The European Parliament has disabled all remote access to e-mail and asked employees to change passwords during the five-day long cyber-attack.
Less than two days after the
EU Commission and its foreign-service arm came under fire, the European Parliament's
network came under cyber-attack. This is the third such incident on European
governmental organizations in two months.
The attack on the European
Parliament's computer network began March 24 and was in progress for at least
five days, an EU spokesperson told European
. Employees were told on March 30 that the attacks had ended, but they
had to continue to be careful.
The Parliament's IT team has
put in security measures such as blocking remote access to email via Web
browsers, according to the spokesperson. Employees were also told to change
their network login credentials.
services are working day and night to investigate," the spokesperson said.
Separately, the European
Commission and its foreign ministry European External Action Service reported a
on its network on March 22. Employees were asked to
change their passwords and all remote access to email had been revoked as the
EC's security team investigated the breach.
While the Commission claimed
the breach was the result of malware and not a direct assault on its systems,
the Parliament did not provide any details of the attack.
An unnamed official told the
European Voice that the attacks on EC and the Parliament appeared to have been
"coordinated" based on the timing, but that information could not be verified.
The Parliament and Commission have separate networks, so it is possible the
attackers were snooping around to extract valuable information.
The EC attack occurred just
ahead of a significant summit in Brussels to discuss the Libyan crisis,
European debt and nuclear power.
"It is possible that
Anonymous has begun to inspire -serial hacktivism,'" as the EC attack could
have been a response to the Western intervention in Libya, Amichai Shulman, CTO
of Imperva, told eWEEK. The hacktivist group Anonymous has recently launched
attacks against a wide range of targets, including the music industry,
companies who severed ties with whistle-blowing site WikiLeaks
and government Websites in countries engulfed in mass
It is unclear at this time
whether the Parliament incident is related to the attack on France's finance
ministry in February. In the attack that compromised more than 150 computers,
the attackers were allegedly after documents on the G20 summit held in Paris
Since some of the stolen
files were redirected to Chinese sites, there was speculation the Chinese
government may have backed the attack. Shulman dismissed the scenario as
"unlikely," since China was part of the G20 and already had access to the
documents. Instead, he said it was more likely that hackers from all over the
world were using Chinese IP addresses because it was easier to exploit them.
Shulman donned his
"conspiracy-theory hat" and speculated the agency had failed to secure its
networks and was compromised by a simple worm or virus. "Rather than
embarrassingly admit this security failure, they claim APT," Shulman said. He
said it was unlikely an Advanced Persistent Threat would affect "only 150
APTs are generally complex
and ongoing attacks that use unique attack vectors.