UK Foreign Secretary Dominic Raab’s personal phone number as well his other personal details have been online for at least 11 years, The Guardian reported on 29 June, raising security concerns. How damaging could this situation be for the UK’s national security?
The UK foreign secretary’s number was discovered by a Guardian reader who used a routine Google search. Having first been uploaded on the web in 2010, it remained online after Raab became foreign secretary and first secretary of state in 2019. After The Guardian contacted the website, the latter removed both Raab’s number and personal data.
One of the possible scenarios described by the cybersecurity expert is one in which an attacker could contact the UK politician and trick him into installing a malicious application that could completely take over his device. Sophisticated actors could also use zero-day exploits in mobile operating systems (OS) and applications used by Dominic Raab to compromise his smartphone and access his communications and sensitive data stored on the device, according to Paganini.
In addition to a potential hacker threat, anyone could potentially bypass official channels to reach out to the foreign secretary and try to blackmail him or “provide him specially crafted fake news that could influence his sentiment on specific topics”, the cybersecurity analyst suggests.
Britain’s Prime Minister Boris Johnson walks at Downing Street in London
This is not the first time that the phone number of a high-ranking British official has found its way into the public domain. In April 2021, it turned out that Prime Minister Boris Johnson’s mobile phone number had been available online for the past 15 years after it was published in a think tank press release in 2006. The revelation prompted sharp criticism from Johnson’s political rival, Labour leader Sir Keir Starmer, who said at the time that it was “a serious situation [that] carries a security risk”. The Labour leader explained that he had himself changed his number upon becoming director of public prosecutions in 2008. “I have kept it secure since then”, Starmer stressed.
He laments the lack of awareness of cyber threats among politicians and business executives: “Their bad habits expose their organisations to the risk of cyberattacks”, the intelligence expert believes.
The icons of Google, WhatsApp and YouTube are pictured on an iPhone on Thursday, Nov. 15, 2018 in Gelsenkirchen, Germany
Practicing Safe Computing Could Solve the Problem
Other cyber specialists warn about exaggerating the threat of phone numbers being available online.
While malicious actors could indeed try to reach out to a British official, the latter is supposed to be an adult person that does not click on unverified links and block unknown users who are trying to call him or her.
Although the professor agrees that people should for the most part keep their mobile numbers private, he believes that “there is no real security risk if a number becomes public”.
“What matters is that people practice safe computing and understand that you should always be on your guard about any message that arrives in your inbox even if from a ‘friend’ as that message could have been spoofed”, Curran underscores. “Simply do not click on links you are not sure about”.