The UK and its allies have called out the Russian Intelligence Services for a campaign of malicious cyber activity attempting to interfere in UK politics and democratic processes.

The UK and international partners have called out the Russian Intelligence Services for a campaign of malicious cyber activity attempting to interfere in UK politics and democratic processes.

The National Cyber Security Centre (NCSC) – a part of GCHQ – assesses that Star Blizzard, a group that has been identified using cyber operations to target high-profile individuals and entities, is almost certainly subordinate to Centre 18 of Russia’s Federal Security Service (FSB).

The malicious activity has, according to the NCSC, included:

  • Targeting, including spear-phishing, of UK parliamentarians from multiple political parties, from at least 2015 through to this year;
  • The compromise of UK-US trade documents that were leaked ahead of the 2019 General Election;
  • The 2018 compromise of the Institute for Statecraft, a UK thinktank whose work included initiatives to defend democracy against disinformation, and the more recent hack of its founder Christopher Donnelly, whose account was compromised from December 2021; in both instances documents were subsequently leaked.
  • Targeting of universities, journalists, public sector, NGOs and other Civil Society organisations, many of whom play a key role in UK democracy.

The group has also selectively leaked information obtained through its operations and amplified the release in line with Russian confrontation goals, including undermining trust in politics in the UK and like-minded states. UK Foreign Secretary David Cameron has described these attempts to interfere in UK politics as “completely unacceptable” seeking to threaten our democratic processes.

Paul Chichester, NCSC Director of Operations, said:

“Defending our democratic processes is an absolute priority for the NCSC and we condemn any attempt which seeks to interfere or undermine our values. Russia’s use of cyber operations to further its attempts at political interference is wholly unacceptable and we are resolute in calling out this pattern of activity with our partners. Individuals and organisations which play an important role in our democracy must bolster their security and we urge them to follow the recommended steps in our guidance to help prevent compromises.”

The NCSC previously published details about the activity undertaken by the Star Blizzard group, also known as Callisto Group, Cold River and formerly Seaborgium, earlier this year. In an advisory, it warned of Russia-based actors carrying out targeted spear-phishing attacks for information-gathering purposes. The new advisory formally attributes this activity for the first time and provides the latest threat information and mitigation advice to help reduce the chances of compromise.

This advisory has been jointly issued by the NCSC, the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA), the US Cyber National Mission Force (CNMF), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ).

It can be read in full here on the NCSC website.

Tom Dunlop
Tom Dunlop
Tom has spent the last 13 years working in the defence industry, specifically military and commercial shipbuilding. His work has taken him around Europe and the Far East, he is currently based in Scotland.

RELATED ARTICLESMORE FROM AUTHOR

38 COMMENTS

  1. First: Happy New Year! 😀

    I’m not sure why this would come as a surprise to anyone paying attention. What is the surprise to me is that we still aren’t calling out foreign social media influencing on general elections, surveys and referenda. Our spineless politicians will all too often follow what the surveys tell them to create policy.

    There’s another election coming up this year and it would be useful to have expert help in minimising Russian and Chinese influence through social media.

    • Doubt you will. Offensive Cyber is even more classified than the defensive side, which the NCSC conduct.
      We acknowledged years back that we have the capability. Best to keep that in the top drawer for when it is really needed.

        • Yes, possibly, and fascinsting to learn about. It would generate negative headlines too from the usual suspects in parts of the media who are out to get the intelligence community , but barely squeak at the exact same activities of other nations.

          My morale is fine as I have an idea what they get up to, and am happy to leave it at that. I’ve every confidence we can affect them just as much as we have to defend against.

          It takes leaks by traitors like Snowden to expose what NSA,GCHQ are capable of, as we know HMG, MoD never generally comment on anything intell, EW, or SF related, for very good reasons.

        • I remember watching a program years ago (maybe 40ish) anyway the programe centered on MI6 and its early years and how they monitered Russian traffic going out of their London Embassy, they broke the code pretty quickly and as I remember the program MI6 advertised the fact in The Times. Needless to say the Russians upped their game and changed the code. MI6 took a bit longer but managed to break the code again and again they advertised the fact. Que Russia upgrading the code again. The program didn’t say how long it took them to break the code for a 3rd time and never advertised these facts again. Lesson learned.

          As DM says we along with every country that has the ability will employ it, just dont expect the UK to advertise it.

          One of our operations running out of the Middle East was Blown by Edward Snowdon. I wont attache the link but if you Google the following it will give you multiple articles: British intelligence tap into middle east cables

          Enjoy the read.

          • Ah yes, the facility in northern Oman that was signed off by the then Foreign Secretary David Miliband and which HMG tried to keep a lid on. Also known as the Remote Processing Centre.
            It’s been there for some time, and looking at what is in its compounds on GE it does more than just cable work.
            There are also two or three other sites in that part of the world which we use for that sort of work, two of which I’ve located.

          • From earlier years, Op Stopwatch (Berlin) and OP Silver (Austria) sure theres loads more from all sides.

          • The Russians had one very clever thing going on in a typewriter that allowed them to record keystrokes (back in the 70’s)in the US Embassy in Moscow. It took years for the NSA to find it and I believe cost the lives of a fair few agents

  4. Yes, Russia and China carry out espionage, influencing and cyber warfare, and so do we.

    For balance, how many nations have the SIS interfered with regards politics? Probably dozens since the end of empire.

    It’s all a game and the outrage expressed by the likes of that snake David Cameron changes nothing.

    Notable again the hand in glove nature of our response, with all 5 anglo nations of the UKUSA agreement, now more commonly called 5 eyes by media, involved.

    What we don’t hear about, but which we can guess, is the widescale response of the anglo alliance.

    • Hi M8 and Happy New Year 🥳 This may sound odd but our counter intelligence doesn’t just stop at Cyber. Someone, somewhere keeps an eye on property and land purchases in certain locations.
      For years there was an eyesore of a plot of derelict / vacant land in Derby right opposite a certain licensed nuclear site (which I know very well).
      It had been up for sale for decades and despite being flat, ripe for housing / commercial development and within the City Boundary, no one would purchase it.
      Then last year a sign went up “under offer for commercial development”. Well it seems someone, somewhere knew something about the “purchasers” being linked to a certain large and inquisitive SE Asian country.
      After no one wanting it for 2 decades it went into a bidding war with another party and the price rocketed into the millions.
      Spookily the owners of the Nuclear site own and have no intention of developing it any time soon, so it may be used as an extension to the Nature reserve.

      Lets see what 2024 brings.

      • Hello my friend, and a Happy New Year to you!
        Of course, the Security Service have an entire Branch ( forget which ) dealing with Counter Espionage. They’re putting more into it too after it became clear they’d swung too much into CT and Russia and China were having a field day.
        That’s a great story about RRD, it’s no surprise really, and good to know.

    • The reality what Russia is doing is dwarfed by china…the unspoken truth is that china already considers itself in a state of conflict with the west..even if for economic reasons our leaders will never acknowledge this. China has been undertaking a form of none kinetic political warfare against the west for years now.

      China has around 1 million people in four agencies manipulating western media, inserting fake news , manipulating politicians and leaders, organisations etc as well as cyber intrusions. The purpose is that in case of kinetic war china can

      1) subvert western decision making
      2) reduce political will
      3) reduce public will
      4) already have cyber intrusions in place
      5) weaponise supply chains
      6) weaponise manufacturing

      Russia is quite frankly a bit of a red herring, china is already preparing the way for kinetic warfare…in all of the history of warfare no nation has undertaken as much political warfare as china has against the west, without the. going to war…it makes the actions of the west and Soviet Union during to Cold War look tame.

        • I honestly fear that we will not wake ourselves but instead be awoken by china storming and taking Taiwan while missiles raining down on Guam and the U.S. bases in Japan. Simply put I think the west will not awaken until the PLAN, PLAAF and PLA kick the crap out of western forces in the pacific…I don’t think any nation ever has made it so blatantly clear that it’s going to war…the west seems neither willing to get out of chinas way or get ready for what is coming…profoundly delusional to be honest…the west needs to do one or the other..but pretending china is not going to war..or that the west can easily and painlessly defeat a superpower with world wide influence, that has created western dependency on its supply chains is some form of collective insanity.

          • CCP is working across all domains so the global mercantile and manufacturing dominance strategy ‘Belt and Road’ includes removing sovereign manufacturing capability from those stupid enough to outsource manufacturing on the grounds of unit cost so completely ignoring the true costs of freedom.

            We need a suitable nudge for UK businesses and consumers to value other sources than the CCP, traditionally done with customs tariffs.

            The Huawei* critical infrastructure panic on security grounds was a way to avoid making this so explicit as a tariff.

            * Hu a wei: we are the CCP Intelligence agency happy to look at your data.

            #FONOPS
            #ArmUkraineASAP

        • Here is an analysis of the hybrid war approach that the Crimlin uses to succeed the Cold War i.e. their Peace Dividend.

          Search “Putin will not Stop! Europe, dig the Trenches!” in YT.

          Use [CC] with Settings Auto-Translate to English for the full understanding of the content.

          It’s obvious that #45 the Tangerine Toddler is supported by kaputin as an effective way to stop #StandWithUkraine 🇺🇲 and expand the ruzzian empire in Europe.

          The Cold war was an easy peace so long as you weren’t occupied however the hybrid war is difficult and across all domains.

          We need to wake up!

          #ArmUkraineASAP

  5. Nothing new, of course, except the means. Everybody does this to everybody else, and have done for ever. But we need to be reminded – there are posts on here that are probably part of the Russians at work.. though quite easily spottable it seems to me! Especially if you have a sense of humour. They are usually just plain daft. Unfortunately we have plenty of public figures undermining democracy in plain sight – Trump and Johnson being the best known, I suppose. Populists care nothing for democracy, just power. Le Pen, Hungary, the list is far too long to start. I worry that we may have already reached a tipping point in the West towards “strong leadership” as it is euphemistically called.

    • Accepting that politicians are snake oil salesmen is a start. Accepting “The Great Game” played by spooks has always gone on another. The populists are a result of a failure of policies for decades. Increasing taxation hurts ordinary people, idiotic responses to a virus and splashing billions ( most of which went missing or into certain pockets ) is another. Parliament is a cesspit. I sometimes feel it is only the military and SIS, also a few other organs of state that have this countries true interests at heart. Sadly this all plays into Putin and Xi’s objectives of destabilisation. I seem to remember Brezhnev saying that the west would destroy itself from within.

  6. I hope GCHQ Are returning the issue with interest cyber warfare is a big deal and the west cannot afford to get a step behind

LEAVE A REPLY

Please enter your comment!
Please enter your name here