U.K. Government Targeted by 'Highly Motivated' Hackers

A "highly motivated and well-resourced" group of hackers with ties to Russia, Ukraine and China targeted the U.K. Foreign Office in 2016.

Cybersecurity firm F-Secure said in a report published Thursday that the infrastructure of the hacking group—which it named the Callisto Group—revealed links with entities in Russia, Ukraine and China, though no definitive conclusions have been made.

"They act like nation-state attackers, but there's also evidence linking them with infrastructure used by criminals," Sean Sullivan, F-Secure's security adviser, said in an emailed comment to Newsweek.

"So they could be an independent group that's been contracted by a government to do this work, or possibly doing it on their own with the intent of selling the information to a government or intelligence agency… we can't say one way or the other based on the current evidence."

U.K. government employees appeared to have been targeted by the hackers over a period of several months, the BBC reports. The group used a method called spear-phishing that tricks recipients of emails to reveal usernames and passwords or to click on malicious links.

The U.K. National Cyber Security Centre (NCSC) has not revealed whether any data was stolen or who was behind the attack. "The first duty of government is to safeguard the nation and as the technical authority on cyber security, the NCSC is delivering ground breaking innovations to make the U.K. the toughest online target in the world," the organization said in a statement.

"The government's Active Cyber Defence program is developing services to block, prevent and neutralise attacks before they reach inboxes."

The Callisto Group, which is still active, is focussed on "intelligence gathering related to foreign and security policy," according to F-Secure's report. In 2015 and 2016, it reportedly targeted military personnel, officials and journalists in Eastern Europe and the South Caucasus region.

Erka Koivunen, chief information security officer at F-Secure, says the group's use of hacking tools designed for law enforcement is a reminder of the dangers of surveillance technologies.

"The adoption of government-grade spyware by attackers shouldn't surprise anyone," Koivunen says. "Surveillance tools are by their very nature designed to invade people's privacy. In well-functioning democracies these invasions are mandated by laws, and citizens rely on authorities to use them responsibly with proper checks and balances in place.

"But data breaches and subsequent leaks of professional-grade surveillance tools give these invasive capabilities to a range of different threats," Koivunen adds. "This should remind governments that we don't have monopolies on these technologies, and that mercenaries, hostile nation-states, and other threats won't hesitate to use these surveillance powers against us."