The UK government has accused Russian intelligence services of a large-scale hacking operation with the aim of undermining the British political system.
This wave of attacks is thought to have started in 2015 with targeted attacks on politicians, including attempts to convince them to reveal confidential information by posing as a trusted party.
Read more: Everything we know about Russian attacks on UK
Known victims of the attacks include the Institute for Statecraft think tank, which worked to counter Russian disinformation, and its founder Christopher Donnelly.
Hundreds of other politicians, journalists, civil servants and members of NGOs are also thought to have been targeted.
Officials in the UK and US have not seen evidence of the intent behind the hackers gathering information from British public and political figures, but there are concerns the mass of information gathered could be used in an attempt to sway next year’s general election.
A vast amount of data has been gathered by individuals operating on behalf of the Russian intelligence service, according to a Western official who spoke to Sky News.
Who is behind the attacks?
Russia’s FSB Centre 18 has been named by the UK as the source of the attacks.
In intelligence circles, it also goes by the names Iron Frontier and Star Blizzard.
The UK has named two specific members: Ruslan Aleksandrovich Peretyatko and Andrey Stanislavovich Korinets.
The FSB, or Federal Security Service, is Moscow’s spy agency.
A previous report for the US Congress on Russian cyber units identified Centre 18 as one of two primary hubs overseeing the FSB’s security and cyber operations, along with Centre 16.
Read more here.
‘Possibility’ of election disruption
“We are coming into an election year,” the official said.
“We want to get this [hack and leak threat] more into the bloodstream – so people are more aware.”
Asked whether the hackers had information they could leak to try to disrupt the election next year, the official said: “There is no evidence of that intent. There is that possibility. They have collected a lot of information.”
The information accessed is not limited to emails – it also includes private files and confidential details of contacts.
Only a small proportion of the significant array of personal data is thought to have been leaked, leaving a significant amount of personal information about public figures at the hackers’ disposal to divulge at a later date.
The concern is this date could coincide with the UK’s general election next year.
Increasingly sophisticated attacks
Government officials are right to spread the message about the threat from cybersecurity that arises from advances in technology that make phishing attacks ever more believable.
This message must be accompanied by efforts to improve literacy about what these attacks look like, but here arises another problem.
Cyberattacks are becoming so sophisticated, targeted and frequent that individuals cannot always be expected to be able to tell the difference between what is real and what is a scam.
So any efforts to improve literacy must also acknowledge that individuals cannot be fully responsible for recognising them and intervention is needed from policymakers to identify and avert these attacks.