[TheRecord] EU formally blames Russia for GhostWriter influence operation

European Union officials have formally accused the Russian government and its state hackers of meddling inside the elections and political systems of several EU states.

In a statement published on Friday, the EU said that the Russian government is behind a hack-and-leak operation known as Ghostwriter.

Active since 2017, the campaign consists of Russian hackers breaking into news websites or social media accounts of government officials in order to publish forged documents, fake news, and misleading opinions meant to sway elections, disrupt local political ecosystems, and create distrust of US and NATO forces.

First documented by security firm FireEye last year [PDF], the campaign has primarily targeted officials and news sites inside Latvia, Lithuania, and Poland, in a campaign that has also continued throughout 2021 as well [PDF].

Among the group’s most infamous attack last year was an attempt to distribute a forged letter from the NATO Secretary General to Lithuania’s Defense Ministry purporting to announce the withdrawal of NATO troops from the country.

In addition, the group also hacked into the social media accounts of Polish officials to smear and attack social activists and rival politicians.

GhostWriter attacks expanded to Germany over the summer

GhostWriter attacks also expanded their scope this summer, when the group also began targeting Germany, with hackers beaching accounts for seven Bundestag members and 31 state parliamentarians in order to sway opinions ahead of the upcoming elections.

FireEye initially attributed the GhostWriter attacks to a group it codenamed UNC1151, describing its campaigns as “aligned with Russian security interests.”

But after Germany formally blamed the Russian government earlier this month, the European Council also published a formal statement today calling out Moscow officials.

These activities are contrary to the norms of responsible State behaviour in cyberspace as endorsed by all UN Member States, and attempt to undermine our democratic institutions and processes, including by enabling disinformation and information manipulation.

The European Union and its Member States strongly denounce these malicious cyber activities, which all involved must put to an end immediately. We urge the Russian Federation to adhere to the norms of responsible state behaviour in cyberspace.

The European Union will revert to this issue in upcoming meetings and consider taking further steps.

The Russian Ministry of Foreign Affairs, which has historically responded to hacking accusations from the US and EU states with flat-out denials, has not yet responded to the EU’s latest statement.

The post EU formally blames Russia for GhostWriter influence operation appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ThreatPost] Telegram Abused to Steal Crypto-Wallet Credentials

All posts, ThreatPost

Attackers use the Telegram handle “Smokes Night” to spread the malicious Echelon infostealer, which steals credentials for cryptocurrency and other user accounts, researchers said. Source: Read More (Threatpost)

Read More

[TheRecord] Cyberattacks increasing on managed service providers, US and allies warn

Cybersecurity agencies from the Five Eyes intelligence alliance warned of increased cyberattacks targeting managed service providers (MSP) on Wednesday morning.  The agencies from the U.S., U.K., Australia, Canada and New Zealand said to “expect state-sponsored advanced persistent threat (APT) groups and other malicious cyber actors to increase their targeting of MSPs against both provider and […]

Read More

[BleepingComputer] Google Chrome now 23% faster after JavaScript engine improvements

Google says the latest Google Chrome release comes with a significant performance boost due to newly added improvements to the open-source V8 JavaScript and WebAssembly engine. […] Source: Read More (BleepingComputer)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.