The Russia connectionRussian Hackers Source of Labour Party’s “NHS for Sale” Document
In a press conference last week, Jeremy Corbin, the leader of the Labour Party, showed the attendees a hefty document – 451 pages! — which, he claimed, was a classified government document detailing secret U.K-U.S. negotiations between the Conservative Party-led government and the United States to sell parts of the U.K. National Health Service (NHS) to American investors. Experts say Russian government hackers stole the document and handed it to Labour in order to discredit the government and deepen polarization ahead of the 12 December parliamentary election.
In a press conference last week, Jeremy Corbin, the leader of the Labour Party, showed the attendees a hefty document – 451 pages! — which, he claimed, was a classified government document detailing secret U.K-U.S. negotiations between the Conservative Party-led government and the United States to sell parts of the U.K. National Health Service (NHS) to American investors.
The government’s goal, Corbyn argued, was to facilitate the access of U.S. pharmaceutical companies into the NHS as an inducement for Congress to approve a generous post-Brexit U.S.-U.K. trade deal.
The NHS is the “third rail” of British politics, similar in its political status to Social Security in the United States: Politicians of all ideological stripes approach the NHS, and any discussion of reforming it, with extreme caution.
Experts now say that the classified document was stolen by Russian government hackers and given to Labour Party officials — more precisely: it was placed on chat board, and the link was emailed to Labour Party officials — in order to polarize the British electorate even more, and deepen acrimony and bitterness. Few issues, if any, could rattle British voters more than the idea of putting the NHS “up for sale.”
The Kremlin has conducted interference campaigns in more than two dozen Western democracies using the hacking and dissemination of information, and a barrage of social media posts by fake accounts generated by propaganda experts at the St. Petersburg-based Internet Research Agency (IRA).
Researchers at the social media analysis firm Graphika, which has analyzed the document leak together with the Washington, D.C.-based Atlantic Council thinktank, issued a report on Monday saying that the manner and timing of the leak bear the hallmark of a Russian disinformation campaign.
The Timesreports that the leak comes as the government’s refusal to publish a report by a bipartisan group on the intelligence and security committee about possible attempts by Russia to influence the Brexit referendum.
The refusal of the government to release the report, even in a redacted form, has only fueled concerns about the security of the U.K. 12 December parliamentary election.
Graphika’s experts say that the dissemination of the documents closely resembled the tactics used by Secondary Infektion, a Russian disinformation campaign exposed in June this year. Graphika notes that they could not say for certain that Secondary Infektion was involved in the dissemination of the document.
The Graphika report says, though, that the leaks were amplified on the exact same set of websites and chatrooms used by the Russian operation, via similar types of one-off “burner” accounts.
Moreover, these accounts made similar language errors common among non-native language speakers (Russian, for example, does not have definite and indefinite articles).
“It’s either the Russian operation all over again, or someone else trying hard to look like it,” Ben Nimmo, Graphika’s head of investigations, said.
“What we are saying is that the initial efforts to amplify the NHS leak closely resemble techniques used by Secondary Infektion in the past, a known Russian operation. But we do not have all the data that allows us to make a final determination in this case.”
Researchers at the Atlantic Council first identified Secondary Infektion in June. The researchers found that the operation used fake accounts, forged documents, and “dozens of online platforms” to spread stories which attacked Western interests and aimed to undermine Western unity. The Atlantic Council researchers concluded that the campaign was conducted by a “persistent, sophisticated, and well-resourced actor, possibly an intelligence operation” which maintained fake accounts on platforms such as Medium and Reddit.
Graham Brookie, head of the Atlantic Council’s Digital Forensic Research Lab, said that while Graphika could not be 100 percent confident that the U.K. documents had been spread by Secondary Infektion, it bore the hallmarks of a foreign disinformation campaign. “What we can say with a high degree of confidence is that the level of sophistication and effort shows an intent to obfuscate,” Brookie told the Financial Times. “So someone really tried to hide [the origins] of this.” Brookie added that U.K. politicians should recognize they had an “extra duty of care to verify the source of leaked material” before disseminating it, although he admitted they “lack the incentive to do just that.”
