UK accuses Russia of cyber campaign against top politicians

The UK government on Thursday accused Russian security services of engaging in a sustained cyber-espionage campaign against top politicians, journalists and NGOs.

Russia has been suspected of meddling in UK politics before, including the divisive 2016 Brexit referendum, but the Conservative government has been criticised for failing to investigate.

In the latest claims, the foreign ministry said Russia’s Federal Security Service (FSB) was behind “unsuccessful attempts to interfere in UK political processes” and said it had summoned Russia’s ambassador to London about the issue.

ALSO READ: US charges four pro-Russian troops in Ukraine with war crimes

“Russia’s attempts to interfere in UK politics are completely unacceptable and seek to threaten our democratic processes,” UK foreign minister David Cameron said in a statement.

“In sanctioning those responsible and summoning the Russian ambassador today, we are exposing their malign attempts at influence and shining a light on yet another example of how Russia chooses to operate on the global stage,” he said.

Cameron’s office said Centre 18, a unit within the FSB, was accountable for “a range of cyber espionage operations” targeting the UK.

– ‘Documents leaked’ –

The UK government claimed the FSB targeted parliamentarians from several political parties, with some attacks resulting in documents being leaked in an operation from at least 2015 through to 2023.

The organisation had also hacked UK-US trade documents that were leaked ahead of the UK general election in December 2019, it added.

The foreign office said two Russian operatives had been sanctioned for their involvement in the preparation of so-called spear-phishing campaigns and “activity intended to undermine the UK”.

ALSO READ: Russia pardons ex-policeman convicted of journalist’s murder

Spear-phishing involves sending malicious links to specific targets “in order to try to induce them to share sensitive information”.

Attackers often undertake “reconnaissance activity around their target” in order to make the attempts more effective, according to the UK’s National Cyber Security Centre.

They typically approach targets via email, social media and professional networking platforms, impersonating real-world contacts of their targets, sending false invitations to conferences and events, and sharing malicious links disguised as Zoom meeting URL links.

– Targeting officials –

In January, UK cyber-security chiefs warned that Russia and Iran were increasingly targeting government officials, journalists and NGOs with spear-fishing attacks in order to “compromise sensitive systems”.

The NCSC, part of the UK’s signals intelligence agency GCHQ, urged greater vigilance about techniques and tactics used as well as mitigation advice.

It said the Russia-based group SEABORGIUM and the Iran-based TA453 had targeted a range of organisations and individuals in the UK and abroad throughout 2022.

Last year, a British newspaper reported that suspected Kremlin agents hacked ex-prime minister Liz Truss’s cellphone when she was foreign minister.

The Mail on Sunday reported that they were believed to have gained access to “top-secret exchanges with international partners”.

ALSO READ: Russia hands captive Ukrainian soldiers heavy sentences

A source told the paper the “compromised” phone has been placed inside a locked safe in a secure government location after up to a year’s messages were hacked including “highly sensitive discussions” on the war in Ukraine.

The hacking was discovered in the summer of 2022, when Truss was campaigning to become Conservative party leader to succeed Boris Johnson as prime minister, the paper reported.

– ‘Extremely convincing’ –

Foreign office minister Leo Docherty told MPs in the House of Commons on Thursday that the cyber threat posed by Russian intelligence services was “real and serious”.

“I want to underline to the whole House that this targeting can be extremely convincing,” he said.

“They typically engage in thorough research and preparation, including via social media and networking platforms.

“They create false accounts, impersonate contacts, appear legitimate and create a believable approach seeking to build a rapport before delivering a malicious link to either a document or website of interests.”

ALSO READ: Russian court extends detention of US journalist Gershkovich

Opposition Labour MP David Lammy said the Russian operation was an attack on British democracy, raising concerns about the potential ramifications for elections next year in the UK, United States and India.

“Trust must be built on the confidence that politicians on all sides are able to conduct the business of democracy free from interference,” Lammy told MPs.

“Labour along with the whole House condemns it in the strongest terms.”

© Agence France-Presse