The Foreign, Commonwealth & Development Office was targeted in a “serious cyber security incident” in January, according to information contained in a U.K. government contract award notice. FCDO did not otherwise publicly announce the incident or provide details on its reach.
Exclusive: ICRC says cyberattack was 'state-like' in nature
A cyberattack against the International Committee of the Red Cross compromised the data of more than 500,000 people, the organization says.
A contract worth over £467,000 ($633,000) was taken up last month by major defense company BAE Systems Applied Intelligence to provide “urgent business support” to FCDO, according to the document, which was published Friday.
The contract, whose purpose was to provide “Business Analyst and Technical Architect support to analyse an Authority cyber security incident,” concluded Jan. 12.
The contract process was uncompetitive because of the “Extreme urgency brought about by events unforeseeable for the contracting authority,” the document said, referring to FCDO. This meant the department was unable to “comply with the time limits for the open or restricted procedures or competitive procedures with negotiation,” it added.
“The Authority was the target of a serious cyber security incident, details of which cannot be disclosed. In response to this incident, urgent support was required to support remediation and investigation,” the document said.
BAE Systems is a “long term” supplier to FCDO and “had resources on site with significant knowledge and understanding of the Authority's infrastructure,” the notice said.
What happened? Asked for further information about the “incident,” who was behind it, and whether any sensitive information was compromised, an FCDO spokesperson said, “We do not comment on security but have systems in place to detect and defend against potential cyber incidents.”
The revelation came amid increasing concern around the cybersecurity of major institutions involved in development. While there is no suggestion that the two events are linked, Devex reported Monday that a hack targeting the International Committee of the Red Cross was “state-like” in nature, according to the organization.
About the author
William Worley@willrworley
Will Worley is the Climate Correspondent for Devex, covering the intersection of development and climate change. He previously worked as UK Correspondent, reporting on the FCDO and British aid policy during a time of seismic reforms. Will’s extensive reporting on the UK aid cuts saw him shortlisted for ‘Specialist Journalist of the Year’ in 2021 by the British Journalism Awards. He can be reached at william.worley@devex.com.
