Home » Russian hackers steal and leak hundreds of UK’s top defence passwords on dark we

Russian hackers steal and leak hundreds of UK’s top defence passwords on dark we

Russian hackers steal and leak hundreds of UK’s top defence passwords on dark we

The hackers stolen the informed in a four-year crime spree (Credits: Getty Images)

Russian cybercriminals have stolen hundreds of Ministry of Defence (MoD) emails and passwords and posted them on the dark web.

The MoD has launched an investigation after it emerged that logins belonging to 595 military personnel, MoD civil servants and defence contractors have been taken since 2020.

Many of those affected are based in the UK, but account details of staff located overseas were also compromised, according to the i.

Locations of other exposed staff are believed to include Iraq, Qatar, Cyprus and mainland Europe.

The Ministry of Defence building on Horse Guards Avenue
The Ministry of Defence is investigating the theft and leaks (Credits: John Keeble/Getty Images)

It is believed the information was taken using Russian hacking tools, although there is no evidence the Kremlin directed the hack.

The data includes email addresses and other information need to access the MoD’s Defence Gateway portal.

The secure online platform for all British military personnel does not contain classified information.

Instead, it is integral to staff communication and provides access to human resources and health data, according to the MoD.

Russian President Vladimir Putin
There is no evidence the Vladimir Putin’s Kremlin directed the attacks, although it has been blamed for many hacks (Credits: VYACHESLAV PROKOFIEV / SPUTNIK / KREMLIN POOL)

One intelligence source told the i: ‘This type of activity is often the first stage of a covert recruitment operation by adversaries.

‘Stolen data provides hackers with personal information hostile actors can then use to coerce or blackmail employees.’

Alon Gal, chief technical officer of cybercrime intelligence firm Hudson Rock, said: ‘The theft of such credentials can lead to significant security challenges, including supply chain risks, and the ability of an attacker to laterally move across connected platforms.’

He added: ‘For Ministry of Defence personnel and contractors, this would jeopardise broader operational security and could expose sensitive data.’

The portal gives users access to a selection of Defence web applications and can only be accessed using multi-factor authentication.

Exterior of the Ministry of Defence building in Westminster, London
The hackers have stolen the logins details of almost 600 MoD personnel since 2020 (Credits: Shutterstock / William Barton)

It is believed that the majority of the data was stolen using staff members’ personal devices to access the online platform.

According to the i, cyber security experts believe there is a risk hackers could access other sensitive credentials of MoD staff, including private email accounts, online banking, and social media accounts, which might pose a potential blackmail risk.

The MoD told the newspaper they were investigating the theft, alongside the National Cyber Security Centre (NCSC).

Together, they are working to identify and remediate the loss of credentials as quickly as possible.

There are also a range of measures in place to educate personnel on the risks and need to keep their personal devices updated as well as the importance of broader personal security.

Technical measures are also in place to identify potentially at risk accounts and prevent malicious actors from exploiting them.

A government spokesperson said: ‘We take a robust response to cyber threats which threaten our national interests and work round the clock to address vulnerabilities and protect critical services.

‘It is important for individuals and organisations to remain vigilant against the risks posed by information theft.’

Get in touch with our news team by emailing us at webnews@metro.co.uk.

For more stories like this, check our news page.