GCHQ uncovers Jihadists’ government hack attack

The Daily Telegraph has reported that jihadists in Syria have hacked into ministerial email accounts in a sophisticated espionage operation uncovered by The Government Communications Headquarters (GCHQ).

GCHQ reportedly alerted Whitehall officials in May, with the investigation finding the attempts to steal information from the personal correspondence of several of David Cameron’s senior ministers, including Home Secretary Teresa May.

If accessed, the emails could have disclosed events that government figures and members of the royal family were expected to attend, thereby effectively providing the hackers with a list of potential targets.

Despite the Telegraph reporting that the cyber attack did happen, the report goes on the state that no security breach occurred, which has left everyone a little bemused.

The report by the newspaper also states that one of the ringleaders of the attack was killed in a drone strike operation backed by the Prime Minister which came to light earlier this week.

The GCHQ has declined to comment on the report, stating that they don’t comment on intelligence matters.

For now, we will have to wait and see what happened and if indeed a security breach did occur.

The post GCHQ Uncovers Jihadists’ Hacking Efforts appeared first on IT SECURITY GURU.

UPDATE: Keith Poyser, Managing Director EMEA at Accellion, has been on hand to lend his views:

Are you surprised by this news?

"Details of this hack are still emerging. However, if it transpires that this was a public cloud based email system then it is no surprise that a breach occurred in this manner."

How serious is this?

"If public cloud based services are being used, as I suspect they are, then this is an inherently insecure approach that presents a soft target for attacks."

Was it avoidable?

"Hacks like this are often less sophisticated than they seem. This attack may be as simple as an online email service being used, allowing hackers to crack the user name or password of cabinet ministers. If a public cloud service is being used, this is an inherently insecure approach."

What does it say about security at the highest levels of government?

"It is alarming that such high level government officials can be hacked by a terrorist organisation, but we have to recognise that malicious cyber threats, from whichever quarter, are agile, diverse, connected and use appropriate technologies to carry out targeted attacks. That's why every UK business and government department must be prepared to match them.