Hackers behind Gloucester City Council cyberattack ‘highly likely’ linked to Russian intelligence services, GCHQ claims
The City Council suffered a cyberttack in December 2021, by the hacker group Conti, which has since been disbanded.
GCHQ, the UK’s intelligence, security and cyber agency, says it is highly likely that the hackers behind the cyber attack on Gloucester City Council had links to Putin’s intelligence services. The council was attacked in December 2021 by the hacker group Conti, which has since been disbanded. Gloucester City Council had to rebuild all of its computer servers after a ransomware cyberattack severely disrupted its ability to deliver services.
GCHQ’s National Cyber Security Centre (NCSC) assessed that the Conti group was almost certainly motivated by financial gain, choosing their targets based on the value they thought they might be able to extort. It is highly likely that key members of the group had links to the Russian intelligence services.
The Group’s decision to target certain organisations, such as the International Olympic Committee, almost certainly reflects Russian state-sponsored objectives. The group is likely to be an outgrowth of earlier organised cybercrime groups and probably has extensive links with other cybercrime groups.
Although the group behind Conti was disbanded in May 2022, reports suggest members of the group are still involved in new ransomware strains.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.