MP safety has long been a concern in Westminster but the issue is back under the spotlight after conservative MP William Wragg was this week caught up in a “phishing” scandal.
The parliament security team insist it takes online safety and security extremely seriously, but MPs are facing cyber attacks that have become more sophisticated in recent years.
They often take place via newer forms of communication, such as WhatsApp, which are harder for security services to monitor than email.
How are MPs’ communications and devices monitored?
Parliament ultimately has limited oversight on the use of WhatsApp on MPs’ personal digital devices, which complicates matters.
Members of parliament and their staff can opt to use a cyber security advisory service to help them lock down their personal devices and accounts.
Another opt-in service is from the parliamentary social media monitoring team, which can track MPs’ Twitter and Facebook profiles for serious threats.
For those especially concerned with hacks and phishing attacks, parliament’s personal cyber advice service offers “hands on” guidance and invites MPs to bring phones, tablets and laptops in for a security check.
What training are people in parliament given?
MPs are given a “top tips” booklet, written with input from the National Cyber Security Centre (NCSC), with further advice sent in hard copy to all MP offices.
They’re also given tailored security advice to help protect against phishing attacks, which tend to be broad attempts to get people to share sensitive information.
Spear-phishing is a more bespoke approach, which sees cyber-fraudsters target an individual in a highly-personalised way, with the hope they’ll share something fairly compromising. This is the type of attack at the centre of Mr Wragg’s scandal.
Read more from Sky News:
Wragg praised for ‘courageous’ apology
Who is William Wragg?
Podcast: Why do MPs never answer the question?
In an email sent to MPs this week, staff were reminded they can register their personal accounts with the NCSC so they can be warned rapidly if there’s a suspicion or risk that they might be targeted.
A parliamentary spokesperson said: “We are encouraging anyone affected who has concerns to contact the parliamentary security department.”
‘Avoid message requests from unknown accounts’
In 2019, the NCSC issued guidance for MPs to help them keep safe online – which had an entire section dedicated to precautions to take when using messaging apps such as WhatsApp.
See the advice below:
Online safety training labelled ‘basic’
One person in parliament told Sky News they were given an “online smarts” lesson when they joined.
They also took part in a cyber security session via Zoom as part of their constituency training – though they said it was fairly “basic” and mostly dealt with password protection.