The UK government has confirmed reports that its Foreign Office was hacked – but won't say whether or not China was behind the operation.
Last week, the Sun reported that Chinese hacking group Storm 1849 had breached the UK Foreign, Commonwealth and Development Office (FCDO) in October and stolen tens of thousands of files — potentially including personal information including details about visa applicants.
Indeed, a separate report from Sky news suggested it was a Home Office system targeted, which was run by the FCDO.
A government spokesperson admitted the attack: "We have been working to investigate a cyber incident. We take the security of our systems and data extremely seriously."
Limited confirmation
A day later British trade department minister Chris Bryant confirmed the attack while speaking to various media outlets – but said he couldn't say who was behind the attack or whether China was involved.
"There certainly has been a hack," Bryant told Times Radio, according to Reuters. "I'm not able to say whether it is directly related to Chinese operatives, or indeed, the Chinese state."
Bryant told Sky News that the government became aware of the attack in October and didn't believe individual data had been accessed, adding it remained unclear who was behind the incident.
He suggested that the reporting around the hack was "a bit more speculation than accurate," accusing the Sun of "slightly over-egging the kind of details that are available at this stage."
However, Bryant also admitted that the government could share "remarkably little" about the incident despite investigating for several weeks. He did say that the "hole" was closed quickly, and that the attackers exploited a "technical issue", Sky noted.
Bryant added: "And we're fairly confident that there's a low risk of any individual actually being affected by this."
China or not?
The Sun report pinned the blame on China and the Storm 1849 hacking group, noting that it has been previously accused of targeting the UK government via attacks against MPs and the Electoral Commission.
In October, Prime Minister Starmer was forced to deny that his government was hoping to appease China, after a spying case involving the country was dropped. Earlier in December, Starmer admitted that China posed "national security threats" to the UK.
The Chinese embassy in the UK said via a spokesperson, per Sky News: "We strongly oppose such false accusations targeting China. China is a staunch defender of cybersecurity and one of the major victims of cyber espionage and attacks."
Attacks on the UK
The incident follows serious hacks against major British businesses and institutions, including the ransomware attack against the British Library in 2023 and major retailers M&S and Co-op this year. Jaguar Land Rover was also knocked offline, halting car production, following a cyber attack this year.
The public sector is particularly at risk, experts told ITPro last year, as lower budgets make it harder to fill security professional roles.
Indeed, industry experts have called for the government to increase its security budget amid the rise in attacks, in particular as hackers have started to target critical national infrastructure.
FOLLOW US ON SOCIAL MEDIA
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
Data center investment reached a record $61 billion this year
atNorth bolsters leadership bench with double appointment
