[TheRecord] EU formally blames Russia for GhostWriter influence operation

European Union officials have formally accused the Russian government and its state hackers of meddling inside the elections and political systems of several EU states.

In a statement published on Friday, the EU said that the Russian government is behind a hack-and-leak operation known as Ghostwriter.

Active since 2017, the campaign consists of Russian hackers breaking into news websites or social media accounts of government officials in order to publish forged documents, fake news, and misleading opinions meant to sway elections, disrupt local political ecosystems, and create distrust of US and NATO forces.

First documented by security firm FireEye last year [PDF], the campaign has primarily targeted officials and news sites inside Latvia, Lithuania, and Poland, in a campaign that has also continued throughout 2021 as well [PDF].

Among the group’s most infamous attack last year was an attempt to distribute a forged letter from the NATO Secretary General to Lithuania’s Defense Ministry purporting to announce the withdrawal of NATO troops from the country.

In addition, the group also hacked into the social media accounts of Polish officials to smear and attack social activists and rival politicians.

GhostWriter attacks expanded to Germany over the summer

GhostWriter attacks also expanded their scope this summer, when the group also began targeting Germany, with hackers beaching accounts for seven Bundestag members and 31 state parliamentarians in order to sway opinions ahead of the upcoming elections.

FireEye initially attributed the GhostWriter attacks to a group it codenamed UNC1151, describing its campaigns as “aligned with Russian security interests.”

But after Germany formally blamed the Russian government earlier this month, the European Council also published a formal statement today calling out Moscow officials.

These activities are contrary to the norms of responsible State behaviour in cyberspace as endorsed by all UN Member States, and attempt to undermine our democratic institutions and processes, including by enabling disinformation and information manipulation.

The European Union and its Member States strongly denounce these malicious cyber activities, which all involved must put to an end immediately. We urge the Russian Federation to adhere to the norms of responsible state behaviour in cyberspace.

The European Union will revert to this issue in upcoming meetings and consider taking further steps.

The Russian Ministry of Foreign Affairs, which has historically responded to hacking accusations from the US and EU states with flat-out denials, has not yet responded to the EU’s latest statement.

The post EU formally blames Russia for GhostWriter influence operation appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[HackerNews] New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access

All posts, HackerNews

Forget watercooler conspiracies or boardroom battles. There’s a new war in the office. As companies nudge their staff to return to communal workspaces, many workers don’t actually want to – more than 50 percent of employees would rather quit, according to research by EY.  While HR teams worry over the hearts and minds of staff, IT […]

Read More

[ZDNet] Cloud security in 2021: A business guide to essential tools and best practices

All posts, ZDNet

Cloud applications have proved useful to enabling remote work. But cloud computing brings its own security risks. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] SonicWall Patches Critical Vulnerability in SMA Appliances

All posts, Security Week

SonicWall has published a security advisory and a security notice to inform customers about a critical vulnerability affecting some of its Secure Mobile Access (SMA) appliances. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.