The United Kingdom and its allies have revealed that the Russian intelligence services had attempted to use cyberattacks to target prominent persons and organizations in the UK. According to the Government, Russia-backed UK election interference was done to use the material gathered to meddle in democratic and political processes in the UK.
Many cyber espionage operations directed towards the United Kingdom have been traced back to Centre 18, a division of Russia’s Intelligence Services, the FSB. Although some attacks led to the leak of documents, attempts to meddle in UK politics and democracy weren’t successful.
Russia Backed UK Election Interference
The action was carried out by Star Blizzard, a company that GCHQ’s National Cyber Security Centre (UK) believes is virtually certainly under the authority of FSB Center 18.
Star Blizzard, which is run by FSB officers, is also referred to as Callisto Group, SEABORGIUM, or COLDRIVER. Along with deliberately leaking and amplifying intelligence, the organization has also worked to further Russian conflict goals, such as undermining political confidence in the UK and other like-minded states.
Specifically, the UK has determined that the FSB is involved in the following activities thanks to Russia-backed Star Blizzard‘s efforts:
- Targeting of lawmakers from various political parties, including spear-phishing, began at least in 2015 and continues this year.
- The 2019 General Election breach of UK-US trade information, which was previously linked to the Russian state through a Written Ministerial Statement in 2020.
- The 2018 hack of the Institute for Statecraft, a UK think tank whose projects included efforts to protect democracy from misinformation; in both cases, documents were later made public. The more recent hack of the think tank’s founder, Christopher Donnelly, involved his account being compromised starting in December 2021.
- Targeting of public sector, academic institutions, journalists, non-governmental organizations, and other civil society groups—many of whom are vital to UK democracy.
The UK has sanctioned two Star Blizzard employees today for their involvement in spear-phishing campaign preparation and related activities that led to unauthorized access to sensitive data and UK election interference.
The goal of these actions was to undermine UK organizations and, more broadly, the UK government. This comes after a National Crime Agency investigation.
The latest in bilateral efforts to combat harmful Russian cyber activity that aims to threaten the integrity and economy of our country and those of our friends, these sanctions were implemented in concert with the US. Concurrently, the US Department of Justice has made indictments against the people named today public.
In the US and the UK, the following people are being designated:
- Star Blizzard, also known as the Callisto Group, is led by Russian FSB intelligence officer Ruslan Aleksandrovich PETRYATKO.
- Andrey Stanislavovich KORINETS, also known as Alexey DOGUZHIEV, is a Callisto Group member of Star Blizzard.
In an effort to convey to the Russian ambassador the UK’s grave concerns regarding Russia’s persistent efforts to subvert democratic and political processes in the UK and abroad, the Foreign, Commonwealth, and Development Office has also called on the ambassador of Russia.
Leo Docherty, the Minister for Europe, emphasized in a statement to the House earlier today that attempts at UK election interference had failed. Nonetheless, Russia and other enemies will likely keep trying to meddle in UK politics through cyberspace.
The NCSC, in collaboration with the US, Australia, New Zealand, and Canada, will release cyber security advice to educate network defenders on how to minimize this activity. Additionally, the NCSC will publish guidelines for persons who pose a high risk, along with additional details about available support.
Home Secretary James Cleverly said, “An attack against our democratic institutions is an attack on our most fundamental British values and freedoms. The UK will not tolerate foreign interference and through the National Security Act, we are making the UK a harder operating environment for those seeking to interfere in our democratic institutions.”
The actions are part of a larger pattern of malicious cyber activities carried out worldwide by the Russian Intelligence Services. Russian intelligence’s involvement in ViaSat, SolarWinds, and the UK election interference has been made public by the UK and its partners in recent years.
A sophisticated cyber espionage tool created and utilized by Russia’s Federal Security Service (FSB) Center 16 for long-term intelligence gathering on sensitive targets was made public by the NCSC and its Five Eye partners in May.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
