According to a report in the Daily Telegraph, British cabinet ministers' emails have been hacked by Jihadists in Syria, leaving cyber-security professionals wondering what really happened and speculating on how it could have been prevented.
The newspaper said that the intelligence agency GCHQ had discovered that “extremists linked to the Islamic State of Iraq and the Levant (Isil) have been targeting information held by some of David Cameron's most senior ministers, including Theresa May, the Home Secretary”.
Hacking emails and diaries of senior ministers could have revealed details of events being attended by ministers and members of the Royal family.
Nigel Inkster, an expert with the International Institute for Strategic Studies (IISS), told the Daily Telegraph that jihadist groups want to acquire cyber-attack capabilities.
A British citizen, Junaid Hussain, described as a computer hacker from Birmingham and thought to be involved in the attack on cabinet ministers' IT systems, was killed recently by US forces. He is thought to have been a member of the “Cyber-Caliphate”, a jihadist hacking group.
Whitehall security officials were apparently warned in May about the hacking campaign.
From what little information has emerged about the attack, it's difficult to determine exactly what happened, but GCHQ has said that no security breaches occurred. Meanwhile, though, the Daily Telegraph said it has been told that emails were hacked and officials have been told to tighten security including changing passwords.
Security experts were not impressed with the lack of clarity around the situation. “If no security breaches occurred then how where emails compromised? There are a lot of weasely words used in these stories. Things like ‘targeting' which doesn't necessarily mean the attacks where successful,” said Cris Thomas, strategist at Tenable Network Security.
Norman Shaw, Founder and CEO at ExactTrak commented: “The ‘was it' or ‘wasn't it' a breach surrounding this ‘episode' suggests that those involved are being a little economical with the truth to say the least and possibly trying to cover up a potential disaster. Could an insider have provided information to ISIL that enabled them to make this penetration? Regardless of what actually happened, if data was accessed, it was a breach.”
Whatever happened, cyber-security experts expressed concern about what the incident said about security around individuals at the top of government.
Gary Newe, technical director at F5 Networks commented: “I would assume that any really high value information would not be stored in an easily read email, but this is clearly a blunder. It is important that the government establishes how this happened and maybe even re-evaluates its email security.”
Robert Holmes, general manager of email fraud protection at Return Path, told SCMagazineUK.com in an email: “Government bodies have a tendency to lag behind when it comes to heightened security postures versus the private sector.”
Keith Poyser, managing director EMEA at Accellion said: “It is alarming that such high level government officials can be hacked by a terrorist organisation, but we have to recognise that malicious cyber threats, from whichever quarter, are agile, diverse, connected and use appropriate technologies to carry out targeted attacks.