In a recent development, the UK government has accused Russia’s Security Service, the FSB, of carrying out a long-term cyber hacking campaign targeting politicians and public figures. The government disclosed that one group, believed to be linked to the FSB, was responsible for stealing data through cyber-attacks, some of which was later made public, including material related to the 2019 election. The targeted individuals include an MP who revealed in February that his emails had been hacked. The Russian government has consistently denied involvement in such activities.
Foreign Office Minister Leo Docherty informed the House of Commons that Russia’s ambassador has been summoned and two individuals are facing sanctions, one of whom is a serving FSB officer. The accused group has allegedly conducted hundreds of highly targeted hacks on politicians, civil servants, journalists, think-tank members, academics, and others in public life. These attacks primarily focused on individuals’ private emails, following comprehensive research and the creation of false accounts impersonating their trusted contacts.
The US is also expected to take action against the group as it is an international concern. This particular group, connected to the FSB, has been targeting the UK by stealing information related to political and public figures since at least 2015. It is believed that the group is still active and poses a threat to the democratic process in the UK.
Western officials suspect that the stolen data is being used to undermine the West in various ways. The UK has previously accused Russia of interfering in the 2019 election by stealing documents on US-UK trade from Conservative MP Liam Fox, which were subsequently leaked. However, the specific group responsible for that attack was not identified until now and is believed to be part of the wider FSB-linked group.
Numerous individuals from across the political spectrum have been targeted by this organization. SNP MP Stewart McDonald disclosed earlier this year that a group believed to be connected to Russian intelligence had hacked his emails while posing as one of his staff members. To preempt any potential leak, he made his situation public, and thankfully, the leaked emails never materialized. The FSB-linked group is primarily focused on hacking, while others are involved in disseminating the stolen data through different channels to amplify its impact.
The accusation made by the UK government, followed by impending action from the US, aims to disrupt the activities of this particular FSB group by exposing them. It took months for the US and UK to gather enough evidence and confidence to attribute the cyberattacks to FSB Centre 16 and coordinate their public announcements.
Both Russia and Iran have previously been warned by the UK’s National Cyber Security Centre about the threat of email targeting. In response to this recent incident, further advisories have been issued, particularly to high-profile individuals. All targeted individuals have been informed of the cyberattacks.
In light of approaching elections in the UK and the US, officials are eager to raise awareness about the dangers posed by cyber hacking. The 2016 US election, for instance, saw another Russian hacking group stealing and leaking emails belonging to Hillary Clinton’s campaign, which had a significant impact on the race’s outcome. The FSB group responsible for the recent cyberattacks goes by various names, including Star Blizzard, Cold River, and Seaborgium. While a substantial amount of data has been stolen by this group in recent years, only a fraction of it has been made public. Western officials acknowledge the possibility that more stolen data might be leaked, as the group has collected a significant amount of information.
