Officials have confirmed that the Scottish Parliament has been targeted by a “brute force” cyber attack, similar to that which affected Westminster in June.
Chief executive Sir Paul Grice confirmed the attack in a message to MSPs and staff with parliamentary email addresses, and said the attack was from “external sources” and urged all members to be vigilant.
Grice added that systems “remain fully operational” and that “robust cyber security measures” had identified the attack early.
Grice also urged all MSPs and staff to make sure passwords were as secure as possible and that parliament’s IT team would “force a change to weak passwords as an additional security measure.”
“The parliament’s monitoring systems have identified that we are currently the subject of a brute force cyber attack from external sources,” wrote Grice.
“This attack appears to be targeting parliamentary IT accounts in a similar way to that which affected the Westminster parliament in June. Symptoms of the attack include account lockouts or failed logins.
“The parliament’s robust cyber security measures identified this attack at an early stage and the additional security measures which we have in readiness for such situations have already been invoked. Our IT systems remain fully operational.”
Hackers involved in a ‘brute force’ attack try to access systems by systematically using a range of different passwords in the hope that a correct password is delivered through trial and error.