Britain sounds alarm on Russia-based hacking group | Inquirer Technology

Britain sounds alarm on Russia-based hacking group

/ 08:32 AM January 26, 2023
A Russia-based hacking group named Cold River is behind an expansive and ongoing information-gathering campaign

FILE PHOTO: A man types on a computer keyboard in this illustration picture taken February 28, 2013. REUTERS/Kacper Pempel/File Photo

 Russia-based hacking group named Cold River is behind an expansive and ongoing information-gathering campaign that has struck various targets in government, politics, academia, defense, journalism, and activism, Britain said Thursday.

In an advisory, the National Cyber Security Centre (NCSC), part of Britain’s GCHQ eavesdropping intelligence agency, said Cold River researches its targets and impersonates people around them using faked email addresses and social media profiles.

ADVERTISEMENT

“There is often some correspondence between attacker and target, sometimes over an extended period, as the attacker builds rapport,” the advisory said.

READ: Ukraine blames Russia for most of over 2,000 cyberattacks in 2022

FEATURED STORIES

Russia’s embassies in London and Washington did not immediately respond to emailed requests for comment about the NCSC’s comments. The advisory did not directly attribute the digital attacks to the Russian government.

Once a rapport has been built with a target, Cold River hackers encourage the target to click on a malicious link that tricks them into entering their login credentials on a website controlled by the group, the advisory said.

The hackers use those stolen credentials to log into the target’s email accounts, “from where they are known to access and steal emails and attachments from the victim’s inbox,” it added.

READ: PH firms succumbing to hackers’ new modus

Reuters reported that Cold River, also known as “Callisto” and “Seaborgium,” targeted three nuclear research laboratories in the United States last summer and published private emails from former British spymaster Richard Dearlove in May.

Russia’s Foreign Ministry criticized the nuclear labs story, calling it anti-Russian propaganda.

A second, Iran-based, group known as Charming Kitten has deployed the same “spear-phishing” techniques to gather information, according to the NCSC. Iran’s mission to the United Nations in New York said the Iranian government had no knowledge of the group.

ADVERTISEMENT

Since Russia’s invasion of Ukraine, Cold River has escalated its hacking campaign against Kyiv’s allies, cybersecurity researchers and western government officials told Reuters.

Western officials say the Russian government is a global leader in hacking and uses cyber-espionage against foreign governments and industries to seek a competitive advantage.

Moscow, however, has consistently denied that it carries out hacking operations.

REALTED STORIES

Russian hackers used US online infrastructure against itself

Russian hackers targeting U.S. campaigns, Microsoft says

Microsoft says Ukraine, Poland targetted with novel ransomware attack

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

TOPICS: hacking, Russia
Read Next
Don't miss out on the latest news and information.

Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.

For feedback, complaints, or inquiries, contact us.
Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our technology news

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.



© Copyright 1997-2023 INQUIRER.net | All Rights Reserved

We use cookies to ensure you get the best experience on our website. By continuing, you are agreeing to our use of cookies. To find out more, please click this link.