Russian hackers were able to access highly-sensitive and confidential U.S.-UK trade documents after breaching the email account of Conservative MP and former trade minister Liam Fox ahead of 2019 elections in Britain.
Dr Liam Fox, the MP for North Somerset who served as the International Trade Secretary between 2016 and 2019 and also served as Defence Secretary between 2010 and 2011, had his email account breached on multiple occassions between July 12 and October 21 last year, according to Reuters.
In July, Dr Fox was nominated by the government as the next Director-General of the World Trade Organization, with Prime Minister Boris Johnson describing him as "a passionate advocate of multilateralism, who brings detailed knowledge of the global trading system from his years as a UK Cabinet Minister and Secretary of State for International Trade."
According to several sources contacted by Reuters, Russian hackers used spear-phishing messages to target Liam Fox and obtain his password and login details. Using this technique, they were able to gain access to "six tranches of documents detailing British trade negotiations with the United States" that were later leaked online by a Russian disinformation campaign.
The leaked documents that were obtained from Mr Fox's email account were later used by the Labour Party in their election campaign to highlight concerns about the Conservatives planning to put the NHS "up for sale". Jeremy Corbyn shared the 451-page document online in December, stating that the Conservatives aimed to make the NHS a part of post-Brexit discussions.
Responding to Corbyn's allegations, Liam Fox said that even though the documents were genuine, the Labour Party was misleading the public about U.S.-UK trade talks and that the documents were being used in the "most disgraceful way by Jeremy Corbyn".
The hacking of Liam Fox's email account and the theft of classified government data is presently being investigated by law enforcement agencies. “There is an ongoing criminal investigation into how the documents were acquired, and it would be inappropriate to comment further at this point,” said a British government spokeswoman.
Commenting on the hacking incident, Stuart Reed, UK Director of Orange Cyberdefense, told TEISS that practitioners in cyber security won’t be surprised in the slightest that documents leaked before the 2019 general election were stolen from Conservative MP Liam Fox’s email via a spear-phishing attack.
“Given the complexity and ever-evolving nature of the threat landscape, these kinds of acts are to be expected. Our recent Security Navigator report showed that organisations, no matter how large or small, are going to find themselves in a state of constant conflict with adversaries that are buoyed by geopolitical motivations and huge financial clout.
“Despite robust technical countermeasures against phishing attempts, social engineering attacks such as this, in which hackers prey on human vulnerabilities, are difficult to control. This incident underlines the critical importance of training employees and the role they play in a business’ strong cybersecurity posture.
“Unfortunately, the odds are always stacked in favour of the cyber criminals, and while the threat is evolving, an attack is inevitable. However, it is vital that organisations employ a layered approach of people, process and technology for optimal cybersecurity, emphasising detection, response and recovery. This is vital to restoring trust when the inevitable compromise happens,” he added.
This isn't the first time that Russian hackers have carried out cyber attacks targeting British politicians and government departments. In 2017, The Times reported that 'private log-in details of 1,000 British MPs and parliamentary staff, 7,000 police employees, and more than 1,000 Foreign Office officials' were freely available on websites run by Russian hackers.
Overall, 2,944 of all hacked email addresses and passwords belonged to officials at the Department for Work and Pensions, 1,442 to officials at the Department of Health, 1,392 to officials at the Foreign & Commonwealth Office and 938 to officials at the Ministry of Justice. Hackers had reportedly gained access to email accounts that featured weak passwords.
In the same year, it came to light that hackers had infiltrated as many as 90 email accounts belonging to MPs including Prime Minister Theresa May as well as several of her cabinet colleagues. A parliamentary spokesman confirmed that these accounts were protected by weak passwords that were exploited by hackers.
“Investigations are ongoing, but it has become clear that significantly fewer than 1% of the 9,000 accounts on the parliamentary network has been compromised, as a result of the use of weak passwords that did not conform to guidance issued by the Parliamentary Digital Service," said the spokesman.
Image Source: WTO