Just before the bank holiday weekend, Parliament’s Digital Services Cyber Security team warned civil servants about an apparent cyber threat posed by environmental activist group Extinction Rebellion.
An email – published on Guido Fawkes – instructed civil servants who work on parliamentary select committees to change social media account passwords if they had seen personnel changes, to set stronger passwords, be watchful for “suspicious activity” by accounts, and review who has access to the accounts.
The email was sent in response to Extinction Rebellion’s supposed aim to “explicitly target government social-media accounts, email address and phone lines with the intention of ‘shutting them down online’”.
In response to a query from NS Tech, Extinction Rebellion denied that they are staging such a threat, that they have cyber capabilities or plan to develop any.
“It is flattering that the Government Security teams see us as such a huge potential threat! The idea that we may have an intelligent network of hackers willing to take terrorist-level risks shows, that perhaps there is actually a deep understanding of the level of desperation we are in over the climate crisis,” a spokesperson for Extinction Rebellion told NS Tech in an email.
“The overreaction of the authorities to our announcement of peaceful protests this weekend (E.g. pre-emptive arrests, closing a bridge for 4 days where only a 6hr action was planned, presuming a full-blown cyber attack!) has only drawn more attention to our actions and caused more disruption than we even planned to.”
In addition to two weeks of in-person protest planned in London, Cardiff and Manchester, the group is encouraging activists to take part in a Digital Rebellion. This involves calling the internal numbers for both Number 10 and the Treasury during the week commencing 31 August and delivering a script to the government official on the end of the line.
The organisation’s site reads: “You will be answered by a switchboard operator, who will ask you to email instead since these numbers are for government officials only. Ignore this and deliver the phone script, or use your own words. The aim of the call is to stay on the line for as long as possible. Don’t worry, this is perfectly legal.”
Activists are urged to read a lengthy script that includes the lines: “I’m desperate for the government to take the climate and ecological crisis seriously in its post-Covid 19 recovery. But so far, all I’ve heard about is £3 billion for a ‘green recovery’ over the next five years, while the Treasury and Bank of England are squandering hundreds of billions on bailing out the old dirty fossil fuelled economy […] It seems like they aren’t taking any notice of the usual communication channels, so unfortunately I’ve had to resort to calling this number.”
The script emphasises the importance of a green recovery and closes by asking the government official in question to email Boris Johnson about the issue. The caller is encouraged to call repeatedly in order to create maximum disruption.
An email template and the email addresses for several government departments and employees – including the internal address for Number 10 and Dominic Cummings’ personal Gmail account – are provided for activists to bombard with a script similar to that for telephone calls.
Another prong of the Digital Rebellion is to ask MPs to support the Climate and Ecological Emergency (CEE) Bill. This involves phoning or emailing MPs with a script about supporting the bill.
A Telegram channel for the group is filled with activists sharing notes on the disgruntled reaction of government officials answering the calls, who are apparently swift to hang up. One person on the channel encouraged activists to continue, saying that causing annoyance was part of the aim.
However, some seemed to have more luck, with one person claiming that they were listened to for more than five minutes by a “pleasant person” in the public office who said they’d look into the CEE bill but could not state their position on it due to their job.
A spokesperson for Extinction Rebellion said: “Extinction Rebellion set up Digital Rebellion as a way for people to take action from home during Covid.
“Over the next 2 weeks we will be contacting key Government Departments that are contributing to the global disaster of climate breakdown. A lot of people taking part are elderly, unable to travel or for medical reasons are more vulnerable out on the ground during our rebellion.”
Asked for comment on the group’s actions, a government spokesperson said: “It is plainly wrong to prevent public organisations and civil servants from providing vital services millions of British citizens rely on.
“Guidance has been issued to help minimise any disruption to digital services.
“The National Cyber Security Centre continues to support government departments, offering access to the best cyber security advice and guidance.”
The style of disruption is reminiscent of a distributed denial of service (DDoS) attack – where a service is disrupted by being flooded with superfluous requests to prevent legitimate ones being responded to. But a spokesperson for Extinction Rebellion said: “We are mass emailing MPs through normal channels via real people not bots.”