FCDO A.I CyberSecurity Scoring
FCDO
Company Information
Website:https://www.gov.uk/government/organisations/foreign-commonwealth-development-office
Employees number:6,492
Number of followers:417,927
NAICS:92
Industry Type:Government Administration
Homepage:www.gov.uk
FCDO Risk Score (AI oriented)
Between 700 and 749
FCDOGovernment Administration
Updated:
09/03/2026
09/03/2026
703/1000
Moderate
Ba
FCDO Global Score (TPRM)
xxxx
FCDOGovernment Administration
Score locked

FCDOModerate
Current Score
703Ba (MODERATE)
01000
3 incidents
-36.33 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
710
Cyber Attack
05 Jul 2026 • FCDO
Foreign Office and UK Government: Russian hackers infiltrate UK government emails in cyberattack targeting Foreign Office officials
APT28 Exploits DNS Hijacking to Breach UK Government Email Accounts
691
CRITICAL-19
FORGOV1783297461
APT28 Exploits DNS Hijacking to Breach UK Government Email Accounts
Russia’s state-backed hacking group APT28 (Fancy Bear), linked to the GRU’s Military Unit 26165, has compromised email accounts belonging to UK government and Foreign Office officials using DNS hijacking, marking a significant escalation in cyber espionage targeting Western democracies.
The attack, first flagged by the UK’s National Cyber Security Centre (NCSC) on April 7, 2026, exploited vulnerable internet routers to reroute traffic through malicious servers, silently harvesting login credentials, access tokens, and authentication details for email and web services. Unlike traditional phishing, this method intercepts legitimate traffic without requiring user interaction, making detection harder.
APT28’s campaign followed a two-phase approach: an initial opportunistic scan compromising over 18,000 networks, followed by a precision strike on high-value targets, including senior policymakers and diplomats. The NCSC attributed the attacks with high confidence to the GRU, noting the group’s long-standing focus on intelligence gathering rather than financial theft.
This tactic represents a tactical evolution from earlier spear-phishing campaigns (documented since 2018), shifting from social engineering to infrastructure-level compromise. While the NCSC emphasized that the primary goal remains espionage, the same vulnerabilities exploited in this attack unpatched edge devices and weak access controls pose risks across sectors, including crypto infrastructure.
The NCSC’s recommended mitigations firmware updates, strict access controls, and multi-factor authentication highlight persistent gaps between security best practices and real-world implementation.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JUNE 2026
708
MAY 2026
707
APRIL 2026
706
MARCH 2026
703
FEBRUARY 2026
703
JANUARY 2026
724
Cyber Attack
12 Jan 2026 • FCDO
UK Government’s Foreign Office: UK Council Cyber Attack Reveals Global Public Sector Risks
Kensington and Chelsea Council Cyber Attack
700
CRITICAL-24
FOR1768238639
UK Kensington and Chelsea Council Hit by Cyberattack, Exposing Hundreds of Thousands of Citizens’ Data
A recent cyberattack on Kensington and Chelsea Council in the UK has compromised the personal details of potentially hundreds of thousands of residents, highlighting the growing vulnerability of public sector institutions. The breach targeted shared IT infrastructure, which security experts warn is a critical weak point particularly in organizations relying on outdated systems.
Attackers exploited identity-based entry points, a common tactic where legitimate credentials are compromised to blend into normal activity. Once inside, cybercriminals can remain undetected for extended periods before launching disruptive attacks. The stolen data including names, addresses, national IDs, tax records, and health information can be weaponized for identity theft, fraud, and elaborate scams.
Security experts, including Dray Agha of Huntress and Gregg Hardie of SailPoint, emphasize that public sector organizations are prime targets due to their aging infrastructure and vast stores of sensitive data. The attack on Kensington and Chelsea Council underscores the risks of interconnected systems, where a single breach can cascade across multiple agencies, crippling essential services.
The UK government’s new cyber resilience action plan aims to bolster defenses, but concerns persist over whether sufficient funding is allocated to secure critical systems. Experts stress the need for proactive measures, such as continuous identity monitoring and network segmentation, to prevent low-level compromises from escalating into major incidents.
This breach follows a pattern of increasing attacks on public sector entities worldwide, from ransomware strikes in the U.S. to IT supplier breaches in Sweden and patient portal hacks in New Zealand. The incident serves as a stark reminder of the urgent need for resilient cybersecurity infrastructure in government and municipal organizations.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2025
723
NOVEMBER 2025
722
OCTOBER 2025
786
Breach
01 Oct 2025 • FCDO
Foreign Office: Government data stolen in hack, minister confirms
Government data stolen in hack, minister confirms
720
CRITICAL-66
FOR1766152814
UK Government Confirms Data Theft in Suspected Chinese-Linked Cyberattack
The UK government has acknowledged that sensitive data was stolen in a cyberattack targeting systems operated by the Foreign Office on behalf of the Home Office. Trade Minister Chris Bryant confirmed the breach, stating that the security vulnerability was swiftly addressed and that the risk to individuals remains "low." While officials have not publicly attributed the attack, sources suggest a China-affiliated group is suspected.
The incident, reportedly occurring in October, may have involved visa-related information. It has been referred to the Information Commissioner’s Office (ICO) for further investigation. UK intelligence agencies, including GCHQ, have previously warned of escalating cyber espionage efforts by China, which they describe as the most significant threat to national security.
The breach comes at a delicate time, as Prime Minister Sir Keir Starmer prepares for a planned visit to Beijing next year—the first by a UK leader since 2018. The Labour government has emphasized the necessity of engaging with China on trade, climate, and global governance while acknowledging the security risks posed by Beijing. China has consistently denied involvement in cyberattacks against the UK.
Cybersecurity experts note that government departments often rely on outdated IT systems, making them vulnerable to persistent threats. The incident underscores the ongoing challenge of balancing diplomatic relations with national security concerns.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2025
786
AUGUST 2025
786
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for FCDO ??
What was FCDO's A.I Rankiteo Cyber Score in June 2026 ??
What was FCDO's A.I Rankiteo Cyber Score in May 2026 ??
What was FCDO's A.I Rankiteo Cyber Score in April 2026 ??
What was FCDO's A.I Rankiteo Cyber Score in March 2026 ??
What was FCDO's A.I Rankiteo Cyber Score in February 2026 ??
What was FCDO's A.I Rankiteo Cyber Score in January 2026 ??
What was FCDO's A.I Rankiteo Cyber Score in December 2025 ??
What was FCDO's A.I Rankiteo Cyber Score in November 2025 ??
What was FCDO's A.I Rankiteo Cyber Score in October 2025 ??
What was FCDO's A.I Rankiteo Cyber Score in September 2025 ??
What was FCDO's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on FCDO's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with FCDO ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view FCDO's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?