The UK’s Foreign Office was the target of “a serious cybersecurity incident,” according to a document accidentally published on a government website.
The BBC reported that the tender document revealed that unidentified hackers infiltrated Foreign, Commonwealth and Development Office (FCDO) systems, but were detected. It added that cybersecurity company BAE Systems Applied Intelligence was called to provide “urgent support” for “remediation and investigation,” for which it was paid more than £467,000. This contract, which was awarded without competitive tender due to the “extreme urgency” of the situation, ended on January 12 2022.
There were few other details provided about the incident, including when it took place. However, it is not believed that the hackers obtained any sensitive or classified data. The tender document has since been removed from the website.
The BBC quoted a FCDO spokesperson as saying: “We do not comment on security but have systems in place to detect and defend against potential cyber incidents.”
There are concerns the incident may have been part of a cyber-espionage campaign designed to access classified government documents. Last year, data from Microsoft found that Russia accounted for the majority of state-sponsored attacks from July 2020 to June 2021, with the SolarWinds attackers dominating threat activity. The SolarWinds campaign alone compromised at least nine US government departments.
Last month, the National Cyber Security Centre (NCSC) warned UK organizations to prepare for Russian cyber-attacks amid the ongoing geopolitical crisis in Ukraine.