Foreign Office target of 'serious cyber incident'

  • Published
The Foreign, Commonwealth and Development Office signImage source, Getty Images
Image caption,
The details emerged via a document asking a security firm for help

The UK's Foreign, Commonwealth and Development Office (FCDO) was the target of a "serious cyber-security incident", it has emerged.

The details came via a tender document published on a government website, seemingly by mistake.

It revealed that cyber-security firm BAE Systems Applied Intelligence was called on for "urgent support".

The BBC understands unidentified hackers got inside the FCDO systems, but were detected.

A spokesperson for the FCDO told the BBC: "We do not comment on security but have systems in place to detect and defend against potential cyber incidents."

It is not believed that any classified or highly sensitive material was breached. It is also not clear when the incident took place, but the contract finished on 12 January of this year.

The contract was valued at £467,325.

The tender details were first reported by the publication The Stack. It says that BAE Systems was "the Authority's long-term service management integrator".

"Due to the urgency and criticality of the work, the Authority was unable to comply with the time limits for the open or restricted procedures or competitive procedures with negotiation."

A number of foreign states have been accused of major espionage campaigns in the past, including Russia and China, and foreign ministries of a number of states are regularly targeted - and often breached.

Foreign governments are frequently the target of cyber-espionage campaigns by other states seeking access to information about diplomacy and current events.

Russia and China have been accused of espionage campaigns by western countries in the past, such as the significant Solar Winds campaign by Russia unearthed a year ago.

US and UK intelligence agencies have also been accused of carrying out similar activity around the world, as revealed by former US National Security Agency employee Edward Snowden in 2014.

Last month it emerged that the Canadian Foreign Ministry had been targeted.

The US and UK have separately also issued warnings of the risk of the conflict of Ukraine spilling over into cyber-attacks against businesses and government systems.

The first known breach of a UK government network occurred in 2003 when the Foreign Office was hit by hackers, thought to be linked to China, using an email relating to Tibet to get inside government systems.