Briefing note for Members’ Office Managers from the Cybersecurity Team 8/2/23

Standard

Please note that links to the old Parliamentary intranet have been removed as of October 2023. Please use search on ParliNet to find relevant current details, if available.

https://parlinet.parliament.uk/house-of-commons-members-staff/

Please note that you will need to have a Parliamentary Network Account in order to access some of the links on this page.

Last week the Speakers of both houses sent notices to members regarding spear-phishing attempts.

You may have seen in the news today that MP Stewart McDonald has been subject to a cyber attack on his personal emails.

In the media: SNP MP Stewart McDonald’s emails hacked by Russian group – BBC News

The source of the attack is thought to be a Russian based group called SEABORGIUM. We are briefing you to raise your awareness of the tactics used and the measures you should take to protect your personal accounts. It applies to both members and to members’ staff, so I ask that you to share the guidance with your teams. This is a quick briefing for now to update you and further more comprehensive communications issued in due course.

What you need to know:

  • Stewart McDonald’s personal email was compromised
  • The hackers achieved this by compromising the personal email account of one of his staff, who was locked out
  • The group sent Stewart an email from the staff account with a malicious password-protected attachment
  • The topic of the email was relevant to the member’s work and looked like a genuine message from his staff

Our advice:

  • Be sure that you are communicating with the individual you think you are – if possible, use a separate means of contact to validate this
  • Do not click on links or open files unless you are sure of their source
  • Secure your personal accounts – use strong, unique passwords and turn on multi-factor/2-factor authentication on your social media accounts and personal email
  • Use a different password for your Parliamentary account
  • Use Parliamentary devices for Parliamentary business whenever possible
  • Do not set up any automatic email-forwarding between your Parliamentary email and personal accounts
  • Protect and update your personal devices. Security tips for your mobile phone – intranet PDF
  • Book a cyber security briefing with your local engagement team
  • Report suspicious messages or activity to the Parliamentary Digital Support Desk by calling x2001

For more insight on phishing visit the cyber security intranet pages. The ‘Think Before You Link’ app, from the Centre for the Protection of National Infrastructure (CPNI) helps you identify malicious online profiles and reduce the risk of being targeted. For further information, visit Think before you link app – CPNI webpage.

Facebook scam warning

Standard

It’s been brought to our attention that several MPs have received a message in their Facebook notifications, saying that their page has been reported and asking them to click on a link to ‘repair’ their page.

DO NOT CLICK ON THE LINK!

This is a known scam and could result in malware being downloaded to your computer and could compromise the Parliamentary network.

If you have already clicked the link, please notify PDS immediately.  You should also report it to Facebook, and you can find the email address in our hotlines list.

Screenshot