Foreign Office Targeted by Cyber Attack | iPhone Flaws | ESET Threat Report

Article by Christopher Lauder, Delegate Relationship Executive, Rela8 Group

Foreign Office Targeted by Cyber Attack

The UK Foreign Office has been targeted by a “serious cyber security incident”. It isn’t clear what kind of incident it was, who conducted the incident, or what damage was caused, however it is understood that unidentified hackers got inside the Foreign Office network but were detected. The incident only came to light due to a recently revealed public tender document. 

In the tender document it was revealed that BAE Applied Intelligence had provided “urgent business support” to the Foreign Office and received £467,325 for analysis provided to the Government.

When explaining the payment, the Foreign Office said:

“The Authority was the target of a serious cyber security incident, details of which cannot be disclosed. Due to the urgency and criticality of the work, the Authority was unable to comply with the time limits for the open or restricted procedures or competitive procedure with negotiation.”

Though the document does not state when the incident began, the contract to BAE concluded on January 12th, 2022.

Interestingly, in the BBC’s article covering this, they conclude their article with a piece of trivia: The first known breach of a UK Government network happened in 2003 when the Foreign Office was hit by hackers, thought to be linked to China, using an email relating to Tibet to get inside the governments systems.

Source - Foreign Office Breach - Sky News

Source - Foreign Office Breach - Computing

Source - Foreign Office Breach - BBC News

Source - Foreign Office Breach - The Times

Source - Foreign Office Breach - The Stack

iPhone Flaws

You may remember that last year a flaw in Apple’s software was exploited by Israeli surveillance firm NSO Group. However, according to Reuters, this flaw was not only exploited by the NSO Group and its Pegasus spying software, but it was also exploited by another Israeli company called QuaDream.

Both of these companies sell smartphone hacking tools to governments. The solutions these companies make are a cause for concern, as the victims don’t need to click on a link to be compromised. Experts analysing the intrusions believe that the two companies used very similar software exploits, known as ForcedEntry, to hijack the devices.

When Apple fixed the flaws in September 2021, it rendered both NSO and QuaDream’s software ineffective.

Bringing us to 2022, last Thursday Apple has rushed out software updates to fix an actively exploited zero-day security flaw. Apple will often bundle several bug and vulnerability fixes into each update, however the fact that this update is just to fix one security flaw suggests that this flaw is significant.

Source - iPhone Security Flaw - Reuters

Source - iOS Update - ITWorldCanada

Source - iOS Update - CNet

Source - iOS Update - The Hacker News

ESET Threat Report

Finally, ESET has released their T3 2021 Threat Report which examines 2021 trends and their outlook on 2022.

The report goes into great detail on ESET investigations into Advanced Persistent Threat (APT) groups and their campaigns, such as BladeHawk, Lazarus, FamousSparrow, many of which you’ll recognise if you keep up to date on cyber security news.

They examine statistics and trends such as the top 10 malware detections, infostealers and how banking malware is on the rise, ransomware and cryptocurrency threats, as well as IoT security and a whole host of other security concerns!

I’d highly recommend taking a few minutes and getting stuck into this report. A direct link to view it as a PDF is below.

Source - ESET Threat Report PDF