British Foreign Office Hacked

Uploaded on 2022-02-15 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Britain's Foreign, Commonwealth and Development Office (FCDO) was the target of a serious cyber security incident last month. The details only came to light via a tender document published on a government website, apparently made public by mistake, revealing that cyber security firm BAE Systems Applied Intelligence was called in for "urgent support" in an incident in which unidentified hackers got inside the FCDO systems, but were detected.

“The Authority was the target of a serious cyber security incident, details of which cannot be disclosed. In response to this incident, urgent support was required to support remediation and investigation,” said the FCDO. 

According to the notice, the FCDO paid the company £467,325.60 ($630,000) for its assistance after issuing a contract for “business analyst and technical architect support to analyse an authority cyber security incident,” which concluded in January 2022. It is not thought that any classified or highly sensitive material was breached. It is also not clear when the incident took place, but the contract finished on 12th January.

A number of foreign states have been accused of major espionage campaigns in the past, including Russia and China, and foreign ministries of a number of states are regularly targeted.

The tender details say that BAE Systems was "the Authority's long-term service management integrator... Due to the urgency and criticality of the work, the Authority was unable to comply with the time limits for the open or restricted procedures or competitive procedures with negotiation."

The report suggests the National Cyber Security Centre (NCSC) was also called in to manage cyber security “incidents” affecting the public sector approximately 300 times between September 2020 and August 2021.

Gov.UK:      BBC:      Techcrunch:    The National:       The Stack:       Independent:  

You Might Also Read: 

Ransomware Attack On French Ministry of Justice:

 

« Ransomware Attacks On Transport & Logistics Centres
Military Operating Systems Bring AI To The Battlefield »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Arxan Technologies

Arxan Technologies

Arxan is a leader of application attack-prevention and self-protection products for Internet of Things (IoT), Mobile, Desktop, and other applications.

Mocana

Mocana

Mocana provides a software platform that allows you to develop, test and distribute more secure IoT devices and services.

Featurespace

Featurespace

Featurespace is a world-leader in Adaptive Behavioural Analytics and creator of the ARIC platform for fraud and risk management.

Cloud Managed Networks

Cloud Managed Networks

Cloud Managed Networks provides enterprise grade IT network solutions for cloud-based and on premise network security, Wi-Fi, data switching, collaboration, device management and more.

Evanston Technology Partners (ETP)

Evanston Technology Partners (ETP)

ETP provides services and solutions to enable and transform businesses in the areas of cybersecurity, data protection, and efficient operations practices.

Critical Insight

Critical Insight

Critical Insight provide Managed Detection and Response, Vulnerability Detection, and Consulting Services to help you secure your mission-critical systems.

Google for Startups

Google for Startups

Google for Startups is Google’s initiative to help startups thrive across every corner of the world.

Prodera Group

Prodera Group

Prodera Group is a specialist technology consulting partner trusted to help navigate the complex and dynamic lifecycle of change and transformation.

Pacific Cyber Security Operational Network (PaCSON)

Pacific Cyber Security Operational Network (PaCSON)

PaCSON is an operational cyber security network of regional working-level cyber security experts in the Pacific.

Stripe OLT

Stripe OLT

At Stripe OLT, we provide complete business technology solutions - Our team has an unrivalled reputation as a Microsoft Gold Partner, specialising in secure, cloud-first technology.

Appurity

Appurity

Appurity specialises in mobile and application security, delivering comprehensive solutions across all verticals.

Anchor Technologies Inc (ATI)

Anchor Technologies Inc (ATI)

Anchor provides a full spectrum of cybersecurity services assisting our clients with all aspects of cybersecurity risk planning, identification, management, and monitoring.

BCX

BCX

BCX, a subsidiary within Telkom Group, is one of Africa’s largest systems integrator and digital transformation partners for enterprises and public sector organisations.

Infosec Ventures

Infosec Ventures

Infosec Ventures incubates and scales cyber security innovators that solve inefficiencies in cyber security.

Blind Insight

Blind Insight

Field-level searchable encryption plus fine-grained programmable access controls. All wrapped neatly in developer-friendly APIs and SDKs. Data protection perfection.

Dream

Dream

Dream is developing an AI platform that enables cyber resilience and protects nations from hostile nation-states cyber attacks.