UK parliamentary authorities have issued a new warning after a sharp increase in phishing attacks targeting MPs, peers and officials, with Russia-based actors actively attempting to compromise WhatsApp and Signal accounts used by political figures. Parliamentarians have been told to strengthen their cybersecurity measures as attackers continue to exploit messaging apps through impersonation tactics.
According to a memo circulated on Thursday, attackers are sending messages pretending to be official support teams from WhatsApp or Signal. Victims are prompted to enter an access code, scan a QR code or click a link, allowing intruders to gain full access to private messages, contact lists and activity logs—without detection. The memo warns that these attacks can be carried out easily as long as the attacker has the target’s phone number.
NCSC Confirms Russian Targeting Campaign
The National Cyber Security Centre (NCSC), part of GCHQ, confirmed in October that new protective measures had been issued for MPs, yet “cases have continued to rise.” Parliamentary authorities said the NCSC is aware of “Russian-based activity” focusing on commercial messaging platforms widely used by UK politicians, particularly WhatsApp and Signal. This follows several years of repeated Russian cyber operations against British political figures, including a major exposure in 2023 when the UK government identified the Russian-linked Star Blizzard group targeting MPs through spear-phishing campaigns dating back to 2015.
Move Away from Commercial Apps
Legislators and officials are now being urged to avoid using commercial messaging platforms for parliamentary business. Authorities recommend switching to Microsoft Teams for informal work-related communication, which allows for tighter institutional security controls.
A government spokesperson said spear-phishing “remains a common and effective tactic” and confirmed that the NCSC is working closely with government departments and parliament to respond to the latest wave of targeting. High-risk individuals are being strongly encouraged to follow NCSC guidance and sign up for enhanced cyber-defence services.
Recent Investigations Highlight Severity
Last year, police launched an investigation after several MPs were approached by a WhatsApp account using the names “Abigail” or “Abi” in what was believed to be a coordinated spear-phishing attempt. The exposure of Russian intelligence-linked activity in 2023 and the continued rise in attacks this year have increased pressure on Parliament to modernise its digital security standards.
Steps MPs Are Being Told to Take
The latest guidance urges parliamentarians and staff to enable two-factor authentication on all messaging accounts, check for any unfamiliar devices linked to their accounts, and immediately remove any that appear without explanation. Officials also advised registering phone numbers and email addresses with the NCSC so alerts can be issued if an account is compromised.
The increase in cyber threats forms part of a wider pattern of foreign interference attempts directed at the UK’s political system, with parliamentary authorities warning that vigilance is now essential.
