Member of parliament and Foreign Affairs Committee chair Tom Tugendhat has made the claim that the UK’s intelligence services unofficially told him to stop using his official parliamentary email in favour of Google’s Gmail service over concerns that the government’s own system is vulnerable to attack from foreign intelligence agents.
Speaking on the BBC’s Today programme on 13 April 2021, Tugendhat said: “I was told by friends at GCHQ – not formally, I admit – that I was better off sticking to Gmail rather than using the parliamentary system because it was more secure. Frankly that tells you the level of security and the priority we’re giving to democracy in the United Kingdom.”
During the interview, Tugendhat revealed he had been the subject of multiple targeted cyber attacks in the past three years and said that both China and Iran were the likely perpetrators. He added that the intelligence services of at least two other countries had also targeted him but did not name them.
Last week a fake email purporting to be from Tugendhat was sent to members of the Foreign Affairs Committee, in which he resigned his position as chair of the committee, claiming he could no longer function effectively in the role.
Tugendhat said nobody on the committee fell for the email, which he described as Chinese psyops. According to The Telegraph, the spoofed email was sent from an AOL account that appeared to be linked to Tugendhat.
At the end of March the MP was named as one of a group of parliamentarians and organisations sanctioned by China over their criticism of its treatment of its Uighur Muslim minority. He was also closely involved in the long-running series of hearings and inquiries that resulted in the exclusion of Huawei from the UK’s mobile network infrastructure.
MPs have long been known to be potential targets of foreign intelligence services targeting the UK. Last year, it emerged that a leaked dossier of documents relating to post-Brexit trade negotiations with the US – which appeared to call the future of the NHS into doubt – were stolen from the email of the then trade secretary Liam Fox in a targeted spear-phishing attack.
The government mandates stringent security across its email services, requiring it to be encrypted and authenticated in transit by supporting transport layer security (TLS) and domain-based message authentication, reporting and conformance (Dmarc) as a minimum. This guidance can be read in full here.
The National Cyber Security Centre’s own guidance on email security and anti-spoofing for organisations can be found here.
A spokesperson for the NCSC said: “The NCSC works closely with the Parliamentary Digital Service who make use of the NCSC’s cyber security guidance, support and Active Cyber Defence services. The Parliamentary email system follows NCSC best practice, including the use of two-factor authentication (2FA), and MPs should continue to use it.
“We have worked with political parties, local authorities and individuals for several years on how to protect and defend against cyber attacks – including issuing tailored advice directly and on our website.”