A former top security adviser to Boris Johnson has revealed that Britain has launched recently a series of covert cyber-based attacks on Russian leaders and their interests to “impose a price greater than one they might have expected” for their cyber-offensive against the West.
Other allied powers, including the U.S., are doing so, too, say Western intelligence officials in what is becoming a “like-for-like” cyber-conflict with the Kremlin in the so-called the “gray space,” the gap between normal state relations and armed conflict.
“The fact you don’t see that we use it doesn’t mean we don’t, because we wouldn’t necessarily talk about those things,” said Mark Sedwill, until recently Britain’s top civil servant and national security adviser to Britain’s Boris Johnson. But in an interview with The Times newspaper, Sedwill underscored that Britain is using its cyber-offense capabilities to retaliate for Russian cyberattacks, information warfare and disruption campaigns.
“We seek to impose a price, usually a price greater than one they might have expected when we believe it is right and necessary,” he said. “We can’t leave the initiative to our adversaries,” he added.
Britain has had an offensive cyber capability for more than decade and used it against the Islamic State, including targeting the terror group’s low-tech drones in the Iraqi town of Mosul in 2018. But officials rarely discuss how they defend against or carry out hacking attacks — nor have they spelled out what they consider legitimate targets outside a full-scale declared war.
Last month, Gen. Patrick Sanders, who heads Britain strategic command, raised the veil a little, telling reporters that in theory Britain has the ability to “degrade, disrupt and even destroy critical capabilities and infrastructure of those who would do us harm, ranging from strategic to tactical targets.” The British military partners with GCHQ, Britain’s electronic intelligence agency.
Sanders said: “The binary distinction between war and peace as we have approached it no longer applies.”
From the first time, Sedwill said Britain had used its cyber-offensive capabilities to retaliate for the 2018 novichok attack on Sergei Skripal, the former Russian double agent in the English city of Salisbury.
“After the Salisbury attack, first use of chemical weapons against a country in Europe in a century, we retaliated in visible ways. We expelled the entire Russian intelligence network in the UK,” he said. “But we also took a series of other discreet measures including tackling some of the illicit money flows out of Russia, and covert measures as well, which obviously I can’t talk about,” he added.
Sedwill’s comments suggest Western powers are increasingly taking the gloves off in an intensifying “gray war” with Russia, as well as with Iran, China, and North Korea. “It is important that we are capable of maneuvering in the grey space, in that zone, and doing so effectively. We can’t leave the initiative to our adversaries,” he said.
Last week, U.S. federal prosecutors unveiled indictments of six Russian military intelligence operatives for a series of cyber-attacks in an offensive spree aimed at undermining Western democracies by sowing confusion in everything from the 2016 U.S. presidential election to the South Korean Olympics in 2018. The indictments were the result of prolonged investigations by FBI analysts in cooperation with Google, Cisco, Facebook and Twitter as well with allied Western intelligence agencies, including Britain’s.
The Russian cyber operations included launching attacks on the Ukrainian power system, impacting hundreds of thousands of Ukrainians in the middle of winter, Emmanuel Macron’s presidential bid in France in 2017, and the British investigation into the 2018 Russian nerve agent attack in Salisbury, say U.S. prosecutors and British intelligence officials. They say Russian operatives working for the country’s GRU military intelligence service sought to cast suspicion on other countries for carrying out the attacks.
U.S. prosecutors say when it came to the South Korea Olympics the Russian hackers studied the tactics and techniques of their North Korean counterparts, so they could copy them and throw suspicion on Pyongyang.
Maria Zakharova, a spokeswoman for the Russian Ministry of Foreign Affairs, last week dismissed allegations about Russian hacking operations, telling a news briefing that the accusations were the product of someone with a “rich imagination.” “It’s some kind of a diabolical perfume cocktail [of allegations],” Zakharova told reporters.
Thomas Rid, an American academic and author of the recently published book "Active Measure" said the level of detail in the indictment probably reflected the degree to which the GRU hacking operations had been infiltrated. “The Five Eyes intelligence communities, I would suspect, must have stunning visibility into Russian military intelligence operations if today’s disclosures are considered dispensable,” he tweeted after the indictments were made public.