Scotland

Ongoing Holyrood cyber attack fails to breach security

Scottish Parliament Image copyright Getty Images
Image caption MSPs and staff were warned to be vigilant and to make sure their passwords were secure

A sustained "brute force cyber attack" has failed to breach security systems at Holyrood, officials have confirmed.

The ongoing attempted hack of Scottish Parliament IT systems is similar to one which targeted Westminster in June.

Staff from Holyrood's IT office are working "closely" with the National Cyber Security Centre to put extra defences in place.

Chief Executive Sir Paul Grice said analysis was taking place to trace the origin of the attack.

MSPs and staff were advised that Holyrood had been targeted from "external sources" on Tuesday.

All users of parliamentary systems were encouraged to be vigilant and make sure their passwords were as strong as possible.

A brute force cyber attack involves hackers making repeated attempts to log in to a system using a series of different passwords, in an attempt to effectively guess the passcode.

'Fully operational'

In an update to colleagues, Mr Grice wrote that "various cyber security measures were quickly deployed" in the wake of the attack, saying that "the frequency of failed log-ins and account lockouts" had decreased.

He wrote: "At this point there is no evidence to suggest that the attack has breached our defences and our IT systems continue to be fully operational.

"Users should be aware, however, that this attack remains ongoing. It is not uncommon for brute force attacks to be sustained over a period of days so it is essential that IT account users are vigilant and report any suspicious issues."

The chief executive said IT staff were "working closely with the National Cyber Security Centre" to put "additional security measures" in place to continue to contain the incident and "mitigate against any future attacks".

He added: "In addition, analysis is taking place to better understand the origin of the attack and to assess its overall impact."

MSPs recently discussed cyber security in the wake of malware attacks which affected several Scottish NHS boards, concluding that "effective arrangements" were in place.

Related Topics

More on this story

Related Internet links

The BBC is not responsible for the content of external Internet sites