The massive cyberattack on British MPs’ emails last week was likely masterminded by amateur hackers rather than a state entity, according to anonymous European government sources.
The cyberattack, which targeted the private email accounts of up to 90 members of the UK Parliament, was organized by private cyber criminals, the sources told Reuters.
This contradicts earlier statements that suggested a foreign government was behind the hack, as many Western political commentators immediately pointed the finger at Russia.
Cybersecurity experts familiar with the investigation said the hackers were only able to break into the accounts of MPs who used simple and easily deducible passwords.
After being presented with the findings, the National Cyber Security Centre, which was established to safeguard British government infrastructure against cyberattacks, said it would reissue guidance to government bodies to prevent a repeat.
An unnamed official cautioned that “cyber threats to the UK come from criminals, terrorists, hacktivists as well as nation states.”
In addition to compromising a substantial number of private emails belonging to parliamentarians, the attack also left many unable to access their accounts.
According to Chris Rennard, a Liberal Democrat life peer in the House of Lords, the MPs had to resort to private texts to communicate “urgent messages” to their colleagues.
In a statement about the incident, the spokesperson for the House of Commons said access had been restricted as part of the security response to the hack in an effort to “secure our network.”
“The Houses of Parliament have discovered unauthorized attempts to access parliamentary user accounts.
“We are continuing to investigate this incident and take further measures to secure the computer network, liaising with the National Cyber Security Centre,” he added.
“We have temporarily restricted remote access to the network. As a result, some members of Parliament and staff cannot access their email accounts outside of Westminster.”
Remote access to the MPs’ private emails has reportedly been restored since the incident.