Advertisement

Russian hackers stole leaked documents from Liam Fox's personal email account

Classified documents relating to US-UK trade talks were taken from a private email account belonging to Liam Fox, the former International Trade Secretary -  Fabrice Coffrini/AFP
Classified documents relating to US-UK trade talks were taken from a private email account belonging to Liam Fox, the former International Trade Secretary - Fabrice Coffrini/AFP

Russian hackers stole the contents of a former Cabinet minister's personal email account, it has emerged, as Whitehall departments admitted that ministers received only "informal" training in data security.

Classified documents relating to US-UK trade talks were taken from a private email account belonging to Liam Fox, the former International Trade Secretary. How the documents came to be in a private email account is expected to form part of an ongoing police investigation into the hack.

The Government does not explicitly ban the use of private email accounts for official business, but says all information must be handled in accordance with the law, including the Official Secrets Act.

Dr Fox's account, hosted online, was accessed multiple times by the hackers between July 12 and October 21 last year. While official Government email accounts are subject to monitoring overseen by the National Cyber Security Centre, private email accounts are not.

Documents obtained under Freedom of Information requests show that ministers are offered briefings on data security but do not have to demonstrate that they have understood that advice.

Cyber security experts described the training as "ad hoc" and said the Government's approach to security was "shocking".

The Department for International Trade, headed by Dr Fox until last July, said training provided to ministers on cyber security was "in the form of a face-to-face briefing" and "does not include an assessment" of whether a minister has understood what they have been told.

The Foreign Office said cyber training for Cabinet and non-Cabinet ministers was "an informal mix of bespoke oral or written briefings which take place as and when required in accordance with operational need".

It said "no formal testing is undertaken" to assess whether ministers have implemented the necessary procedures.

Other departments had similar regimes, with all saying processes were in place to detect "failure to comply" with policies.

Philip Ingram, a former senior military intelligence officer and cyber security expert, told The Telegraph: "I am surprised, in our digital age, that there isn't more formal and regular training given to MPs and ministers on a regular basis.

"The ad hoc approach to cyber security across Government departments is shocking, especially given that the NCSC is a world leading capability. There is no excuse for MPs, ministers and their respective staffs not to have coherent policies and regular focused training.

"There is no point worrying about Huawei if basic poor cyber hygiene gives easy access to networks."

Government guidance to ministers and their staff, issued in 2013, says that in addition to official email systems "other forms of electronic communication may be used in the course of conducting Government business". It highlights a series of privacy and security factors that should be taken into account.

The hackers who targeted Dr Fox appear to have been "state-backed", according to sources.

Jeremy Corbyn used the documents to attack the Government - Andy Rain/EPA-EFE/Rex
Jeremy Corbyn used the documents to attack the Government - Andy Rain/EPA-EFE/Rex

Among the stolen emails were classified documents relating to US-UK trade talks, which were later published online and seized on by the then Labour leader, Jeremy Corbyn, to attack the Government.

Last month, Dominic Raab, the Foreign Secretary, said "Russian actors" had "amplified" the stolen documents online by trying to draw attention to them in an attempt to influence December's general election.

A Government spokesman refused to say whether ministers had been advised over the use of private email accounts in the wake of the hack.

The stolen emails are likely to have run into the thousands, and one source said: "It would be unusual for hackers to make off with just one email. You don't stop to read them in the middle of the heist."