As per a Google cybersecurity official and the former head of UK foreign intelligence, a new website that released email leaks from so many leading figures of Britain’s exit from the European Union is linked to Russian hackers.
The website, titled “Very English Coop d’Etat,” claims to have published confidential correspondence from former British spymaster Richard Dearlove, foremost Brexit campaigner Gisela Stuart, pro-Brexit historian Robert Tombs, and other Brexit supporters.
According to the website, they are part of a larger group of hardline pro-Brexit figures who are secretly making the decisions in the UK. Reuters was unable to confirm the validity of the emails immediately, but two victims of the leak confirmed on Wednesday that they’d been intending to target by hackers and tried to blame the Russian government.
“I am well aware of a Russian operation against a Proton account which contained emails to and from me,” said Dearlove, making reference to the confidentiality email service ProtonMail.
Dearlove, who led Britain’s foreign spy service, known as MI6, from 1999 to 2004, told Reuters that the leaked content should be approached with caution in light of “the present crisis in relations with Russia.”
In an email, Tombs stated that he and his colleagues were aware of “Russian disinformation based on illegal hacking.” He declined to comment further. Stuart, who led Britain’s Leave campaign in 2016, did not respond to emails.
According to Shane Huntley, director of Google’s Threat Analysis Group, the “English Coop” website was linked to what Alphabet Inc (GOOGL.O)-owned company knew as “Cold River,” a Russia-based hacking group.
Huntley stated that the entire operation had “clear technical links” from Cold River’s hacking attempts to publicizing the leaks.
The Russian embassies in London and Washington did not respond to requests for comment. The Foreign Office in the United Kingdom, which handles media inquiries for MI6, declined to comment. Other Brexit supporters whose emails were suspected of being circulated on the website did not respond to emails either.
It is unknown how the emails were obtained, and the website hosting them made no attempt to explain who was behind the leak. The majority of the leaked messages appear to have been exchanged via ProtonMail. ProtonMail refused to comment.
Although Reuters was unable to independently confirm Google’s assessment of a Russian link to the website, Thomas Rid, a cybersecurity expert at Johns Hopkins University, said the site was similar to previous hack-and-leak operations attributed to Russian hackers.