(Bloomberg) -- The US and UK have launched a coordinated effort to disrupt a longtime alleged Russian government hacking campaign aimed at what they say is an attempt to undermine democratic processes in both their countries.
The UK accused Russia’s main intelligence agency of seeking to hack the emails of British politicians and officials in an attempt to interfere in its democratic processes, and added two Russian nationals to its sanctions list on Thursday.
“They have been targeting high-profile individuals and entities with a clear intent: using information they obtained to meddle in British politics,” Foreign Office minister Leo Docherty told the House of Commons on Thursday.
The intrusions include targeting personal email accounts and impersonation attempts against universities and media organizations, according to Docherty. Civil servants and journalists have also been targeted by Russia’s Federal Security Service, known as the FSB, he said.
In the US, the conspiracy targeted current and former employees of the intelligence community, Defense Department, State Department, defense contractors and Energy Department facilities since 2016, according to a statement from the Justice Department on Thursday.
A US federal grand jury in San Francisco this week indicted the two individuals sanctioned by the UK for allegedly running a campaign to hack into computer networks in the US, UK and other NATO countries plus Ukraine, on behalf of the Russian government, according to an indictment unsealed on Thursday.
“Today’s indictment is part of a coordinated international response to send a message to the conspirators that the whole of the United States government stands together and with our partners internationally to identify and disrupt cyber espionage actors, particularly those seeking to obtain government information and attempting to create chaos in democratic processes,” said US Attorney Ismail Ramsey for the Northern District of California in a statement.
The FSB didn’t immediately respond to a request for comment.
John Hultquist, chief analyst at Mandiant Intelligence, a cybersecurity unit at Google, told Bloomberg the group has targeted US organizations as recently as this week and the UK as recently as this month, and that their activities are noteworthy given the FSB is a relatively new player in the elections space. “This actor is one to watch closely as elections near,” he said, adding hacked emails have been shown to be a powerful tool in political interference campaign.
The US State Department’s Rewards for Justice program is offering a reward of up to $10 million for information leading to the identification or location of the two people indicted this week.
In November, the UK’s National Cyber Security Centre warned that Russian and other state-sponsored hackers posed an “enduring and significant threat” to the country. The agency said that Russia was one of the most prolific state actors in cybercrime, and had dedicated substantial resources to conducting hacking operations internationally.
The UK said the cyber group, which is known by a variety of names including Callisto Group and Star Blizzard, has been targeting UK politicians since at least 2015 and is linked to the FSB’s Center 18.
Center 18 has also been connected to the FSB by British allies. The US indicted two FSB officers from the group in 2017 for breaching millions of email accounts.
Center 18 predominantly targets personal email addresses, using extensive research via social media to impersonate contacts of politicians and officials to appear legitimate and send malicious links, according to Docherty.
In addition to attacks carried out by Russian military or state-sponsored hackers, Russian-linked criminal gangs have also posed a substantial threat to the UK. This year, the gangs have breached a range of high-profile companies and organizations, including the Barts Health NHS Trust, government contractor Capita Plc, and postal company Royal Mail.
(Updates with details of US action from first paragraph.)
©2023 Bloomberg L.P.