Huntley, who directs Google's Threat Analysis Group, told Reuters that the "Engl...
According to a Google cybersecurity officer and the former chief of UK foreign intelligence, a new website that released hacked emails from numerous key proponents of Britain's secession from the European Union is linked to Russian hackers.
The website, branded "Very English Coop d'Etat," claims to have exposed private emails from former British spymaster Richard Dearlove, major Brexit advocate Gisela Stuart, pro-Brexit historian Robert Tombs, and other Brexit supporters.
According to the website, they are part of a gang of hardcore pro-Brexit politicians who are covertly directing the shots in the UK.
While the authenticity of the leaked emails could not be immediately established, two leak victims revealed on Wednesday that they had been targeted by hackers and accused the Russian government.
"I am completely aware of a Russian operation targeting a Proton account containing communications to and from me," Dearlove added, referring to the privacy-focused email provider ProtonMail.
Dearlove, who oversaw Britain's foreign intelligence organization, known as MI6, from 1999 to 2004, told Reuters that the stolen data should be regarded with caution in light of "the current crisis in ties with Russia."
In an email, Tombs stated that he and his colleagues were aware of "Russian misinformation based on unlawful hacking." He declined to comment further. Stuart, who led Britain's Leave campaign in 2016, did not respond to emails.
According to Shane Huntley, director of Google's Threat Analysis Gang, the "English Coop" website was linked to what Alphabet Inc (GOOGL.O)-owned business recognized as "Cold River," a Russia-based hacking group.
"We can see that through technical indications," Huntley explained.
Huntley stated that the entire operation had "obvious technological ties" from Cold River's hacking attempts to publishing the disclosures.
The Russian embassies in London and Washington did not respond to requests for comment.
The Foreign Office in the United Kingdom, which handles media inquiries for MI6, declined to comment. Other Brexit supporters whose emails were suspected of being distributed on the website did not respond to emails sent to them.
'APPEARS TO BE VERY FAMILIAR'
It's unclear how the emails were obtained, and the website that hosted them made no attempt to explain who was behind the leak. The majority of the disclosed texts appear to have been transmitted using ProtonMail. ProtonMail has refused to comment.
Although Reuters could not independently confirm Google's judgment of a Russian link to the website, Thomas Rid, a cybersecurity specialist at Johns Hopkins University, said the site was similar to previous hack-and-leak operations ascribed to Russian hackers.
"What strikes me is how similar the M.O. is to Guccifer 2 and DCLeaks," he added, referring to two sites that released stolen emails from Democrats in the run-up to the 2016 U.S. presidential election.
"In some aspects, it seems extremely familiar, particularly the sloppiness," he remarked.
If the leaked texts are genuine, it will be the second time in three years that suspected Kremlin agents have obtained and released private emails from a top British national security officer.
According to Reuters, sensitive US-UK trade documents were published ahead of the UK election in 2019 after being taken from the email account of former trade minister Liam Fox. The specifics of the operation were never verified by UK officials, but then-British Foreign Minister Dominic Raab said the hack-and-leak was an attempt by the Kremlin to meddle in Britain's election, an accusation Moscow disputed.
The "English Coop" website makes a number of claims, including that Dearlove was at the center of a plot by Brexit hardliners to depose former British Prime Minister Theresa May, who had negotiated a withdrawal agreement with the European Union in early 2019, and replace her with Johnson, who took a more hardline stance.
According to Dearlove, the emails documented a "legitimate lobbying activity that, when viewed through an adversarial lens, is now vulnerable to distortion." He declined to comment further.
Johnson, who took office in May of this year, has taken a firm line on Russia's invasion of Ukraine, pledging hundreds of millions of dollars in military weapons to the Ukrainian government. Johnson was in Kiev in April for a televised walkabout with Ukrainian President Volodymyr Zelensky. more info
Johnson was formally barred from entering Russia on April 16. The "Coop" website was registered three days later, according to Internet domain data. Its URL includes the phrase "sneaky strawhead," a dig at Johnson's messy haircut.
While media should not be afraid to cover authenticated data uncovered by the leak, Rid cautioned them to tread cautiously.
"If the leak contains noteworthy detail, it is likewise important to note that the material originates from a hostile intelligence organization, especially in wartime," Rid added.