Monday, 25 Nov 2024

Russian hackers lay bare covert lobbying efforts to influence Brexit in ‘significant’ leak

Russian state TV hosts claim West is giving Ukraine nothing

We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info

Google said in a recent threat analysis update on cyber attacks motivated by the war that a group known as Coldriver were behind the leaks. One of the company’s cybersecurity chiefs said that former MI6 chief Sir Richard Dearlove, Baroness Gisela Stuart, and historian Robert Tombs had been targeted.

Entitled ‘Very English Coop [sic] d’Etat’, the website reportedly insinuates that the Brexiteers were part of a shadowy lobbying group around the time Brexit was finalised in January 2020.

Chris Bing, who first broke the story, said that the “leaks appear significant”.

However, he cautioned that previous Russian hacks – to which this bore similar hallmarks – mixed real information with forgeries and the information must be handled with “caution”.

Reuters said it could not immediately verify the authenticity of the emails that had been supposedly leaked, but two of the three apparent victims of the leak confirmed they had been targeted by Russian state-backed hackers.

Sir Richard, who led the UK’s foreign spying agency between 1999 and 2004, said: “I am well aware of a Russian operation against a Proton account which contained emails to and from me.” ProtonMail is an encrypted email service.

However, he added that the leaked material should be viewed within “the context of the present crisis in relations with Russia”.

Professor Tombs said he and colleagues were “aware of this Russian disinformation based on illegal hacking”, but declined to comment further.

Baroness Stuart, who chaired the Vote Leave campaign during the Brexit referendum, did not respond to requests for comment.

At the end of March, Google said that it had identified Coldriver, sometimes referred to as Calisto, as having launched “credential phishing campaigns” to target American organisations, the military of an unnamed Balkans country, and a Ukraine-based defence contractor.

However, for the first time the internet giant said it had observed the group’s campaigns “targeting the military of multiple Eastern European countries, as well as a NATO Centre of Excellence”.

Google said that Gmail accounts had been created to send the phishing emails, but that those emails had been sent to non-Google accounts, so the success rate was not known.

Shane Huntley, lead for the company’s threat analysis group, said they had been able to link the website to the hacking group “through technical indicators” and “clear technical links” with their other campaigns.

DON’T MISS
Energy: ‘overlooked solution’ could end Europe’s reliance on Russia [INSIGHT] 
Monkeypox outbreak: Virus has single origin and may be ‘hypermutated’ [REPORT] 
Energy crisis lifeline as UK company vows to slash £550 off price cap [REVEAL]

Following publication of the story, he downplayed the leaks themselves, noting that it was “too easy to amplify the campaign and increase the effect”.

Mr Huntley added that it was a “pretty clumsy campaign, and may be based on just one hacked ProtonMail account”.

The Russian embassy in London declined to comment, as did the Foreign Office, which handles MI6 queries. Other Brexiteers whose emails were suspected of being leaked have also as yet not commented.

Thomas Rid, a cybersecurity expert at Johns Hopkins University, said the site bore striking similarities to Guccifer 2 and DCLeaks – two websites which had been behind leaked Democrat emails in the run-up to the 2016 US presidential election.

He said: “It looks very familiar in some ways, including the sloppiness.”

Mr Bing claimed that the emails discuss “covert lobbying efforts to influence UK policies”.

Sir Richard said the emails showed a “legitimate lobbying exercise which, seen through this antagonistic optic, is now subject to distortion”.

Professor Rid added: “If the leak has newsworthy detail, then it is also newsworthy to point out that the material comes from an adversarial intelligence agency, especially in a time of war.”

The targeting and undermining of pro-Brexit figures may be an attempt to sow fresh division in the UK – one of the staunchest supporters of Ukraine.

Internet domain records are said to show that the sit was registered just days after the British Prime Minister made a surprise visit to Kyiv as a show of solidarity with Ukrainian President Volodymyr Zelensky.

It reportedly referred to Mr Johnson as “sneaky strawhead”.

Source: Read Full Article

Related Posts