Foreign Office Suffered ‘Serious Cyber Security Incident’

The Foreign Office suffered a major cybersecurity incident that saw it bring in additional support with “extreme urgency” from its cybersecurity contractor BAE Systems Applied Intelligence.

News of the attack was first revealed by the Stack, which said the government had only revealed the existence of the “serious cyber security incident” affecting the Foreign, Commonwealth and Development Office (FCDO) through a public tender announcement.

There is no word on when the attack took place, and what type of attack it was, the damage caused etc, as details have not been publicly disclosed.

Cyber incident

However, contract information released by the government on Friday 4 February shows that the department was forced to call in “urgent support” from the security firm “to support remediation and investigation”.

BAE reportedly received just over £467,000 for analysis it provided to the government.

This would suggest the attack was at the severe end of the scale.

The FCDO initially refused to comment on the incident when approached by The Stack. The department employs 17,300 staff in diplomatic and development offices, including 280 overseas embassies and high commissions.

“The Authority was the target of a serious cyber security incident, details of which cannot be disclosed,” the tender document states, explaining the urgent payment to BAE.

“In response to this incident, urgent support was required to support remediation and investigation,” the document states.

“Due to the urgency and criticality of the work, the Authority was unable to comply with the time limits for the open or restricted procedures or competitive procedures with negotiation,” the document adds.

The contract to BAE concluded on 12 January according to the document.

BAE reportedly provided “business analyst and technical architect support to analyse an authority cyber security incident.”

“We do not comment on security but have systems in place to detect and defend against potential cyber incidents,” an FCDO spokesperson was quoted by Sky News as saying.

According to the Stack, the Information Commissioner’s Office (ICO) said it has not been contacted by the FCDO.

Russia tensions

It comes after GCHQ’s National Cyber Security Centre (NCSC) last month warned British organsisations to prepare their cyberdefences in light of the worsening geopolitical situation in the Ukraine.

Amid the tense stand-off, Ukraine recently suffered a massive cyberattack that impacted at least 70 government websites, as well as the US, UK and Swedish embassies.

The most recent Ukraine cyberattack warned the public to “be afraid and expect the worst”, which Ukraine has publicly stated was orchestrated by Russia.

The former and founding head of NCSC, Ciaran Martin, told Sky News this week that Russia attacks both commercial and governmental targets.

He said that Russian attacks range from basic to sophisticated, and “they are at all the time.”

Martin also warned that Russia carries out ‘pre positioning’, which technical term for lurking in networks, waiting for the right time to strike or just to gather intelligence.

Martin told Sky News this week that the Ukraine can expect “severe” levels of cyber attacks from Russia, with potential “repercussions” for the UK, if tensions continue to rise.