Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Callisto Group hackers targeted Foreign Office data in phishing scam, cybersecurity firm says

F-Secure says it cannot prove which country was behind the hack but the group had links to 'entities' in China, Russia and Ukraine

Caroline Mortimer
Saturday 15 April 2017 00:43 BST
Comments
The National Cyber Security Centre refused to say whether any Foreign Office data was compromised
The National Cyber Security Centre refused to say whether any Foreign Office data was compromised (Adrian Pingstone)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The UK Foreign Office was targeted by a group of determined and well-funded hackers over several months last year.

Research published by cybersecurity firm F-Secure suggested the attack was a “spear-phishing” campaign in which people are sent targeted emails with a link to a false login page to trick users into giving up their username and password.

The hackers created websites that looked like legitimate Foreign Office websites, including those for accessing an internal email account online.

The scam is believed to have been perpetrated by hackers who call themselves the Callisto Group.

F-Secure said it did not know whether the attack was successful and the National Cyber Security Centre did not say whether data had been stolen.

A spokesman told The Independent: “The first duty of Government is to safeguard the nation and as the technical authority on cyber security, the NCSC is delivering ground breaking innovations to make the UK the toughest online target in the world”.

He said it was trialling a new government-wide, Active Cyber Defence (ACD) programme to block phishing emails like this before they reach civil service inboxes.

F-Secure told the BBC the attack was part of a wider attempt by the Callisto Group to attack several targets, primarily in Eastern Europe, including “military personnel, government officials, think tanks and journalists”.

It added that there was some evidence the hackers were linked to a nation state but did not specify which one.

The company observed that some of the Callisto Group’s infrastructure had links to “entities” in China, Russia and Ukraine.

It follows the revelation that there was an attempt to disrupt the UK general election by Russian-backed hackers posing as Isis militants.

GCHQ uncovered a plot to target every Whitehall server and force every major TV broadcaster, including the BBC, Sky News and Channel 4, off the air on the day of the election.

It was discovered after the spy agency analysed a successful attack on the French broadcaster TV5Monde in 2015.

The group forced the channel’s scheduled programming off air for 18 hours and replaced them with a screen showing the terror group’s flag.

The inference with the UK’s government follows on from an ongoing probe into the Kremlin’s influence on the US elections last year.

Hacking groups such as DC Leaks, Fancy Bears and Guccifer 2.0 who were responsible for the leaking of damaging information about the Democrat party.

The most significant attack, the leaking of thousands of private emails between senior members of the DNC to Wikileaks by Fancy Bears, lead to the resignation of DNC Chair Debbie Wasserman-Schultz.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in