Hackers breach Foreign Office computers in cyber attack

a large stone building with a grassy field: MailOnline logo

© Provided by Daily Mail
MailOnline logo

A Foreign Office countryside estate that hosts high-level discussions about global security was besieged by a cyber attack last month.  

Hackers targeted Wilton Park, a government agency operating out of a 16th century mansion in West Sussex, it was revealed tonight.

There is no evidence they stole any data but the outpost’s security operation is being stepped up.

Sources said that the National Cyber Security Centre was called in to help investigate following the breach.

a castle on top of a grass covered field: Hackers targeted Wilton Park, a government agency operating out of a 16th century mansion in West Sussex, it was revealed tonight

© Provided by Daily Mail
Hackers targeted Wilton Park, a government agency operating out of a 16th century mansion in West Sussex, it was revealed tonight

It is understood the attack is not connected to the devastating cyber attack on the Solar Winds Orion software, which US officials pin on Russian hackers.

The Foreign Office has not commented on any suspects of its investigation, but tonight confirmed the breach, which was first reported by The Sun

A Government spokesperson said: ‘We take data security very seriously. There is no evidence at this stage that data has been taken following a cyber incident at Wilton Park.’

Officials stressed that Wilton Park’s computer system is less secure than the Foreign Office’s IT, which holds classified information.

However it is understood Wilton Park’s cyber defences will be upgraded in light of the hack.

a man sitting in front of a computer screen: There is no evidence hackers stole any data but the outpost's security operation is being stepped up (stock image)

© Provided by Daily Mail
There is no evidence hackers stole any data but the outpost’s security operation is being stepped up (stock image)

Based in an imposing countryside house looming over the 6,000 acres of the South Downs National Park, Wilton Park is used for forums with political, diplomatic and business leaders.

It was established in 1946 and takes its name from the Wilton Park estate in Buckinghamshire, which was used as a Prisoner of War camp during World War II.

The government describes Wilton Park as ‘a global forum for strategic discussion’.

‘It organises over 50 events a year in the UK and overseas, bringing together leading representatives from the worlds of politics, business, academia, diplomacy, civil society and media.’ 

Read more


Are we more vulnerable to hackers?

The Department of Justice now confirms that thousands of email accounts were breached in the recent SolarWinds Hack. Which begs the question: Are we more vulnerable, or is cyber security now just discussed more?

Think of computer systems like your house, said Donald McLaughlin with CP Cyber, a Denver-based cyber security firm.

“The more door and windows you add to a home, the more entry points,” McLaughlin said.

He says our population is catching up with technology, which is both incredible and not.

“With the compliance laws and the mandate to actually report that breaches happen, I think we see more of it,” McLaughlin said. “But as technology grows and more of it is used, yeah, we become more vulnerable.”

Technology has become so advanced that the trend is to use a cloud to store or manage systems or files. Cloud systems are programs like Dropbox or Microsoft OneDrive. Those are simple products used by consumers, but if you’re setting up a business or large management system, you have to have so much expertise that it’s often easier to pay a third party. That’s not easy on a budget, as consultants are pricy.

“Don’t subscribe to 15 different technologies and not know how to configure them,” McLaughlin said. “Keep it simple and as little technology out as possible to run your company or do what you need to do at home, because the more exposure points, the more at risk you are.”

He says go back to the basics, be as simple as possible, vet your vendors, and ask security questions about breaches and data housing. As for the SolarWinds hack, the damage is done. The IT company posted a security update on their homepage.

“It appears that the motive was to get ahold of emails so they essentially hijacked emails from different organizations and obtained access to emails and as we know, those emails contain a myriad of sensitive information,” McLaughlin said.

These kinds of attacks, McLaughlin said, happen all the time.

“Truly the attackers are getting the biggest bang for their buck when they attack these supply chains,” McLaughlin said. “For example, if Microsoft got hacked and their update had an embedded virus in it, that’s everyone.”

So, how do you keep up?…


Hackers get patients’ PHI after inflicting malware on Florida hospital’s computer network

hit by a malware attack in November that exposed patients’ protected health information, the Doral, Fla.-based hospital announced Jan. 8.

The hospital discovered Nov. 8 that portions of its computer network were infected with malware. Leon Medical Centers took its systems offline immediately after discovering the cyberattack, according to the news release.

LMC’s investigation revealed that hackers accessed patients’ information including names, Social Security numbers, financial details, Medicaid numbers and health insurance details.

The hospital is still identifying affected individuals and said it will mail written notification letters as soon as possible.

More articles on cybersecurity:
LSU Health discovers September cyberattack extended to partner hospital 
West Virginia health center email breach exposes 3,700+ patients’ info
Maryland hospital brings EHR back online 1 month after ransomware attack


Rogue is An Android Malware That Gives Hackers Full Control Over a Phone: Here’s What We Know

A new type of Android malware that provides hackers with a nearly-full access to a user’s Android smartphone is doing the rounds on underground forums. Called ‘Rogue’ remote administration tool (RAT), the malware infects victims with a keylogger, allowing attackers to easily monitor the use of websites and apps in order to steal usernames and passwords, as well as more sensitive information like a user’s financial data. The malware, according to reports, is available on underground forums for as low as $29.99 (roughly Rs 2,200).

This low-cost malware threatens a full-scale takeover of a victim’s smartphone, monitoring the GPS location on the target, taking screenshots, using the camera to take pictures, secretly recording audio from calls and more. The virus does all this while being hidden from the owner of the smartphone. All an attacker needs is their own smartphone to issue commands on an infected device. This malware has been detailed by cybersecurity researchers at Checkpoint Research as a combination of two previous families of Android RATs – Cosmos and Hawkshaw – and demonstrates the evolution of malware development on the dark web.

While there is no single way in which hackers install Rogue, it is usually pushed on a victim’s smartphone either by phishing, malicious apps, or other such methods. After being downloaded on a smartphone, Rogue asks for permissions that it needs for the hacker to remotely access a smartphone. If the permissions are not granted, it will repeatedly ask the user to grant them until they do (like many other apps these days).

Once the permissions are granted, Rogue registers itself as the device administrator and hides its icon from the home screen. If the user tries to remove it as the administrator, they are met with a “Are you sure to wipe all the data?” prompt, something that mostly scares people off attempting to remove the installation, fearing they’ll wipe their entire device.

The Rogue RAT exploits Google’s Firebase service for apps in order to pretend to be a legitimate app on the device and help it remain embedded and active. Once successfully installed on a device, the malware also installs its own notification service, allowing hackers to…