Espionage is not a new concept. But these days it has slightly adapted to keep up with the evolving digital world. Cyber espionage or also known as cyber spying, is more focused on unauthorized access to certain confidential information. This is usually done to gain strategic, financial, or political advantage. “Digital” is the key concept in these instances. The big culprits in these situations are usually your state-sponsored groups or independent hackers.
A cyber dilemma for the UK
Britain said on Friday it had discovered a sophisticated digital espionage tool and sanctioned more than 20 Russian spies, hackers, and agencies over what it called a “sustained campaign of malicious cyber activity” targeting governments and institutions across Europe. Britain’s National Cyber Security Centre (NCSC) said novel malware used by spies at Russia’s GRU military intelligence agency had been used to harvest login credentials from online Microsoftย MSFT.Oย products.
The NCSC is the UK’s technical authority for cyber threats. It forms part of the GCHQ, or Government Communications Headquarters. Some of its roles include online security improvement, serving as the bridge between the government and the industry, protecting critical services as well as serving as the computer security incident response team.
The foreign ministry said it was sanctioning three units of the GRU and 18 of its officers. These included people it said were involved in targeting strikes against Mariupol during the war in Ukraine and spying on former Russian double agent Sergei Skripal and his daughter Yulia before they were targeted in a Novichok poisoning in Britain in 2018. British authorities have repeatedly accused Moscow of orchestratingย malign activity, ranging from traditional espionage and actions to undermine democracy, to sabotage and assassinations.
Difficult consequences of this matter
Moscow has rejected such accusations, saying they are politically motivated and that it poses no threat to Britain. The Russian embassy in London did not immediately respond to a request for comment. Earlier this month, three men were convicted over an arson attack on a Ukrainian-linked business in London, which police said was carried out at the behest of Russia’s Wagner mercenary group. The European Union and NATO issued statements on Friday condemning what they described as Russia’s destabilizing hybrid activities.
In its latest announcement, Britain said three Russian GRU units – 29155, 26165, and 74455 – had targeted media outlets, telecoms providers, political and democratic institutions, and energy infrastructure in the United Kingdom and across Europe. Among these incidents were an Estonian government hack in 2020, a cyberattack on the German Bundestag in 2015, the hacking in 2016 of the U.S. Democratic National Committee and Democratic Congressional Campaign Committee, and cyberattacks on the Paris Olympics last year, Britain said.
The Russian influence on Africa
The NCSC said a hacking group known as APT 28, part of GRU unit 26165, had developed “sophisticated malware” it dubbed “AUTHENTIC ANTICS,” which tricks users of Microsoft cloud accounts into entering their credentials into a login window controlled by the hackers. Authentic Antics is a very sophisticated malware that has been linked to the Russian military intelligence. Its main aim is to steal Microsoft account credentials as well as OAuth tokens through some deceptive login prompts.
The NCSC did not say who had been targeted by the malware. Representatives for Microsoft did not immediately respond to a request for comment. The British foreign ministry also said Unit 26165 had conducted reconnaissance on the Mariupol Theatre in March 2022 ahead of air strikes that local officials said killed about 300 people. Russia denied deliberately targeting the theatre.
In addition to the GRU-focused sanctions, the ministry said it was sanctioning three leaders of “African Initiative”, which it said was a Russian-funded social media content mill conducting information operations in West Africa. The African Initiative is located at the Federation Tower Wes on the Presnenskaya embankment within Moscow. It refers to itself as a platform aimed at building bridges between Africa and Russia. The organization has quite an active social media presence, most notably on its Telegram channel. During November 2023, a similar type of association, also referred to as the African Initiative, was launched within Burkina Faso.
GCN.com/Reuters