Unlock the Editor’s Digest for free
Roula Khalaf, Editor of the FT, selects her favourite stories in this weekly newsletter.
Russia’s main intelligence agency has sought to meddle in Britain’s politics and democratic processes through a “sustained” cyber campaign since 2015, the UK government claimed on Thursday.
UK foreign minister Leo Docherty told the House of Commons that Russia’s Federal Security Service had used a “range of cyber espionage activities” to target MPs, peers, civil servants, journalists and NGOs.
The FSB compromised the private communications of an array of high-profile figures and used stolen information obtained through the hacks to “meddle in British politics”, he warned, though he insisted the influence campaign had been “unsuccessful”.
The Foreign Office said it had sanctioned two Russians involved in the operation and summoned the country’s ambassador, Andrey Kelin, to express its “deep concern about Russia’s sustained attempts to use cyber to interfere in political and democratic processes in the UK and beyond”.
In a statement, foreign secretary David Cameron said: “Russia’s attempts to interfere in UK politics are completely unacceptable and seek to threaten our democratic processes. Despite their repeated efforts, they have failed.”
He said the UK was “exposing their malign attempts at influence and shining a light on yet another example of how Russia chooses to operate on the global stage”.
Docherty said the FSB’s Centre 18 unit led the operation, adding that the attacks targeting cross-party parliamentarians were carried out by Star Blizzard, a cyber group that the UK’s National Cyber Security Centre has assessed is “almost certainly subordinate to Centre 18”.
Using these means, Star Blizzard has “selectively leaked and amplified the release of sensitive information in the service of Russia’s goals of confrontation”, Docherty said.
The UK government had previously accused Russia of using these tactics. Russian hackers amplified documents about UK-US trade talks stolen from the email account of then-trade minister Liam Fox in the run-up to the 2019 general election, the Foreign Office said in 2020.
Docherty announced that Star Blizzard was the group assessed to be responsible for that operation. He said the group commonly mounted spear-phishing attacks on the personal, rather than professional, email addresses of its targets and tailored its approach in a “far more sophisticated way” than is usual for this type of hack carried out by cyber crime groups.
The Russian hackers had undertaken “thorough research and preparation, including via social media and networking” before setting up false accounts and impersonating contacts to “appear legitimate” as they built a “rapport before delivering a link to a malicious document or website or interest”, he added.
Star Blizzard is commonly known as Callisto Group, Seaborgium or Coldriver and is operated by FSB officers, according to the Foreign Office. It also attributed a 2018 hack of the Institute for Statecraft, a UK think-tank that worked on initiatives to counter disinformation, to the group.
More recently Star Blizzard has hacked and leaked documents from the account of the think-tank’s founder Christopher Donnelly, whose account was compromised in 2021, Docherty said.
The UK government has informed the other victims of the hacking attacks, believed to run into the hundreds, but is not expected to name them.
Following an investigation by the National Crime Agency, the UK government has sanctioned two men it cited as members of Star Blizzard: FSB intelligence officer Ruslan Aleksandrovich Peretyatko and Andrey Stanislavovich Korinets.
Publicly identifying and designating the alleged senior hackers is designed to serve as a warning that the UK will seek to track down and retaliate against individuals involved in malicious cyber campaigns.
Following the announcement, the NCSC and partner agencies in the US, Australia, Canada and New Zealand issued fresh cyber security advice, sharing technical details about how cyber attacks are carried out and methods of mitigating them.
This article has been amended since original publication. Andrey Kelin is Russia’s ambassador to the UK, not Alexander Yakovenko
