The UK and its allies have called out the Russian Intelligence Services for a campaign of malicious cyber activity attempting to interfere in UK politics and democratic processes.

The UK and international partners have called out the Russian Intelligence Services for a campaign of malicious cyber activity attempting to interfere in UK politics and democratic processes.

The National Cyber Security Centre (NCSC) – a part of GCHQ – assesses that Star Blizzard, a group that has been identified using cyber operations to target high-profile individuals and entities, is almost certainly subordinate to Centre 18 of Russia’s Federal Security Service (FSB).

The malicious activity has, according to the NCSC, included:

  • Targeting, including spear-phishing, of UK parliamentarians from multiple political parties, from at least 2015 through to this year;
  • The compromise of UK-US trade documents that were leaked ahead of the 2019 General Election;
  • The 2018 compromise of the Institute for Statecraft, a UK thinktank whose work included initiatives to defend democracy against disinformation, and the more recent hack of its founder Christopher Donnelly, whose account was compromised from December 2021; in both instances documents were subsequently leaked.
  • Targeting of universities, journalists, public sector, NGOs and other Civil Society organisations, many of whom play a key role in UK democracy.

The group has also selectively leaked information obtained through its operations and amplified the release in line with Russian confrontation goals, including undermining trust in politics in the UK and like-minded states. UK Foreign Secretary David Cameron has described these attempts to interfere in UK politics as “completely unacceptable” seeking to threaten our democratic processes.

Paul Chichester, NCSC Director of Operations, said:

“Defending our democratic processes is an absolute priority for the NCSC and we condemn any attempt which seeks to interfere or undermine our values. Russia’s use of cyber operations to further its attempts at political interference is wholly unacceptable and we are resolute in calling out this pattern of activity with our partners. Individuals and organisations which play an important role in our democracy must bolster their security and we urge them to follow the recommended steps in our guidance to help prevent compromises.”

The NCSC previously published details about the activity undertaken by the Star Blizzard group, also known as Callisto Group, Cold River and formerly Seaborgium, earlier this year. In an advisory, it warned of Russia-based actors carrying out targeted spear-phishing attacks for information-gathering purposes. The new advisory formally attributes this activity for the first time and provides the latest threat information and mitigation advice to help reduce the chances of compromise.

This advisory has been jointly issued by the NCSC, the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA), the US Cyber National Mission Force (CNMF), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ).

It can be read in full here on the NCSC website.

Tom has spent the last 13 years working in the defence industry, specifically military and commercial shipbuilding. His work has taken him around Europe and the Far East, he is currently based in Scotland.
Subscribe
Notify of
guest

38 Comments
oldest
newest
Inline Feedbacks
View all comments

Jon
Jon (@guest_777314)
5 months ago

First: Happy New Year! 😀

I’m not sure why this would come as a surprise to anyone paying attention. What is the surprise to me is that we still aren’t calling out foreign social media influencing on general elections, surveys and referenda. Our spineless politicians will all too often follow what the surveys tell them to create policy.

There’s another election coming up this year and it would be useful to have expert help in minimising Russian and Chinese influence through social media.

Paul
Paul (@guest_777315)
5 months ago

What’s the point of “calling out” the Russians? Are they expected to care that they’ve been “called out?”

Redshift
Redshift (@guest_777330)
5 months ago
Reply to  Paul

I think that it is just how people speak now, modern vernacular has changed “and here’s why” lol

Gavin Gordon
Gavin Gordon (@guest_777361)
5 months ago
Reply to  Paul

They expect us to give a shite? That’d require regard somewhere above utter contempt for Putin.

SailorBoy
SailorBoy (@guest_777367)
5 months ago
Reply to  Gavin Gordon

Us? Who’s us?

Andy reeves
Andy reeves (@guest_777477)
5 months ago
Reply to  Gavin Gordon

It would need brains to lead it but we’ve no worries about that the most intelligent russian is the dockyard cat in Vladivostok.

Andy reeves
Andy reeves (@guest_777485)
5 months ago
Reply to  Gavin Gordon

I’d give a shyteabout it if my operation for a new ankle was cancelled. Because of a bug in the system

Gavin Gordon
Gavin Gordon (@guest_777581)
5 months ago
Reply to  Andy reeves

Hopefully, that will not prove to be the case, Andy. Wife & I have also been in hospital / under the NHS care since Feb 2022 coincidently – thanks to Putin, remember the date well! Cancer & open heart surgery, respectively. Still feel pretty confident we’ll manage here, on balance.

Andy reeves
Andy reeves (@guest_777475)
5 months ago
Reply to  Paul

Let’s not forget about china and Korea also attacking on a daily basis too

Last edited 5 months ago by Andy reeves
Andy reeves
Andy reeves (@guest_777484)
5 months ago
Reply to  Paul

They don’t or won’t

jjsmallpiece
jjsmallpiece (@guest_777332)
5 months ago

I’d rather hear about what cyber attacks we are doing against Russia.

Daniele Mandelli
Daniele Mandelli (@guest_777341)
5 months ago
Reply to  jjsmallpiece

Doubt you will. Offensive Cyber is even more classified than the defensive side, which the NCSC conduct.
We acknowledged years back that we have the capability. Best to keep that in the top drawer for when it is really needed.

jjsmallpiece
jjsmallpiece (@guest_777351)
5 months ago

Obviously. But a hint would be good for morale

Daniele Mandelli
Daniele Mandelli (@guest_777369)
5 months ago
Reply to  jjsmallpiece

Yes, possibly, and fascinsting to learn about. It would generate negative headlines too from the usual suspects in parts of the media who are out to get the intelligence community , but barely squeak at the exact same activities of other nations. My morale is fine as I have an idea what they get up to, and am happy to leave it at that. I’ve every confidence we can affect them just as much as we have to defend against. It takes leaks by traitors like Snowden to expose what NSA,GCHQ are capable of, as we know HMG, MoD never… Read more »

Cymbeline
Cymbeline (@guest_777390)
5 months ago
Reply to  jjsmallpiece

I remember watching a program years ago (maybe 40ish) anyway the programe centered on MI6 and its early years and how they monitered Russian traffic going out of their London Embassy, they broke the code pretty quickly and as I remember the program MI6 advertised the fact in The Times. Needless to say the Russians upped their game and changed the code. MI6 took a bit longer but managed to break the code again and again they advertised the fact. Que Russia upgrading the code again. The program didn’t say how long it took them to break the code for… Read more »

Daniele Mandelli
Daniele Mandelli (@guest_777439)
5 months ago
Reply to  Cymbeline

Ah yes, the facility in northern Oman that was signed off by the then Foreign Secretary David Miliband and which HMG tried to keep a lid on. Also known as the Remote Processing Centre.
It’s been there for some time, and looking at what is in its compounds on GE it does more than just cable work.
There are also two or three other sites in that part of the world which we use for that sort of work, two of which I’ve located.

Cymbeline
Cymbeline (@guest_777467)
5 months ago

From earlier years, Op Stopwatch (Berlin) and OP Silver (Austria) sure theres loads more from all sides.

Andy reeves
Andy reeves (@guest_777478)
5 months ago
Reply to  Cymbeline

They never found the bug in Putin’s headboard

Cymbeline
Cymbeline (@guest_777489)
5 months ago
Reply to  Andy reeves

The Russians had one very clever thing going on in a typewriter that allowed them to record keystrokes (back in the 70’s)in the US Embassy in Moscow. It took years for the NSA to find it and I believe cost the lives of a fair few agents

Andy reeves
Andy reeves (@guest_777486)
5 months ago

Best not to mention milliband

Daniele Mandelli
Daniele Mandelli (@guest_777576)
5 months ago
Reply to  Andy reeves

His brother is even worse.

Daniele Mandelli
Daniele Mandelli (@guest_777340)
5 months ago

Yes, Russia and China carry out espionage, influencing and cyber warfare, and so do we.

For balance, how many nations have the SIS interfered with regards politics? Probably dozens since the end of empire.

It’s all a game and the outrage expressed by the likes of that snake David Cameron changes nothing.

Notable again the hand in glove nature of our response, with all 5 anglo nations of the UKUSA agreement, now more commonly called 5 eyes by media, involved.

What we don’t hear about, but which we can guess, is the widescale response of the anglo alliance.

ABCRodney
ABCRodney (@guest_777370)
5 months ago

Hi M8 and Happy New Year 🥳 This may sound odd but our counter intelligence doesn’t just stop at Cyber. Someone, somewhere keeps an eye on property and land purchases in certain locations. For years there was an eyesore of a plot of derelict / vacant land in Derby right opposite a certain licensed nuclear site (which I know very well). It had been up for sale for decades and despite being flat, ripe for housing / commercial development and within the City Boundary, no one would purchase it. Then last year a sign went up “under offer for commercial… Read more »

Daniele Mandelli
Daniele Mandelli (@guest_777377)
5 months ago
Reply to  ABCRodney

Hello my friend, and a Happy New Year to you!
Of course, the Security Service have an entire Branch ( forget which ) dealing with Counter Espionage. They’re putting more into it too after it became clear they’d swung too much into CT and Russia and China were having a field day.
That’s a great story about RRD, it’s no surprise really, and good to know.

Andy reeves
Andy reeves (@guest_777483)
5 months ago

I’ve got a big shed these strangers could rent it’s got a electric supply and a sink

Last edited 5 months ago by Andy reeves
Andy reeves
Andy reeves (@guest_777481)
5 months ago
Reply to  ABCRodney

Has James bond been seen by anyone?

Jonathan
Jonathan (@guest_777419)
5 months ago

The reality what Russia is doing is dwarfed by china…the unspoken truth is that china already considers itself in a state of conflict with the west..even if for economic reasons our leaders will never acknowledge this. China has been undertaking a form of none kinetic political warfare against the west for years now. China has around 1 million people in four agencies manipulating western media, inserting fake news , manipulating politicians and leaders, organisations etc as well as cyber intrusions. The purpose is that in case of kinetic war china can 1) subvert western decision making 2) reduce political will… Read more »

Daniele Mandelli
Daniele Mandelli (@guest_777440)
5 months ago
Reply to  Jonathan

Quite frightening really. Will we ever awaken from our collective slumber?

Jonathan
Jonathan (@guest_777493)
5 months ago

I honestly fear that we will not wake ourselves but instead be awoken by china storming and taking Taiwan while missiles raining down on Guam and the U.S. bases in Japan. Simply put I think the west will not awaken until the PLAN, PLAAF and PLA kick the crap out of western forces in the pacific…I don’t think any nation ever has made it so blatantly clear that it’s going to war…the west seems neither willing to get out of chinas way or get ready for what is coming…profoundly delusional to be honest…the west needs to do one or the… Read more »

lonpfrb
lonpfrb (@guest_779437)
5 months ago
Reply to  Jonathan

CCP is working across all domains so the global mercantile and manufacturing dominance strategy ‘Belt and Road’ includes removing sovereign manufacturing capability from those stupid enough to outsource manufacturing on the grounds of unit cost so completely ignoring the true costs of freedom. We need a suitable nudge for UK businesses and consumers to value other sources than the CCP, traditionally done with customs tariffs. The Huawei* critical infrastructure panic on security grounds was a way to avoid making this so explicit as a tariff. * Hu a wei: we are the CCP Intelligence agency happy to look at your… Read more »

lonpfrb
lonpfrb (@guest_779435)
5 months ago

Here is an analysis of the hybrid war approach that the Crimlin uses to succeed the Cold War i.e. their Peace Dividend. Search “Putin will not Stop! Europe, dig the Trenches!” in YT. Use [CC] with Settings Auto-Translate to English for the full understanding of the content. It’s obvious that #45 the Tangerine Toddler is supported by kaputin as an effective way to stop #StandWithUkraine 🇺🇲 and expand the ruzzian empire in Europe. The Cold war was an easy peace so long as you weren’t occupied however the hybrid war is difficult and across all domains. We need to wake… Read more »

Wyn Beynon
Wyn Beynon (@guest_777398)
5 months ago

Nothing new, of course, except the means. Everybody does this to everybody else, and have done for ever. But we need to be reminded – there are posts on here that are probably part of the Russians at work.. though quite easily spottable it seems to me! Especially if you have a sense of humour. They are usually just plain daft. Unfortunately we have plenty of public figures undermining democracy in plain sight – Trump and Johnson being the best known, I suppose. Populists care nothing for democracy, just power. Le Pen, Hungary, the list is far too long to… Read more »

John
John (@guest_777411)
5 months ago
Reply to  Wyn Beynon

Accepting that politicians are snake oil salesmen is a start. Accepting “The Great Game” played by spooks has always gone on another. The populists are a result of a failure of policies for decades. Increasing taxation hurts ordinary people, idiotic responses to a virus and splashing billions ( most of which went missing or into certain pockets ) is another. Parliament is a cesspit. I sometimes feel it is only the military and SIS, also a few other organs of state that have this countries true interests at heart. Sadly this all plays into Putin and Xi’s objectives of destabilisation.… Read more »

Andy reeves
Andy reeves (@guest_777491)
5 months ago
Reply to  John

The east Germany STASI was good at all that sneaky beaky stuff

Daniele Mandelli
Daniele Mandelli (@guest_777577)
5 months ago
Reply to  Andy reeves

The lives of others is a good film regards them.

Wyn Beynon
Wyn Beynon (@guest_777938)
5 months ago
Reply to  John

You’re making my point for me!

Andy reeves
Andy reeves (@guest_777473)
5 months ago

I hope GCHQ Are returning the issue with interest cyber warfare is a big deal and the west cannot afford to get a step behind

Frank62
Frank62 (@guest_777995)
5 months ago

No surprise there. It’s what they do, PRC likewise.