Iranian hackers compromised the UK leader Theresa May’s email account along with other 9,000 emails

Iranian hackers compromised 9,000 UK emails in ‘brute force’ cyber attack that was initially attributed to Russian state-sponsored hackers.

On June 23, around 9,000 email accounts, including those belonging to Theresa May and other Cabinet Ministers, were hacked in the 12-hour “sustained and determined” attack cyber attack.

“According to intelligence officials, the cyberattack “bombarded parliamentary email accounts” but only compromised about 1 percent of the accounts it affected. The attack was initially thought to be the result of amateur hackers and not a nation-state.” reported the Hill.

According to The Times, the attack was initially attributed to Russia, but further investigation linked the offensive to Iranian hackers.

“Iran carried out a “brute force” cyberattack on parliament that hit dozens of MPs this summer, according to a secret intelligence assessment.” reported The Times

“Some 9,000 email accounts, including those belonging to Theresa May and other cabinet ministers, were subjected to a sustained attack on June 23. Ninety accounts were compromised.”

“Whitehall officials admitted it was inevitable that the hackers had obtained sensitive material,” the Times reported.

The investigation is still ongoing, for this reason, both The House of Commons and the National Cyber Security Centre did not comment the attack.

The attack was discovered during a secret intelligence assessment, sources described the Iranian threat actors as “highly capable actors in the cyber world”.

“It was the not most sophisticated attack, but nor did it need to be.” a second source added. “It is possible they were simply testing their capability.”

The revelations come as Donald Trump has threatened to terminate the 2015 Iran nuclear deal if Congress and US allies fail to amend the agreement in significant ways.

The UK Prime Minister along with Angela Merkel and Emmanuel Macron insist preserving the pact due to the implications on “shared national security interest.”

A statement from the UK, France, and Germany said the International Atomic Energy Agency has “repeatedly confirmed” Iran’s compliance with the terms it signed up to.

Back to the cyber attack that hit 9,000 email accounts, there are various hypotheses about the attackers’ motivation.

The attack could be part of a wider cyber espionage campaign, but another concerning option is that Iran was trying to find embarrassing material to blackmail MPs.

Iranian hackers are becoming even more aggressive even if experts believe that they are not particularly sophisticated.

Recently we discussed the OilRig gang has been using a new Trojan in attacks aimed at targets in the Middle East.

OilRig is just one of the Iran-linked hacker crews, other groups tracked by security experts are APT33Rocket Kitten, Cobalt Gypsy (Magic Hound), Charming Kitten (aka Newscaster and NewsBeef) and CopyKittens.

Pierluigi Paganini

Source :

Given the complexities of digital financial world, let us put cybersecurity as core focus, for the leaks of data security can jeopardize the credibility and growth of the whole industry. For this reason, Asosiasi FinTech Indonesia fully supports Cyber Security Indonesia 2017 to create top of mind awareness on cybersecurity issue.

Niki Santo Luhur
Chairman - FinTech Indonesia Association

Now the whole industry begins to understand that it's better to prevent than to lose access and control data because of negligence to keep the data secure. Hence, this encourages APTIKNAS to endorse the implementation of Cyber Security Indonesia.

Fanky Christian
Head of DPD DKI - APTIKNAS (Indonesian ICT Business Association)

Indonesia, with its vast wealth of information is in urgent need of preventive and defensive measures against cyber threats. Other than protecting national interest, such measures are also required to protect the interest of its citizens. Actions taken may not be adequate through policies and regulations but through concrete actions involving all components of the nation. Hence LEMSANEG welcomes and endorses Cyber Security Indonesia 2017.

Major General (TNI), Dr Djoko Setiadi, M.Si
The Head of LEMSANEG (State Cryptography Agency)

ATSI (Indonesian Telecommunication Providers Association) supports Cyber Security Indonesia 2017 to encourage concern and awareness of the important needs of cyber protection system to prevent and minimise cyber crime for individuals, communities, governments and also companies in Indonesia.

Sutrisman Raden
Executive Director of ATSI