MPs Victim of Nearly 3M Malicious Email Attacks Monthly

New research indicates that Members of Parliament (MPs) have been targeted by nearly 3 million malicious email attacks monthly since the start of 2020.  

Malicious Email Attacks

New research obtained via a Freedom of Information (FOI) act request from a Parliament Street think tank looked at MPs’ emails. From the 1st January to 31st August, there were a total of 22,321,459 malicious email attacks targeting MPs. Although they were all successfully blocked, the emails in question included phishing, spam and malware. These averaged out at roughly  2,790,182 per month.


Worse Than 2019

Last year’s Parliament Street report showed just 1,747,759 monthly average attacks aimed at MPs. This means that there has been a rise of nearly one million email attacks monthly, working out at a 60% increase, year-on-year. Researchers attribute this surge, partially, to Parliament’s 2019 ‘cyber capabilities’ announcement. In this, they announced the implementation of a two-year programme dedicated to building and maintaining cyber security and reducing risk facing staff and data. That being said, Covid-19 is likely to have played an important role in the huge increase in cyber attacks, especially given the amount of media attention that the government has received. Additionally, with more remote work than ever before, it is even harder to combat cybersecurity risks.


Common Trend

Cyber attacks on Parliament is not unique to the UK and, in fact, is becoming increasingly common around the world. The Norwegian Parliament disclosed a cyber-attack on its internal email system back in September of this year. In May 2015, 20,000 computers in the German Parliament were under a cyber-attack.

Additionally, it is not something new. The UK Parliament suffered a wide-scale cyber attack in June 2017 in which 26 users of the Parliament had their accounts directly compromised including a member of the House of Lords, various personnel and administrator accounts.


Combating Cyber Email Attacks

Parliament is clamping down on cybersecurity, recently advertising for a new Director of Security for Parliament in the House of Commons. The role lists cyber security, physical and personal protections as core components.

Andy Harcup, VP, Absolute Software comments:

“Members of Parliament have been under added pressure over the last year, as the coronavirus continues to disrupt services, society and cause havoc for the general public. As a result, cyber attackers have attempted to infiltrate some of the most confidential data imaginable, governmental data, by overloading MPs with malicious phishing, scam or malware attacks, in an attempt to use times of national crisis to their advantage.”