Google says Russian hackers leaked Brexit emails

News
By published

Evidence, including sloppiness, points towards a Russian group

Brexit
(Image credit: Shutterstock / Ivan Marc)

A number of Brexit-related emails that were recently leaked online came from the hands of Russian hackers, Google’s cybersecurity experts have said.

The team detected a new website, entitled “Very English Coop d’Etat”, which reportedly leaked multiple emails from a couple of high-ranking government officials, involved one way or another, in the UK’s split from the European Union: including former MI6 chief Sir Richard Dearlove, Gisela Stuart, lead Non-executive Board Member for the Cabinet Office, historian Robert Tombs, and others. 

The site does not detail if any malware was used in the attack, or even who was behind the campaign.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022end of this survey

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

War with Ukraine

Analyzing the website, the director of Google’s Threat Analysis Group (TAG), Shane Huntley, told Reuters that all evidence points towards a Russia-based hacking group known as “Cold River”.

"We're able to see that through technical indicators," Huntley noted.

Reuters, which broke the story, said it could not confirm the authenticity of the emails, but some of the people involved did hint that it might be true. Dearlove, for example, told Reuters he was “aware of a Russian operation against a Proton account which contained emails” to and from him, but also added that the leaked contents should be taken with a whole bag of salt due to “the context of the present crisis in relations with Russia”.

After all, the UK has openly sided with Ukraine in the ongoing conflict, providing the country with arms and other means of support. Furthermore, Prime Minister Boris Johnson was banned from Russia in mid-April over his support for Ukraine. 

Tombs also said he was aware of “Russian disinformation based on illegal hacking” and provided no further comment. Others remained silent. 

Read more

> Our contradictory relationship to data privacy

> Microsoft reveals immense scale of Russian cyber onslaught against Ukraine

> EU set to allow data to flow freely into the UK in aftermath of Brexit

The only thing that has proven trickier than confirming the authenticity of the emails, is proving who is behind the attack on these endpoints. Thomas Rid, a cybersecurity expert at Johns Hopkins University, told Reuters the modus operandi in this attack is quite similar to some of the previous ones conducted by Russian attackers.

"What jumps out at me is how similar the M.O. is to Guccifer 2 and DCLeaks," he said. The leaks he mentioned happened just before the U.S. presidential elections in 2016.

"It looks very familiar in some ways, including the sloppiness," he said.

Via: Reuters

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Russia
Major Russian hacking group shifts focus to US and UK targets
A smartphone on a sofa showing the WhatsApp, Telegram and Signal apps
Russian criminal gang Star Blizzard found hitting WhatsApp accounts
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Flags of Iran, China, Russia and North Korea on a wall. China North Korea Iran Russia alliance
Cybercrime is helping fund rogue nations across the world - and it's only going to get worse, Google warns
Shutterstock.com / kanlaya wanon
Microsoft Teams abused in Russian email bombing ransomware campaign
QR Code
Hackers are targeting Signal with new QR code-linked cyberattack
Latest in Security
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Latest in News
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Hatch Restore 3 in Putty
You can finally start your day with The Office theme song, and I couldn't be more excited
Cassian Andor looking nervously over his shoulder in Andor season 2
New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
More about security
An abstract image of digital security.

Fake file converters are stealing info, pushing ransomware, FBI warns
Microsoft

"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
The iPhone 16 Pro Max and Samsung Galaxy S25 Ultra

5 things I want from the iPhone 17 – or I’m out and back to Android
See more latest
Most Popular
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
SDUNITED AX835-025FF mini PC
This mini PC with the incredible Strix Halo APU is yet another sign AMD may have given up on big brands for bleeding edge tech
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Hatch Restore 3 in Putty
You can finally start your day with The Office theme song, and I couldn't be more excited
Dell Pro Max with GB300
HP and Dell's latest Nvidia powered PCs are likely to be some of the most expensive workstations ever launched
Shape of Russia filled with Russian flag-colored internet codes on a black hacking background
A new wave of blocks in Russia targets VPN apps and Cloudflare subnets
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Ncuti Gatwa as The Fifteenth Doctor in Doctor Who
Disney+ drops new trailer for Doctor Who season 2 that promises an epic adventure across time and space