The breach raises concerns about cyber security measures at the heart of government
Hackers from Russia and China infiltrated the Foreign Office’s emails and internal messages without the public’s knowledge, it has been revealed.
The major security breach meant cyber attackers were able to see the day-to-day business of the government department in 2021.
The cyber attacks were enabled because a Foreign Office staff member ‘probably accidentally’ downloaded malware hidden in an email, the i revealed.
While the breach did not give them access to classified information, it has raised concerns about security measures in place in government at the time.
A source said: ‘The issue with government departments is that they are culturally apathetic about security and particularly cyber security.’
Insiders from GCHQ and the Foreign Office revealed hackers would have been able to access correspondence from ambassadors or diplomats positioned abroad not marked as classified.
This could have compromised relationships with allies because private communications could have been read by Russia and China.
Sources from GCHQ and the Foreign Office said Russia and China accessed the systems at the same time in separate attacks.
The major security breach from Russia and China against the Foreign Office happened in 2021 (Picture: AP)
‘At one point we believe both were on there,’ a GCHQ insider revealed.
‘It was very embarrassing and caused great stir in government because they didn’t know whether they should admit it or not.
‘It would have been an enormous amount of information. But none of it should have been classified, just daily business stuff.’
The news comes after the data of millions of voters could have been accessed after the Electoral Commission revealed it was hacked for more than a year.
‘Hostile actors’ first gained access to the regulator’s systems in August 2021, but were only discovered in October last year after ‘a suspicious pattern of log-in requests’.
The commission said it did not know who was behind the attack, and no one has yet claimed responsibility for it.
A source said the government is ‘apathetic’ about cyber security (Picture: Shutterstock)
However, it said it was unlikely the hostile actors would be able to influence the results of an election.
A range of global companies including British Airways and Boots warned their staff about a cyber attack that compromised personal information.
The hack had suspected links to a Russian-speaking cybercrime gang called Clop.
The incident related to a flaw in a piece of software called MOVEit Transfer, used by thousands of companies globally to transfer files, which could be exploited by cyber criminals.
Get in touch with our news team by emailing us at [email protected].
For more stories like this, check our news page.
It meant they were able to see the day-to-day business of the government department.