MI5 website hacked – a threat to national security?

Update: It turns out that the story in The Daily Express may not be entirely reliable. Read an update to this blog post: “MI5 website hack overhyped by Daily Express”

British tabloid The Daily Express claims to have an exclusive on its hands this morning with a story that MI5’s website was compromised by hackers.

According to the Daily Express, the “Team Elite” hacking gang broke into the website of MI5, the United Kingdom’s counter-intelligence and security agency, gathering information about everybody who visited the site.

The journalists at the Express rolled out Tory MP Patrick Mercer to provide a quote, who said “The identity of agents and ­informers in terror groups such as Al Qaeda are held by MI5.”

Sign up to our free newsletter.
Security news, advice, and tips.

Well, yes, they probably do hold that kind of information but I think it’s highly unlikely that they keep it on their website! And according to the newspaper, the hackers were only able to steal information from users visiting the site – so the only way in which I could imagine such information could have been grabbed by the cybercriminals would have been if an MI5 agent visited the site and was storing unencrypted information about fellow agents and terror suspects on their own computers.

The report also says that the hackers were able to download viruses onto the computers of visiting users. Sadly, they haven’t gone into any details as to what virus this was, so we don’t know what it could have done.

Frankly, there’s not enough information in this report to let us know just how big a security problem this was. The good news is that the authorities claim to have fixed the flaw, and so visitors to the site are no longer at risk.

However, this is a timely reminder for all of us who have websites – big and small – to make sure they are properly secured from attacks.

Sophos’s recent security threat report revealed that we discover one new infected webpage every 3.6 seconds (that’s four times faster than in first half of 2008).

Web infection is one of the primary routes by which hackers are trying to infect innocent computer users – and most of these attacks are occurring via legitimate sites, just like MI5’s. And that’s why more and more companies are realising they need to defend their users by scanning web activity, just like they’re used to scanning email for spam and viruses.

As well as poorly coded websites including vulnerabilities that hackers can exploit, another problem is that companies simply are not aware that malicious code has been planted on their webpages. One of the ways in which we deal with that is with our WebAlert service.

Here’s a fun video we made demonstrating how WebAlert works:

[vimeo 2601049] Sophos WebAlert – explained with children’s toys from SophosLabs on Vimeo.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.