Russia hacking: ‘FSB in years-long cyber attacks on UK’, says government
The UK is accusing Russia’s Security Service, the FSB, of a sustained cyber-hacking campaign, targeting politicians and others in public life.
The government said one group stole data through cyber-attacks, which was later made public, including material linked to the 2019 election.
Russia has repeatedly denied claims it is involved in such activities.
Foreign Secretary David Cameron said the group’s actions were “completely unacceptable”.
“Despite their repeated efforts, they have failed. We will continue to work together with our allies to expose Russian covert cyber activity and hold Russia to account for its actions,” the former prime minister said.
Foreign Office Minister Leo Docherty told the House of Commons on Thursday that Russia’s ambassador has been summoned and two individuals were being sanctioned. One of them is a serving FSB officer.
The Russian ambassador was unavailable after being summoned on Wednesday, but officials instead met with the Russian Embassy’s deputy head of mission and expressed the UK’s deep concern about the alleged cyber-attacks.
The group is accused of carrying out hundreds of highly targeted hacks against politicians, civil servants, those working for think-tanks, journalists, academics and others in public life. These mainly targeted the private emails of individuals following extensive research and the creation of false accounts impersonating their trusted contacts.
Amongst those targeted was an MP who told the BBC in February his emails had been stolen.
The Federal Security Service (FSB) is the successor agency to the KGB, which operated throughout the Cold War.
Russian President Vladimir Putin was director of the FSB for a period in the 1990s.
The group linked to the FSB – and specifically the part of it known as Centre 18 – has been targeting the UK by stealing information from those in political and public life since at least 2015, it is believed.
It is claimed the group remains active.
The US is also expected to announce action against the group.
“Russia is targeting the UK’s democratic process,” Western officials said.
However, the campaign has been judged not to have been successful in interfering in the democratic process.
Thursday’s public accusation is aimed at disrupting the group’s work and increasing awareness ahead of major elections around the world next year.
“This group has acquired a vast amount of data,” Western officials said. “This information is used to undermine the West in various ways.”
The UK had already accused Russia of interfering in the 2019 election after stealing documents on US-UK trade from Conservative MP Liam Fox which were then leaked.
But when that accusation was made in 2020 the specific group behind that attack was not named and it is now being linked to the wider activities by the same FSB-linked group.
Those targeted by the organisation come from across the political spectrum.
SNP MP Stewart McDonald told the BBC this February that a group believed to have been linked to Russian intelligence stole his emails after posing as one of his staff. He went public in order to pre-empt the leak of any emails. They did not appear.
Speaking in the House of Commons on Thursday, the SNP’s Brendan O’Hara, the party’s foreign affairs spokesman, said Russia’s actions were part of a “persistent pattern of behaviour”, and asked if the government had “considered making cybersecurity training mandatory for all MPs and their staff.”
Labour’s David Lammy said democracy is “built on trust” and asked if the government was “confident” the full extent of the attack had been uncovered.
The FSB-linked group itself is thought to focus on hacking the data with others involved in disseminating it through different channels and amplifying its impact.
Other targets include the think-tank the Institute for Statecraft and its founder Chris Donnelly whose data was leaked online as well as a former head of MI6, Sir Richard Dearlove.
Western officials said the group was involved in ‘intelligence acquisition’ by hacking the email accounts and stealing the data. In some cases, it then passed on information to others in order for it to be made public.
The accusation by the UK, which will be followed by further moves from the US, is designed to disrupt the activities of the FSB group by exposing them.
It is believed to have taken some months for the US and UK to establish with high-enough confidence that FSB Centre 18 was responsible and to co-ordinate public announcements about the activity.
A previous advisory from the National Cyber Security Centre, an arm of GCHQ, in January warned of the threat of emails being targeted by both Russia and Iran and further advisories, including to high-profile individuals, are being issued later on Thursday.
All of those who are known to have been hacked have been informed.
Officials want to increase awareness of the dangers as the UK heads towards an election, likely next year. The US election due next November could also be targeted by hackers.
In 2016, a different part of Russian intelligence was accused of stealing and making public emails belonging to Hillary Clinton’s campaign, a move some considered significant in a tight race.
The hacking group is known by a variety of names including Star Blizzard, Cold River and Seaborgium.
A large amount of data is thought to have been stolen by the FSB group in recent years and only a fraction of it has been made public.
Asked if they could leak more data they have collected, western officials said: “There is no evidence of that intent. There is that possibility. They have collected a lot of information.”