LONDON: Britain has identified a sophisticated digital espionage tool and imposed sanctions on over 20 Russian spies, hackers, and agencies for a sustained cyber campaign targeting European governments and institutions.
The National Cyber Security Centre (NCSC) revealed that malware developed by Russia’s GRU military intelligence agency was used to steal login credentials from Microsoft cloud accounts.
The UK foreign ministry sanctioned three GRU units and 18 officers, including individuals linked to attacks on Mariupol during the Ukraine war and the poisoning of former Russian spy Sergei Skripal in 2018.
Foreign Minister David Lammy stated, “GRU spies are running a campaign to destabilise Europe, undermine Ukraine’s sovereignty, and threaten British citizens.”
British authorities have repeatedly accused Moscow of orchestrating cyberattacks, sabotage, and assassinations.
Russia denies the allegations, calling them politically motivated. The Russian embassy in London did not immediately respond to requests for comment.
The NCSC identified GRU units 29155, 26165, and 74455 as responsible for cyberattacks on media, telecoms, political institutions, and energy infrastructure across Europe.
These include the 2015 German Bundestag hack, the 2016 U.S. Democratic National Committee breach, and cyberattacks on the 2024 Paris Olympics.
A hacking group, APT 28 (part of GRU unit 26165), developed malware named “AUTHENTIC ANTICS,“ which tricks Microsoft users into entering credentials on fake login pages.
The NCSC did not disclose specific targets. Microsoft has yet to comment.
The UK also sanctioned leaders of “African Initiative,“ a Russian-funded disinformation operation in West Africa.
Britain has increased military spending to counter cyber threats and nuclear risks from Russia. - Reuters
