Foreign Office targeted in a ‘serious cyber security incident’

Britain’s Foreign, Commonwealth & Development Office (FCDO) was the target of a serious cyber security incident that forced it to seek urgent cyber security help from one of its cyber security contractors.

The existence of the incident was revealed in a public tender document posted on the government’s website, as discovered by The Stack.

The document, published on February 4, revealed that the FCDO called in ‘urgent business support’ after detecting the breach.

‘The Authority was the target of a serious cyber security incident, details of which cannot be disclosed,’ the tender document said.

The Department paid BAE Systems Applied Intelligence, FCDO’s cyber security contractor, £467,325.60 for its assistance in remediation and investigation of the incident.

The FCDO said it issued a contract for ‘business analyst and technical architect support to analyse an authority cyber security incident’.

‘BAE Systems was the only tender received, as the FCDO was unable to comply with the time limits for the open or restricted procedures or competitive procedures with negotiation due to the urgency and criticality of the work,’ the Office said.

The contract was awarded without competitive tender due to the ‘extreme urgency’ of the situation, according to the Office.

BAE’s contract was concluded on 12 January 2022, although it has not been confirmed when the incident took place or what was the extent of the damage.

When approached to comment on the incident, the FCDO told The Stack that it does not ‘comment on security but have systems in place to detect and defend against potential cyber incidents’.

The BBC claimed in a report that hackers were able to breach the FCDO systems but they were detected before accessing any classified or sensitive data.

The FCDO employs nearly 17,300 staff in diplomatic and development offices, according to The Stack.

Details of the incident come days after a major data breach was uncovered affecting the British Council, an organisation that specialises in international cultural and educational opportunities.

An investigation by Clario researchers found that hundreds of thousands of British Council students had their login and personal details exposed in a worrying breach that occurred as a result of an unsecured Microsoft Azure blob.

Last month, the UK’s National Cyber Security Centre (NCSC) also urged large organisations to beef up their defences against possible Russian cyber attacks in the wake of rising tensions over the situation in Ukraine.

The NCSC said it was important that organisations follow the recommendations, to remain resilient and ahead of potential threats.

NCSC’s guidance followed similar statements from the US federal agencies, including the Department for Homeland Security and the Cybersecurity and Infrastructure Security Agency.

Companies in the United States were told to adopt a ‘heightened state of awareness’ and watch for signs of intrusions by Russian hackers in their networks.

Last month, Canada’s foreign ministry was hit with a cyber attack, affecting ‘some access to internet and internet-based services’.

Treasury Board of Canada Secretariat (TBS) revealed that the attack targeting Global Affairs Canada (GAC) was detected on 19th January, following which appropriate measures were taken to mitigate the risk.

Also last month, multiple Ukrainian government websites came under a sustained hacking attack, with the attackers leaving menacing messages apparently aimed at intimidating Ukrainian citizens.

The attackers targeted websites belonging to the Ministry of Foreign Affairs, the Cabinet of Ministers, the ministries of energy, education, and agricultural policy and the ‘Diia’ platform.

They warned Ukrainians to “be afraid and expect the worst”.

The attackers also claimed that they had stolen Ukrainians’ personal data from the targeted agencies, and uploaded it online. Ukraine, however, said no such theft had taken place.

Source: Computing