Google says Russian hackers leaked Brexit emails

Evidence, including sloppiness, points towards a Russian group

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A number of Brexit-related emails that were recently leaked online came from the hands of Russian hackers,Google’s cybersecurity experts have said.

The team detected a new website, entitled “Very English Coop d’Etat”, which reportedly leaked multiple emails from a couple of high-ranking government officials, involved one way or another, in the UK’s split from the European Union: including former MI6 chief Sir Richard Dearlove, Gisela Stuart, lead Non-executive Board Member for the Cabinet Office, historian Robert Tombs, and others.

The site does not detail if anymalwarewas used in the attack, or even who was behind the campaign.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

War with Ukraine

Analyzing the website, the director of Google’s Threat Analysis Group (TAG), Shane Huntley, told Reuters that all evidence points towards a Russia-based hacking group known as “Cold River”.

“We’re able to see that through technical indicators,” Huntley noted.

Reuters, which broke the story, said it could not confirm the authenticity of the emails, but some of the people involved did hint that it might be true. Dearlove, for example, toldReutershe was “aware of a Russian operation against a Proton account which contained emails” to and from him, but also added that the leaked contents should be taken with a whole bag of salt due to “the context of the present crisis in relations with Russia”.

After all, the UK has openly sided with Ukraine in the ongoing conflict, providing the country with arms and other means of support. Furthermore, Prime Minister Boris Johnson was banned from Russia in mid-April over his support for Ukraine.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Tombs also said he was aware of “Russian disinformation based on illegal hacking” and provided no further comment. Others remained silent.

Our contradictory relationship to data privacy>Microsoft reveals immense scale of Russian cyber onslaught against Ukraine>EU set to allow data to flow freely into the UK in aftermath of Brexit

The only thing that has proven trickier than confirming the authenticity of the emails, is proving who is behind the attack on theseendpoints. Thomas Rid, a cybersecurity expert at Johns Hopkins University, told Reuters the modus operandi in this attack is quite similar to some of the previous ones conducted by Russian attackers.

“What jumps out at me is how similar the M.O. is to Guccifer 2 and DCLeaks,” he said. The leaks he mentioned happened just before the U.S. presidential elections in 2016.

“It looks very familiar in some ways, including the sloppiness,” he said.

Via:Reuters

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Dangerous Android banking malware looks to trick victims with fake money transfers

Sophos Firewall hack on government network used an all-new custom malware

Don’t wait until Black Friday, this year’s best Nintendo Switch bundles are on sale now