1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

UK accuses Russia of yearslong cyberespionage campaign

December 7, 2023

Russia's Federal Security Service was behind "unsuccessful attempts to interfere in UK political processes," the British government says. UK officials summoned the Russian ambassador and sanctioned two Russian agents.

https://p.dw.com/p/4ZtC3
Foreign Secretary and Former British Prime Minister David Cameron
David Cameron said that Russia's attempts to interfere in British politics are completely unacceptableImage: Suzanne Plunkett/REUTERS

The British government on Thursday accused Russia's Federal Security Service (FSB) of waging a sustained cyberespionage campaign against senior politicians, civil servants, journalists and nongovernmental organizations.

"Russia's attempts to interfere in UK politics are completely unacceptable and seek to threaten our democratic processes," Foreign Secretary David Cameron said in a statement.

"In sanctioning those responsible and summoning the Russian ambassador today, we are exposing their malign attempts at influence and shining a light on yet another example of how Russia chooses to operate on the global stage," he said.

According to the Foreign Office, two Russian agents have been sanctioned for their alleged involvement in preparing so-called spear-phishing campaigns and "activity intended to undermine the UK."

Whom did the FSB target in the UK?

The British government claimed that a hacking group called Cold River, working on behalf of the FSB, targeted British politicians, journalists, and nonprofit groups from at least 2015 to 2023, with some attacks resulting in the leak of documents.

Foreign Office minister Leo Docherty told lawmakers that a cybergroup created false identities to impersonate legitimate contacts and compromise email accounts in the public sector.

"The targeting of this group is not limited to politicians but public-facing figures and institutions of all types. We have seen impersonation and attempts to compromise email accounts in the public sector, universities, media, NGOs and wider civil society," Docherty said.

Authorities said the group was responsible for the 2018 hacking of the Institute for Statecraft, a UK think tank that worked on defending democracy against disinformation and the leaking of US-UK trade documents ahead of the 2019 British general election.

What is cyber warfare?

What is the Cold River group?

The Cold River group, which is also known as "Callisto" or "Star Blizzard," first appeared on intelligence professionals' radar after it targeted Britain's Foreign Office in 2016. It was also behind the leak of private emails belonging to former British spymaster Richard Dearlove in 2022.

Cold River sits within the FSB's "Center 18," one of two known cyber-espionage units at the intelligence agency, according to cybersecurity experts.

A Western official, speaking to Reuters news agency on condition of anonymity, said the group was still very active and was part of Moscow's "Active Measures," intelligence-gathering ecosystem. It is a Cold War-era term used by the Soviet Union to describe covert political disinformation campaigns.

Meanwhile, the Russian embassy in London has said that Moscow has no reason to trust British insinuations about cyber attacks on British democracy in the absence of concrete evidence. Russia routinely denies accusations of cyber espionage. 

dh/sms (AP, AFP, Reuters)