Ministers do not take the threat seriously says committee

Nov 23, 2018 20:06 GMT  ·  By

The UK was not prepared for a cyber attack that hit the UK Parliament in June 2017 targeting the email accounts used by MPs and their staff, according to a committee report led by former foreign secretary Margaret Beckett.

As reported by The Guardian in 2017, around 90 emails accounts of British officials from the Parliament have been compromised by the attack which took advantage of weak passwords to break in.

"The Government must do much more to change the culture of CNI operators and their extended supply chains, ensuring that these issues are understood and addressed at board level and embedding the view that cyber risk is another business risk that must be proactively managed," the parliamentary committee's report says.

Moreover, the committee made out of senior MPs and peers also stated that "This is also a lesson for the Government itself: cyber risk must be properly managed at the highest levels."

The committee says the government does not take the security threat seriously enough

Furthermore, according to the same report, the UK Government and ministers have to urgently address the lack of specialist skills and deep expertise, advising the Government to make the cybersecurity skills a top priority.

Although according to the report the UK Government acknowledged the need to boost the critical national infrastructure cyber resilience, the committee found that a meaningful enough effort was not evident.

"The 2017 WannaCry attack, which affected the NHS, also demonstrated that cyber attacks need not target critical national infrastructure deliberately to have significant consequences," also said the committee. "In addition, some organised crime groups are becoming as capable as states, thereby increasing the number and range of potential attackers."

To conclude, the report mentions the need of a "controlling mind" behind the Government's cybersecurity strategy, urging for the appointment of a single Cabinet Office Minister who should responsible for improved cyber resilience delivery and implementation all across UK’s critical national infrastructure.