Estonian Free PressEstonian Free Press
  • National Security
    • United States
    • United Kingdom
    • Europe
    • Estonia
    • Latvia
    • Lithuania
    • Moldova
    • Poland
    • Russia
    • Ukraine
  • Counterterrorism
  • Cybersecurity
  • Intelligence

Subscribe to Updates

Get the latest National Security News directly to your inbox.

What's Hot

Extremists Praise ‘Martyr’ Who Attacked FBI’s Cincinnati Office, Declare ‘War’ on FBI ‘Has Begun’

August 12, 2022

DISA Flags Contractors’ Inappropriate Use of Government Computers

August 11, 2022

Labour vows to end ‘outrageous’ energy premiums faced by prepayment customers

August 11, 2022
Facebook Twitter Instagram
  • Privacy Policy
  • Terms and Conditions
  • Contact
Friday, August 12
Estonian Free PressEstonian Free Press
  • National Security
    • United States
    • United Kingdom
    • Europe
    • Estonia
    • Latvia
    • Lithuania
    • Moldova
    • Poland
    • Russia
    • Ukraine
  • Counterterrorism
  • Cybersecurity
  • Intelligence
en English
en Englishet Estonianlv Latvianlt Lithuanianpl Polishro Romanianru Russianuk Ukrainian
Trending
  • Extremists Praise ‘Martyr’ Who Attacked FBI’s Cincinnati Office, Declare ‘War’ on FBI ‘Has Begun’
  • DISA Flags Contractors’ Inappropriate Use of Government Computers
  • Labour vows to end ‘outrageous’ energy premiums faced by prepayment customers
  • Chișinăul instituie control asupra liderilor separatiști de la Tiraspol
  • FBI sought nuclear documents in Trump raid: Report
  • The Inflation Reduction Act sends a foreign-policy message to US friends and foes alike
  • The uncomfortable economic truth behind Xi Jinping’s Taiwan threats
  • Truss putting millions of vulnerable people ‘at risk of real destitution’, says Sunak
Subscribe
Facebook Twitter Instagram
Estonian Free PressEstonian Free Press
Home » Russian hackers are linked to new Brexit leak website, Google says

Russian hackers are linked to new Brexit leak website, Google says

May 26, 20224 Mins Read Cybersecurity
Share
Facebook Twitter LinkedIn Pinterest Email

A new website that published leaked emails from several leading proponents of Britain’s exit from the European Union is tied to Russian hackers, according to a Google cybersecurity official and the former head of UK foreign intelligence.

The website – titled “Very English Coop d’Etat” – says it has published private emails from former British spymaster Richard Dearlove, leading Brexit campaigner Gisela Stuart, pro-Brexit historian Robert Tombs, and other supporters of Britain’s divorce from the EU, which was finalized in January 2020.

The site contends that they are part of a group of hardline pro-Brexit figures secretly calling the shots in the United Kingdom.

The authenticity of the emails could not be independently verified, but two victims of the leak on Wednesday (25 May) confirmed that they had been targeted by hackers and blamed the Russian government.

“I am well aware of a Russian operation against a Proton account which contained emails to and from me,” said Dearlove, referring to the privacy-focused email service ProtonMail.

Dearlove, who led Britain’s foreign spy service – known as MI6 – between 1999 and 2004, told Reuters the leaked material should be treated with caution given “the context of the present crisis in relations with Russia.”

Tombs said in an email he and his colleagues were “aware of this Russian disinformation based on illegal hacking.” He declined further comment. Stuart, who chaired Britain’s Vote Leave campaign in 2016, did not return emails.

Shane Huntley, who directs Google’s Threat Analysis Group, told Reuters that the “English Coop” website was linked to what the Alphabet Inc-owned company knew as “Cold River,” a Russia-based hacking group.

“We’re able to see that through technical indicators,” Huntley said.

Huntley said that the entire operation – from Cold River’s hacking attempts to publicizing the leaks – had “clear technical links” between one another.

The Russian embassies in London and Washington did not return emails seeking comment.

Britain’s Foreign Office, which handles media queries for MI6, declined comment. Other Brexit supporters whose emails were suspected of being disseminated on the website also did not respond to emails.

‘Looks very familiar’

How the emails were obtained is unknown and the website hosting them made no effort to explain who was behind the leak. The leaked messages mainly appear to have been exchanged using ProtonMail. ProtonMail declined comment.

Reuters was unable to independently verify Google’s assessment about a Russian link to the website, but Thomas Rid, a cybersecurity expert at Johns Hopkins University, said the site was reminiscent of past hack-and-leak operations attributed to Russian hackers.

“What jumps out at me is how similar the M.O. is to Guccifer 2 and DCLeaks,” he said, referring to two of the sites that disseminated leaked emails stolen from Democrats in the run-up to the 2016 US presidential election.

“It looks very familiar in some ways, including the sloppiness,” he said.

If the leaked messages are in fact authentic it would mark the second time in three years that suspected Kremlin spies have stolen private emails from a senior British national security official and published them online.

In 2019, classified US-UK trade documents were leaked ahead of Britain’s election after being stolen from the email account of former trade minister Liam Fox, Reuters previously reported. UK officials never confirmed the specifics of the operation, but then-British foreign minister Dominic Raab said the hack-and-leak was an effort by the Kremlin to interfere in the Britain’s election, a charge that Moscow denied.

The “English Coop” site makes a variety of allegations, including one that Dearlove was at the center of a conspiracy by Brexit hardliners to oust former British Prime Minister Theresa May, who had negotiated a withdrawal agreement with the European Union in early 2019, and replace her with Johnson, who took a more uncompromising position.

Dearlove said that the emails captured a “legitimate lobbying exercise which, seen through this antagonistic optic, is now subject to distortion.”

He declined further comment.

Johnson, who took over from May later in 2019, has staked out a tough stance on Russia’s invasion of Ukraine, committing hundreds of millions of dollars of military equipment to the government in Kyiv. In April, Johnson visited the capital for a televised walkabout with Ukrainian President Volodymyr Zelenskyy.

Johnson was officially banned from Russian soil on 16 April. Internet domain records show the “Coop” website was registered three days later. Its URL included the words “sneaky strawhead” in an apparent knock at Johnson’s tousled hairstyle.

Rid said that while journalists should not shy away from covering authenticated material exposed by the leak, they should still tread very carefully.

“If the leak has newsworthy detail, then it is also newsworthy to point out that the material comes from an adversarial intelligence agency, especially in a time of war,” said Rid.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email

Articles Liés

DISA Flags Contractors’ Inappropriate Use of Government Computers

August 11, 2022 Cybersecurity

CISA Releases Toolkit of Free Cybersecurity Resources for Election Community

August 10, 2022 Cybersecurity

U.S. Space Force Conducts Innovative Cyber Talent Acquisition Process

August 10, 2022 Cybersecurity

Information Enterprise Modernization Is an Important DoD Priority, Official Says

August 10, 2022 Cybersecurity

SharpTongue Deploys Clever Mail-Stealing Browser Extension ‘SHARPEXT’

August 9, 2022 Cybersecurity

Headquarters Air Force Directorate of Total Force Integration Conducts Health Assessment at Fort Meade

August 9, 2022 Cybersecurity
Don't Miss
Cybersecurity

DISA Flags Contractors’ Inappropriate Use of Government Computers

By woe whAugust 11, 20220

The following open letter was issued to Defense Information Systems Agency Contractors by Douglas W.…

Labour vows to end ‘outrageous’ energy premiums faced by prepayment customers

August 11, 2022

Chișinăul instituie control asupra liderilor separatiști de la Tiraspol

August 11, 2022

FBI sought nuclear documents in Trump raid: Report

August 11, 2022
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo
Our Picks

The uncomfortable economic truth behind Xi Jinping’s Taiwan threats

August 11, 2022

Truss putting millions of vulnerable people ‘at risk of real destitution’, says Sunak

August 11, 2022

Gavrilița, întrevedere de rămas bun cu Ambasadorul Lituaniei la Chișinău

August 11, 2022

Liz Truss appears to forget where she is at Conservative hustings

August 11, 2022

Subscribe to Updates

Get the latest National Security News directly to your inbox.

© 2022 Estonian Free Press. All rights reserved.
  • Privacy Policy
  • Terms and Conditions
  • Contact

Type above and press Enter to search. Press Esc to cancel.