MPs have been told their phones are a “potential goldmine” for hostile states who are targeting them to influence democracy in the UK.
Advice was shared by the Commons speaker, Lindsay Hoyle, suggesting MPs should not take their phones into sensitive meetings, given the threat from state-backed hackers, as well as criminals and fraudsters.
Other security measures MPs were told to take included setting up multi-factor verification, which requires two forms of identification to access resources or data, as well as updating software and deleting old messages.
The advice came from the National Cyber Security Centre (NCSC), accompanied by a letter from Hoyle telling colleagues only one person’s phone camera or microphone needed to be compromised for everyone in a room to be put at risk.
After Liz Truss’s phone was reportedly hacked by Russians, Hoyle said that “recent events” had shown hostile states were trying to “gain insight into, or exert influence over, our democratic processes for their economic, military or political advantage”.
He added: “Our phones contain so much information: our messages, emails, contacts, photos and social media posts – including private, sensitive, personal, historic and sometimes even deleted data.”
Truss’s phone was said to have been hacked over the summer, when she was foreign secretary and the frontrunner in the Tory leadership race.
According to the Mail on Sunday, spies suspected of working for the Kremlin gained access to sensitive information, including discussions about the war in Ukraine and private conversations with Kwasi Kwarteng, who would later become her chancellor.
Hoyle said that “while no personal mobile phone can ever be made completely secure from a determined nation-state attacker”, 10 “top tips” had been compiled by the NCSC to make the devices “as resilient as possible”.
In a letter revealed by HuffPost UK, he added: “You may not feel able to do everything on this list, but the more you do, the less likely your personal information and mobile phone will be compromised, or the less damaging the consequences if you are hacked.”
MPs were advised to limit the amount of time messages were stored on their phone, and review their privacy settings to limit apps’ access to their microphone or location data, as well as disabling message previews.
Other suggestions made were for MPs to: “securely wipe” any device they were no longer using and intended to pass on; use a password manager; and be aware of their surroundings while using the phone.
Security minister Tom Tugendhat is leading a Westminster taskforce to address threats to the UK’s democratic institutions.
He has said “our democracy is under attack” and that the speaker was “right to warn all MPs”.
“That’s why I’m leading a new taskforce to bring together different groups that can protect our core sovereignty – the right to choose who leads us,” he added.
Tory MP Tobias Ellwood, who chairs the defence select committee, has warned previously that if Truss’s phone was hacked, “other senior government, diplomatic and military figures will be too”.