News Brief

New Report Identifies Over 200 Individuals Targeted Internationally by Alleged Russian Phishing Campaign

A report from the University of Toronto’s School of International Affairs identifies over 200 people from 39 countries who were targeted by phishing emails and leaks. This disinformation campaign is “a step forward in Russia’s use of hacking as a weapon of political subversion,” said Mark Galeotti, a senior researcher at the Institute of International Relations in Prague.

While there are no definitive links to specific Russian state agencies responsible for the disinformation campaign, there is evidence that the campaign is pro-Russian and targets anyone who discredits President Vladimir Putin and the Kremlin.

The campaign uses “tainted links,” a technique where phishing emails are used to first access a target’s computer and then selectively leak falsified documents and information. The investigation began with Putin critic and American journalist David Satter who was first targeted in 2016, which led to the discovery of more widespread phishing campaign aimed at 218 individuals including government officials, industry heads, military personnel and media organizations and academics from 28 countries. Besides Satter, other prominent victims included U.S. defense officials, members of the Georgian National Safety Council, a CEO of an oil company in the United Kingdom and several Ukrainian military officials and attaches.

Other “tainted leaks” were aimed at discrediting Kremlin opposition for a domestic audience. By hiding falsifications in genuine, stolen documents the campaign’s narrative appears more credible and it may allow Russia to “subtly shape a narrative that an organisation may have difficulty directly confronting,” wrote one of the report’s authors John Scott-Railton.