🔒From the FT: UK accuses Russia’s FSB of sustained cyber campaign to meddle in politics

The UK has accused Russia’s Federal Security Service of engaging in a sustained cyber campaign since 2015 to meddle in British politics. UK Foreign Minister Leo Docherty revealed that the FSB targeted MPs, civil servants, journalists, and NGOs through cyber espionage activities. Despite the attempted influence, Docherty insisted the campaign was unsuccessful. The UK sanctioned two Russians involved and summoned the Russian ambassador, expressing deep concern. Russia denied the claims, dismissing them as baseless. The UK named the cyber group responsible as Star Blizzard, linking it to previous hacking incidents and issuing warnings against future cyber threats.

Sign up for your early morning brew of the BizNews Insider to keep you up to speed with the content that matters. The newsletter will land in your inbox at 5:30am weekdays. Register here.

Russian cyber spies accused of meddling in UK democratic process

By Lucy Fisher in London 


Russia’s main intelligence agency has sought to meddle in Britain’s politics and democratic processes through a “sustained” cyber campaign since 2015, the UK claimed on Thursday.

UK foreign minister Leo Docherty told the House of Commons that Russia’s Federal Security Service had used a “range of cyber espionage activities” to target MPs, peers, civil servants, journalists and NGOs.

The FSB compromised the private communications of an array of high-profile figures and used stolen information obtained through the hacks to “meddle in British politics”, Docherty warned, though he insisted the influence campaign had been “unsuccessful”.

The foreign office said it had sanctioned two Russians involved in the operation and summoned the country’s ambassador, Andrey Kelin, to express its “deep concern about Russia’s sustained attempts to use cyber to interfere in political and democratic processes in the UK and beyond”.

In a statement, foreign secretary David Cameron said: “Russia’s attempts to interfere in UK politics are completely unacceptable and seek to threaten our democratic processes. Despite their repeated efforts, they have failed.”

He said the UK was “exposing their malign attempts at influence and shining a light on yet another example of how Russia chooses to operate on the global stage”.

Russia’s foreign ministry rejected the UK’s claims: “In the absence of concrete evidence, we have absolutely no grounds to trust British insinuations . . . The British Foreign Office voices groundless accusations based on myths that largely circulated between 2018 and 2019.”

Docherty said the FSB’s Centre 18 unit led the operation, adding that the attacks targeting cross-party parliamentarians were carried out by Star Blizzard, a cyber group that the UK’s National Cyber Security Centre has assessed is “almost certainly subordinate to Centre 18”.

Using these means, Star Blizzard has “selectively leaked and amplified the release of sensitive information in the service of Russia’s goals of confrontation”, Docherty said.

The UK government had previously accused Russia of using these tactics. Russian hackers amplified documents about UK-US trade talks stolen from the email account of then-trade minister Liam Fox in the run-up to the 2019 general election, the Foreign Office said in 2020.

Docherty announced that Star Blizzard was the group assessed to be responsible for that operation. He said the group commonly mounted spear-phishing attacks on the personal, rather than professional, email addresses of its targets and tailored its approach in a “far more sophisticated way” than is usual for this type of hack carried out by cyber crime groups.

The Russian hackers had undertaken “thorough research and preparation, including via social media and networking” before setting up false accounts and impersonating contacts to “appear legitimate” as they built a “rapport before delivering a link to a malicious document or website or interest”, he added.

Star Blizzard is commonly known as Callisto Group, Seaborgium or Coldriver and is operated by FSB officers, according to the Foreign Office. It also attributed a 2018 hack of the Institute for Statecraft, a UK think-tank that worked on initiatives to counter disinformation, to the group.

More recently Star Blizzard has hacked and leaked documents from the account of the think-tank’s founder Christopher Donnelly, whose account was compromised in 2021, Docherty said.

The UK government has informed the other victims of the hacking attacks, believed to run into the hundreds, but is not expected to name them.

Following an investigation by the National Crime Agency, the UK government has sanctioned two men it cited as members of Star Blizzard: FSB intelligence officer Ruslan Aleksandrovich Peretyatko and Andrey Stanislavovich Korinets.

Publicly identifying and designating the alleged senior hackers is designed to serve as a warning that the UK will seek to track down and retaliate against individuals involved in malicious cyber campaigns.

Following the announcement, the NCSC and partner agencies in the US, Australia, Canada and New Zealand issued fresh cyber security advice, sharing technical details about how cyber attacks are carried out and methods of mitigating them.

Read also:

Copyright The Financial Times Limited 2023

© 2023 The Financial Times Ltd. All rights reserved. Please do not copy and paste FT articles and redistribute by email or post to the web.