham (1781)
A Panoramic View of London, from the Tower of St. Margaret's Church, Westminster (1815)
The Burning of the Houses of Lords and Commons (1834)
Houses of Parliament (Monet series) (1899 –1901)
The Terrace, 1909 (1909)

ThisLondon-related article is astub. You can help Wikipedia byadding missing information.

Retrieved from "https://en.wikipedia.org/w/index.php?title=2017_Westminster_data_breach&oldid=1273216922"

Categories:

Hidden categories:

[8]ページ先頭