Russian hackers tried to disrupt UK general election, security sources say

GCHQ uncovered the first known plot to target the British political system

Caroline Mortimer
Sunday 25 September 2016 18:42 BST
Whitehall was one of the targets of the foiled Fancy Bears attack
Whitehall was one of the targets of the foiled Fancy Bears attack (nataliej/Flickr)

Russian hackers reportedly tried to disrupt last year’s general election, in what is thought to be the first known cyberattack on the British political system.

The group known as Fancy Bears planned to target every Whitehall server, including the Home Office, Foreign Office and Ministry of Defence, and every major TV broadcaster, including the BBC, Channel 4 and Sky, but was thwarted by GCHQ.

The agency, which is responsible for all the security services’ communications surveillance, managed to discover the plot in time after analysing a successful attack on French broadcaster TV5Monde in April last year.

Posing as Isis supporters, the group forced the channel’s scheduled programme off the air for 18 hours and replaced them with a screen showing the terror group’s flag.

GCHQ had initially feared Isis’ hacking abilities had reach a new level of sophistication but the attack was eventually linked back to Moscow.

David Anderson QC, the independent reviewer of terrorism legislation, told The Sunday Times that the incident was a “possible imminent threat” to the UK and said GCHQ “deployed a capability to protect government networks from this cyber-attacker”.

Analysts were reported to have worried that an attack would “embarrass” the government and took defensive measures to shore up Whitehall’s cyber security as well as warning TV networks about the plot.

A security source told The Sunday Times: “We found signs of this particular group and activity — they were looking at government department networks in the UK.

“We had information, and it could have been activated, which is why it was an imminent threat. They certainly could have defaced a website for propaganda reasons and they could have possibly taken it down.”

The hackers, who are believed to have links to the Russian state, are also believed to have been responsible for the leak of medical data about top British athletes such as Sir Bradley Wiggins and Mo Farah.

This is the first time a Russian-based hacking group is known to have targeted British politics but there have been repeated attempts to undermine the US presidential election.

Last week DC Leaks, another Russian hacking group with alleged ties to the state, is said to have leaked Michelle Obama’s passport information.

The hack of DNC emails by a hacker known as Guccifer 2.0 in July led to the resignation of its chair Debbie Wasserman Schultz.

Emails, published on Wikileaks, dated from January 2015 to May 2016 between seven key DNC staffers appeared to suggest they were trying to undermine the campaign of Bernie Sanders.

Both the Russian government and Wikileaks founder Julian Assange have denied that the information came from Russian hackers.

Republican nominee Donald Trump attracted heavy criticism in the days that followed when he appeared to call for the hackers to break into Hillary Clinton’s email server.

GCHQ foiled the plot after studying the details of an attack on a French broadcaster (Ministry of Defence - Wikimedia Commons)
GCHQ foiled the plot after studying the details of an attack on a French broadcaster (Ministry of Defence - Wikimedia Commons) ((Ministry of Defence - Wikimedia Commons))

He said: “Russia, if you’re listening, I hope you're able to find the 30,000 emails that are missing.

“I think you’ll be rewarded mightily by our press.”

When asked if he was concerned about encouraging a foreign power to spy on a political party he said it “gave him no pause” and he would “love to see” Russia or China getting involved.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in