The Foreign Office Hack

Alex Archondakis

Managing Consultant

Alex is one of our managing consultants here at Pentest People. Focusing mainly on web application penetration testing. Alex has spoken at many key events while with us, including BSides London and even DSS ITSEC Latvia.

The Foreign Office Hack

The UK’s Foreign Commonwealth and Development office (FCDO) was the target of a “serious cyber security incident”, it has emerged. The BBC understands unidentified hackers got inside the FCDO systems but were detected. This is just the latest in a spate of Phishing Attacks on government departments in what seems to be an attempt to gain access to sensitive information. It comes as no surprise that cyber security is now a top priority for government organisations, but they are finding that they are increasingly coming under fire from malicious actors online.

Prefer a video over a good read? Watch one of our Senior Consultants break down the Foreign Office attack and give some fast and effective advice for you to protect yourself from these hacks. Jump down to the vid.

How The Hackers Got Inside The FCDO Systems

The hackers are reported to have got inside the FCDO systems in the Foreign Office through a “spear phishing” attack. This is where an attacker sends an email that looks like it is from a trusted source, in order to trick the recipient into opening an attachment or clicking on a link that will give the hacker access to their system. Once the hacker is inside the system, they can steal sensitive information or plant malware that can be used to take control of the system.

What Happened After The Foreign Office Hack

The FCDO discovered the attack and immediately shut down their systems to prevent any further damage to the Foreign Office. A spokesperson for the department said: “We are confident we have mitigated this threat”. It has revealed that cyber security from BAE Systems Applied Intelligence was called on for “urgent support”.

A spokesperson for the FCDO told the BBC” “we don’t comment on security but have systems in place to detect and defend against potential cyber-attacks”.

FCDO Declines To Comment Further

“The authority was the target of a serious cyber security incident, details of which cannot be discussed. In response to this incident, an urgent response was required to support remediation and investigation. The awarded supplier is the authority’s long term incumbent service management integrator and as such had resources on-site with significant knowledge and understanding of the authorities infrastructure”, noted the tender document”.

What Can Be Done To Prevent This Happening Again?

The FCDO has not commented further on the nature of the Foreign Office hack, or what measures have been put in place to prevent a similar incident from happening again. However, it is clear that they will need to step up their cyber security defences if they are to avoid being targeted by hackers.

The Foreign Office Hack – News Bite


Video/Audio Transcript

So today I'm here with jasmine, one of our cybersecurity consultants. And she's going to talk us through the Foreign Office hack that happened last week. And that broke the news. So Jasmine, potentially, could this be a new concern for businesses and to insensitive, and she's definitely something that we need to take into consideration and really take seriously. We've got the potential of nation state hackers going out against other states to gather potential information, political reasons. But then also, I'd say the other small businesses are at risk as well. And it's time to start taking cybersecurity seriously.
So what what businesses do you think is the most vulnerable, like smaller businesses, bigger businesses, or just in general?
The small businesses? Because they probably got less of a budget for cybersecurity? Yes. Yeah, so they're gonna have more vulnerabilities probably exposed that they possibly don't even know about, whereas the nation states can invest a lot more into into the defences.

So how can the Foreign Office prevent this from happening? Again?
It's difficult to say really, but definitely investing in more penetration testing, and getting defensive assessment it health checks, things like that, and just trying to ensure that all the security is up to standard.
And what can what can people do like everyday like individuals, what can they? What can they do to protect themselves like those that aren't necessarily businesses, but just like individuals want to protect themselves? What can they do?


At home, I would say definitely keeping your passwords a lot more secure, keeping things up to date, that's always something that people get caught out on is, if you've got software that's out of date on supported and you might not even realise it. But yeah, things like that password back best practices. And just trying to might be pressing on things that you don't believe are true, like emails and things like that, because then you can, you know, move forward, but you could ensure stolen, which can turn into a much worse attack.


So what sort of advice would you give for passwords, like what sort of, if you give us three things that you would recommend passwords,
not using something common and definitely using a mixture of a range of big letters and small letters and numbers and things like that, and if you can symbols, and keeping them as long as you possibly can? Yes, it's like less guessable. You don't want to be using something that's quite obvious, or even just a word because they can be unencrypted, sorry, and cracked. So you want to not be using something like a common word, maybe use things like word letters that would stand for it. So maybe I have a big dog, you would put a h b, d by instead of writing out the word,and like also maybe like, replacing letters with numbers.


Definitely absolutely idea, like a sign or one with exclamation mark.


Perfect. And well, thank you, Jasmine for talking us through that. And join us next week when we will be talking about the next major news story with Emma. Thank you.