IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Russia hacked Liam Fox's personal email to steal trade documents

Hackers accessed his account several times between July and October 2019 by gaining access using a spear-phishing attack

Hackers stole sensitive US-UK trade documents from the personal email account of the former secretary of state for international trade Dr Liam Fox in a spear-phishing exercise.

Documents leaked last year, and subsequently used by Labour during the general election to highlight discussions regarding the NHS, were initially obtained from the former government minister, according to Reuters.

Whitehall sources have indicated to The Guardian that they were not obtained from his parliamentary or ministerial accounts but a personal email account, prompting major security concerns in addition to the breach itself. 

Cyber criminals, said to be Russian-linked, reportedly accessed the Conservative MP's account multiple times between 12 July and 21 October last year, and stole information among which were six caches of documents revealing details behind trade negotiations with the US.

The nature of the breach, spear-phishing, would also raise major alarms. This method is deployed by hackers to obtain confidential information, such as account login details, illicitly by fooling the victim into providing them willingly. Such attacks often see cyber criminals pose as trusted or legitimate individuals when sending an email or on the telephone.

A spokesperson from the National Cyber Security Centre (NCSC) said the organisation has worked closely with parties and politicians on how to defend against cyber attacks. They also offered several links to support material, including guidance for individuals in politics, that aim to educate high-profile individuals about known cyber security risks.

“The NCSC works closely with political parties, local authorities and MPs, who are offered access to the best cyber security guidance and support,” the spokesperson said. “We have worked closely with political parties for several years on how to protect and defend against cyber attacks – including publishing advice on our website.

“There is an ongoing criminal investigation and it would be inappropriate to comment further at this stage.”

The government had only last month highlighted the incident as evidence that Russian state-linked cyber criminals were attempting to interfere in British politics. 

Related Resource

Close the gap in device security

Unprotected endpoints are quickly becoming a favourite attack vector

Download now

It isn’t at all uncommon for MPs and senior politicians to be targeted by phishing attacks, with the former shadow home secretary Diane Abbott having been targeted in November 2018, according to Metro.

Abbott admitted on Twitter she had initially been “taken in” by somebody claiming to be from her internet service provider, who was requesting remote access to her PC. This was in response to journalist Marcus Chown describing a similar ploy targeting him.

As for Liam Fox, the former international trade secretary actually resigned as defence secretary in 2011 after being found to have let a friend into sensitive defence meetings without appropriate security clearance.

Spear-phishing, meanwhile, has proven an effective means of targeting individuals and compromising security, after it was also the method hackers used in the recent infamous Bitcoin Twitter hack.

The company announced, following the attack, that it would review its security policies after confirming its staff were successfully targeted in a spear-phishing exercise. This allowed hackers to tweet from 45 high-profile accounts, and access direct messages of a subset of these individuals and organisations.

Featured Resources

Three ways manual coding is killing your business productivity

...and how you can fix it

Free Download

Goodbye broadcasts, hello conversations

Drive conversations across the funnel with the WhatsApp Business Platform

Free Download

Winning with multi-cloud

How to drive a competitive advantage and overcome data integration challenges

Free Download

Talking to a business should feel like messaging a friend

Managing customer conversations at scale with the WhatsApp Business Platform

Free Download

Recommended

Escape the ransomware maze
Whitepaper

Escape the ransomware maze

23 Aug 2022
Twilio account breach result of sophisticated social engineering campaign
Security

Twilio account breach result of sophisticated social engineering campaign

9 Aug 2022
Over 200,000 DrayTek routers vulnerable to total device takeover
Security

Over 200,000 DrayTek routers vulnerable to total device takeover

3 Aug 2022
Data on 69 million Neopets users stolen and listed for sale on hacker forum
Security

Data on 69 million Neopets users stolen and listed for sale on hacker forum

21 Jul 2022

Most Popular

BT and Cisco partner to help businesses responsibly dispose of unwanted IT equipment
sustainability

BT and Cisco partner to help businesses responsibly dispose of unwanted IT equipment

5 Oct 2022
What your hybrid workforce needs from their laptops
Advertisement Feature

What your hybrid workforce needs from their laptops

21 Sep 2022
How to secure your hybrid workforce
Advertisement Feature

How to secure your hybrid workforce

23 Sep 2022