The Courier & Advertiser (Fife Edition)
International hackers targeted Foreign Office, experts reveal
An international hacking group targeted the Foreign Office in a campaign lasting several months, cyber security experts have revealed.
The Callisto Group is “highly motivated and well resourced” and thought to be involved in intelligence gathering about foreign and security policy.
Cyber security firm F-Secure claimed the group’s infrastructure has links with Russia, China and Ukraine, but did not offer any definitive conclusions about who was behind Callisto.
The Foreign Office (FCO) was one of the organisations targeted by Callisto in 2016, with other targets including military personnel, government officials, think tanks and journalists in Eastern Europe and the South Caucasus.
The Government faces tens of thousands of cyber attacks every month and is aware of several established, capable state and state-sponsored groups seeking to penetrate UK networks.
In a report on Callisto’s activities, F-Secure said that in October 2015 the group used “phishing” techniques – sending emails purporting to come from Google suggesting that their Gmail accounts were about to be closed – to harvest security credentials.
In early 2016 “spear phishing” emails with malicious attachments – appearing to be from people known to the recipient – were sent in “highly targeted” attacks aimed at government officials, military targets, think tanks and journalists.
The malware contained in the attacks would have enabled Callisto to gather basic information and screenshots – but also install further software which could have given the group full remote access to the machine and its data.