Cyberattack: Microsoft

Lord Collins of Highbury Excerpts
Thursday 22nd July 2021

(2 years, 8 months ago)

Lords Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
Lord Collins of Highbury Portrait Lord Collins of Highbury (Lab)
- Hansard - -

My Lords, I must admit that I share the view of Iain Duncan Smith about the seriousness of this matter and why there was not a Statement from the Government at the time. In the Commons, the Minister estimated that approximately 3,000 UK-based organisations may have been vulnerable to this attack, but there was no confirmation on whether any public bodies are included in this figure. Can the noble Lord, Lord Ahmad of Wimbledon, state whether any public bodies were compromised and what urgent steps are being taken to secure public bodies from future attacks? Also, when the Government acted with targeted sanctions against individuals involved in the Russian state-backed cyberattack on the German Parliament, why were there no sanctions in response to Chinese state-backed cyberattacks, on—among others—the Finnish Parliament?

Lord Ahmad of Wimbledon Portrait The Minister of State, Foreign, Commonwealth and Development Office (Lord Ahmad of Wimbledon) (Con) [V]
- Hansard - - - Excerpts

My Lords, I agree that we need to ensure protection for all organisations. The noble Lord is correct in saying that 3,000 organisations were impacted. Obviously, we made a full evaluation when we were informed of these attacks to ensure that all the information was readily available. He asked specifically about government organisations. We do not believe that government organisations were victims. Because this was an untargeted action, it is not possible to give a credible assessment of the overall economic damage. He asked about further mitigation. As he knows, the National Cyber Security Centre is very much world beating and, together with Microsoft, we have worked to give specific and timely advice. By the end of March, 92% of all those organisations impacted had taken appropriate mitigations.