EU officially links Russia to Ghostwriter hacking operation

The European Union has linked Russia to Ghostwriter, a hacking operation that has targeted several high-profile EU officials, journalists and members of the general public.

In a press release, European Council officials remarked, “These malicious cyber activities are targeting numerous members of Parliaments, government officials, politicians, and members of the press and civil society in the EU by accessing computer systems and personal accounts and stealing data.

“Such activities are unacceptable as they seek to threaten our integrity and security, democratic values and principles and the core functioning of our democracies.”

According to Bleeping Computer, the attacks are seen as clear attempts to undermine the EU’s democratic institutions and processes – including, but not limited to, enabling disinformation and information manipulation.

The Ghostwriter campaign was also connected by Germany to GRU military intelligence service earlier this month – with German Foreign Ministry spokeswoman Andrea Sasse stating that the Bundestag had been targeted at least three times in 2021.

Sasse said, “The German government has reliable information on the basis of which Ghostwriter activities can be attributed to cyber actors of the Russian state and, specifically, Russia’s GRU military intelligence service.”

The European Council added, “The European Union and its member states strongly denounce these malicious cyber activities, which all involved must put to an end immediately. We urge the Russian Federation to adhere to the norms of responsible state behaviour in cyberspace.

“The European Union will revert to this issue in upcoming meetings and consider taking further steps.”

According to a 2020 report by cybersecurity firm FireEye, Ghostwriter has been coordinating information operations from March 2017, ‘pushing various narratives aligned with Russian security interests’. These have continued throughout this year, with the company detecting a further twenty incidents believed to be part of Ghostwriter activity.

Copyright © 2021 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst


The following investor(s) were tagged in this article.