AN SNP MP has said he fears he may be the victim of a “disinformation attack” as he claimed his personal email account has been hacked by Russia.
Glasgow South MP Stewart McDonald told the BBC he was targeted in a phishing attack on January 13, in the form of a password-protected attachment sent in an actual email account for a member of his staff, purporting to be about Ukraine.
After clicking on the link and entering his log-in details, the MP was redirected to a blank page, the MP said.
When he asked the member of staff about it, he responded: “I didn’t send any email.”
Several days later, the same staff member informed McDonald he had been locked out of his personal email account because of suspicious activity – and that he had never sent him the email with the log-in page.
McDonald, formerly his party’s defence spokesperson, said he is concerned about what may be done with personal emails that may have been taken from his account.
He told the BBC: “If it is indeed a malicious state-backed group, then, in line with what I’ve seen elsewhere, I expect them to dump some of the information online.
“I can expect them to manipulate and fake some of the content and I want to get out ahead of that to ensure any disinformation attack against me is discredited before it’s even published.
“It can catch people, even those who are alive to the threats.”
The incident came in the weeks after the National Cyber Security Centre (NCSC) warned of “spear-phishing attacks” – which are targeted at specific people using tailored content more likely to deceive – from actors in Russia and Iran.
McDonald added: “This is a phishing campaign that was long-planned, and was targeted against me. I know it was targeted against some others also.
“Unfortunately the hackers managed to breach the private email address of one of my staff team as well, so I would recommend to all your listeners to read the National Cyber Centre’s guidance on spear phishing.
“These are more sophisticated than general phishing emails that I am sure all of us have received from time to time and ensure you don’t fall victim to it.
“It’s a deeply unpleasant experience.”
A spokesman for the NCSC said: “An incident has been reported to us and we are providing the individual with support.
“The NCSC regularly provides security briefings and guidance to parliamentarians to help them defend against the latest cyber threats.
“This includes expert advice for MPs and their staff available on the NCSC website.”