Russian hackers behind new Brexit leak website, says Google

Russian hackers behind new Brexit leak website, Google says

Image:

Russian hackers behind new Brexit leak website, Google says

A new website that recently published leaked emails, allegedly from key pro-Brexit individuals, has links to Russian hackers, according to Google.

The website has published multiple emails that it claims were sent to and from key people in the Brexit process, including former MI6 chief Richard Dearlove, leading Brexit supporter Gisela Stuart, and pro-Brexit historian Richard Toombs.

The website, 'Very English Coop [sic] d'Etat', sclaim that the hacked messages demonstrate that a group of hardline pro-Brexit figures is secretly controlling the UK.

It further claims a 'deep state' plot to replace Theresa May with Boris Johnson as Prime Minister.

Two victims of the leak confirmed to Reuters they been targeted by hackers, and blamed the Russian government.

According to Shane Huntley, who runs Google's Threat Analysis Gang, the 'English Coop' website is connected to a hacker group in Russia known as Cold River (aka Coldriver or Callisto)

"We're able to see that through technical indicators," he said, adding there were "clear technological links" between each step of the operation, beginning with Cold River's efforts at hacking and continuing with publishing the leaks.

In March, Google researchers raised alerts about Cold River targeting various Eastern European nations' militaries, and a NATO Centre of Excellence.

In 2019, Finland's F-Secure Labs described Callisto as a sophisticated threat actor involved in intelligence collection tied to foreign and security policy in Europe.

"I am well aware of a Russian operation against a Proton account which contained emails to and from me," Dearlove - who led MI6 from 1999 to 2004 - told Reuters, referring to the email service ProtonMail. The majority of stolen mails appear to have been sent using ProtonMail.

Because of the conflict in Ukraine and "the context of the present crisis in relations [with] Russia," Dearlove said the emails should be treated "with caution."

The emails captured a "legitimate lobbying exercise which, seen through this antagonistic optic, is now subject to distortion," he said.

The emails seem to have been sent in 2018, a challenging period for then-PM Theresa May in the process of negotiating Brexit. EU leaders dismissed her Chequers proposal at a summit in Salzburg in September that year, and she faced rebellions at home from both Leave and Remain sides for being either too soft or too hard in her approach to leaving the EU.

It is unclear how Cold River obtained the emails, and the 'English Coop' website made no attempt to clarify who was responsible for the breach.

If the emails are genuine, it would be the second time in three years that suspected Kremlin agents have acquired and released private correspondence from a top British national security officer.

Sensitive US-UK trade data were taken from former trade minister Liam Fox's email account and exposed ahead of the UK election in 2019.

The operation's details were never verified by UK authorities, but then-Foreign Minister Dominic Raab said the hack-and-leak was an attempt by the Kremlin to meddle in the UK election - an accusation Moscow disputed.

Computing says:

Despite Russia's well-publicised influential interference in supporting Brexit, releasing these emails follows the classic Russian approach of sowing division to drive a wedge between parties that could unite against Russia.

As always, we advise caution when dealing with leaks, especially those linked to Russia: a popular Russian psyops tactic is to mix forgeries in with the real leaks.