Russian HackingEU: Russia Involved in “Ghostwriter” Cyberattacks

Published 24 September 2021

The European Union has warned the Kremlin that it could “consider taking further steps” over Moscow’s complicity in recent cyberattacks targeting the bloc’s members.

The European Union on Friday threatened to take action against Russia over alleged complicity in a cyberattack campaign known as “Ghostwriter” against a number of member states. 

The 27-member bloc called on Moscow to “adhere to the norms of responsible state behavior in cyberspace,” warning it would discuss the matter at upcoming meetings and “consider taking further steps.” 

EU Slams “Malicious” Attacks
The EU said some member states reported the Ghostwriter cyberactivities “and associated these with the Russian state.”

The “malicious” cyberattacks targeted several parliaments, officials, politicians, journalists and civil society, EU foreign policy chief Josep Borrell said in a statement on behalf of the bloc.

The attacks were carried out by “accessing computer systems and personal accounts and stealing data,” the bloc said. 

The EU “strongly denounced” and the attacks and described them as a threat to security, democratic values and the “core functioning” of societies.

Germany Probes Russia’s Involvement
Germany has accused Russia of carrying out cyberattacks targeting German lawmakers, and slammed attempts to influence the upcoming German election. 

Earlier this month, German prosecutors opened an investigation into suspected “foreign intelligence activity.”

The German government said it had “reliable information” that recent cyberattacks could be attributed to actors in Russia, “specifically to the Russian military intelligence service GRU.”

Foreign Ministry spokeswoman Andrea Sasse said recently that Ghostwriter had been “combining conventional cyberattacks with disinformation and influence operations.”

According to Sasse, cyberactivities targeting Germany had been observed “for some time.”

What is Ghostwriter?
According to a 2020 report by US-based cyber intelligence firm Mandiant, the Ghostwriter campaign has been ongoing since 2017. 

Mandiant’s report said the campaign messages were “aligned with Russian security interests.” 

Ghostwriter appeared to have used fake email accounts and websites to spread false information. They allegedly fabricated news articles and designed documents to appear as though public officials published them, the report said. 

This article is published courtesy of Deutsche Welle (DW).