A new report has found that Members of Parliament (MPs) have been targeted multiple times by malicious actors through email – so many times, that it is estimated that MPs receive nearly three million unscrupulous emails every month.
Based on data obtained through a Freedom of Information (FOI) act request from think tank Parliament Street, it was found that MPs had been targeted by 22,321,459 malicious emails over the last eight months. This meant that, on average, MPs were targeted 2,790,182 times per month.
The data noted that all of the attacks were successfully blocked, including emails suspected of phishing, spam, and malware.
By comparison, last year’s Parliament Street report found that MPs only suffered a monthly average of 1,747,759 email-based attacks.
The significant increase in email-based cyberattacks comes after Parliament announced last year that it had implemented a two-year programme focused on developing its “cyber capabilities,” as well as mitigating cyber exposure by downsizing risk-facing staff and data. But Parliament Street believes that it was the COVID-19 pandemic – and the attention it has drawn to the government – that has been the main cause for the surge in attacks.
Cybersecurity experts weighed in on the report.
“These findings highlight the sheer scale of the threat that all businesses are facing. With millions of malicious emails being sent, the odds that one might work are high - especially if they are carefully crafted to evade detection,” commented Tim Sadler, CEO of email security company Tessian.
Sadler additionally warned that it just takes one stressed employee to miss the cues of a suspicious message, or one really convincing email, for cybercriminals to breach an organisation’s security.
“Hacking humans on email is still the easiest way for cybercriminals to hack into organisations and institutions,” the CEO said.
“Members of Parliament have been under added pressure over the last year, as the coronavirus continues to disrupt services, society and cause havoc for the general public,” said Absolute Software VP Andy Harcup. “As a result, cyber attackers have attempted to infiltrate some of the most confidential data imaginable, governmental data, by overloading MPs with malicious phishing, scam or malware attacks, in an attempt to use times of national crisis to their advantage.”