An MI5 website hack is unlikely to have caused a breach of national security, according to experts.
A report in the Daily Express claimed that a hacking gang known as 'Team Elite' managed to break into the site, and alter it so that "the identity of visitors could be stolen and viruses downloaded on to their machines".
The report also quoted Tory MP Patrick Mercer as saying: "Having potentially highly classified information available to hackers is deeply concerning. The identity of agents and informers in terror groups such as Al Qaeda are held by MI5."
However, Sophos senior technology consultant Graham Cluley explained that the hackers were only able to compromise the details of those visiting the site, rather than any confidential MI5 data locked away in back-office systems.
"Frankly, there's a lack of information in this report to let us know just how big a security problem this was. The good news is that the authorities claim to have fixed the flaw, so visitors to the site are no longer at risk," wrote Cluley in a blog post.
"However, this is a timely reminder for all of us who have web sites - big and small - to make sure they are properly secured from attack."
Cluley recommended users deploy content-scanning technology that can detect whether a legitimate site has been compromised, and that site owners invest in scanning services to alert them if malicious code has been planted on their web pages.
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Private AI vs Public AI: How your organisation can securely adopt AI without compromise and excessive cost
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
