Lord Speaker statement on parliamentary security and cyber security
26 June 2017 (updated on 26 June 2017)
The Lord Speaker, Lord Fowler, made a statement in the House of Lords following the conclusion of the first of two reviews of parliamentary security, and following the cyber security incident on Parliament over the weekend of 24 and 25 June.
Lord Fowler said:
'My Lords, I would like to say a few words about security in Parliament. Since the shocking attack on Westminster Bridge and the Houses of Parliament in March we have witnessed the horror of further attacks in Manchester, further down the river here in London and at Finsbury Park. As we did following the Westminster attack, we send our prayers and condolences to all those affected. I should also inform the House that I have received countless messages of solidarity from Parliamentary chambers around the world.
I informed the House at the end of the last session about Parliament’s response to the continued security threat. First, Mr Speaker and I commissioned an external independent review of how the perimeter of the Parliamentary Estate – including out-buildings – is secured and protected. The final report was submitted to Mr Speaker and myself last week.
Second, the Clerks of both Houses commissioned an externally-led review of the lessons learned from the operation inside Parliament of the Incident Management Framework. The final report from that review is expected shortly.
The reports from both reviews will be considered carefully and appropriate action will be taken swiftly and decisively. I would like to thank all noble Lords who have contributed to the reviews and would urge all noble Lords also to continue to take security seriously when they are on the Parliamentary estate.
Finally, I would like to say a few words about the cyber security incident which occurred over the weekend. On Friday, the Parliamentary Digital Service discovered unusual activity and evidence of an attempted cyber-attack on our computer network. Closer investigation confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts in an attempt to identify weak passwords and gain access to users’ emails. The Digital Service have been working closely with the National Cyber Security Centre to identify the method of the attack and have made changes to prevent the attackers gaining further access. IT systems on the Parliamentary Estate are now working as normal and remote access is being restored gradually. We are continuing to investigate the source of the attack and believe that fewer than one per cent of the 9,000 accounts on the parliamentary network have been compromised as a result of weak passwords. Those in the Parliamentary Digital Service are working extremely hard and are on hand to assist anyone experiencing difficulties as a result of the incident. They will continue to keep members informed of developments.
Our first priority has been to ensure that the business of both Houses can continue. This has been achieved and I am sure all noble Lords will join me in thanking all of those parliamentary staff who have worked so hard over the weekend to ensure that our parliamentary democracy can continue to operate freely.'