Cyber Incident Victim: Scottish Parliament

The Scottish Parliament experienced a brute force cyber attack on or around August 14, 2017, as confirmed by Chief Executive Sir Paul Grice in an email notification to Members of the Scottish Parliament (MSPs) and staff. The attack originated from external sources and targeted parliamentary IT accounts through repeated password guessing attempts, mirroring the method used against the Westminster Parliament in June 2017. Parliament monitoring systems detected the attack during its early stages, with symptoms including account lockouts and failed login attempts. Robust cybersecurity measures prevented system compromise, and no operational disruptions occurred. Officials invoked pre-established security protocols in response, while maintaining normal IT functionality throughout the incident.

The attack prompted immediate security advisories to parliamentary account holders, emphasizing password strength requirements. The IT team enforced mandatory password changes for weak credentials as an additional safeguard. This incident followed a May 2017 cyber attack affecting Scottish NHS boards, which had previously elevated cybersecurity discussions at Holyrood. Parliament officials cited a June 2017 independent review that validated existing cyber defenses, describing them as "sufficient and effective" for threat management. Regular consultations with law enforcement, security agencies, and the National Cyber Security Centre formed part of the institution's security framework. No data breaches or persistent system compromises were reported as direct consequences of this specific attack.