UK Foreign Office calls in ‘urgent support’ after cyber incident

The U.K’s Foreign Office was the target of a “serious incident” that forced it to request urgent cybersecurity help.

The incident was confirmed in a recently released public tender document. This document, published on February 4, reveals that the Foreign, Commonwealth and Development Office (FCDO) called in “urgent business support” from its cybersecurity contractor, BAE Applied Intelligence.

According to the notice, the FCDO paid the company £467,325.60 — about $630,000 — for its assistance after issuing a contract for “business analyst and technical architect support to analyze an authority cyber security incident,” which concluded January 12, 2022.

But details about the incident — which had not previously been made public — remain unknown.

“The Authority was the target of a serious cyber security incident, details of which cannot be disclosed,” the document reads. “In response to this incident, urgent support was required to support remediation and investigation. Due to the urgency and criticality of the work, the Authority was unable to comply with the time limits for the open or restricted procedures or competitive procedures with negotiation.”

Details of the BAE contract were first reported by The Stack.

An FCDO spokesperson, who did not provide their name, told TechCrunch that the office does not comment on security, but has “systems in place to detect and defend against potential cyber incidents.” The spokesperson declined to answer further questions about the incident, such as whether classified information had been accessed.

TechCrunch also contacted the U.K.’s data protection authority to confirm if the incident was reported, but has not yet received a response.

News of the apparent incident comes days after a significant security lapse was uncovered affecting the British Council, an organization that specializes in international cultural and educational opportunities. Security researchers at Clario found 144,000 unencrypted files on an unprotected Microsoft Azure storage server, which included personal and login details of British Council students.

In December 2020, Wilton Park, a Sussex-based executive agency of the FCDO, was hit by a cyberattack, which following an investigation by the U.K.’s National Cyber Security Center, found that hackers had access to the agency’s systems for six years, though there was no evidence that data had been stolen.