Ministers have been told they can no longer say there have been “no successful examples” of Russian disinformation affecting UK elections, after the apparent hacking of an NHS dossier seized on by Labour during the last campaign.
The dropping of the old line is the first official admission of the impact of Kremlin efforts to distort Britain’s political processes, and comes after three years of the government’s refusal to engage publicly with the threat.
Cabinet Office sources confirmed the position been quietly changed while an investigation into the alleged hacking of the 451-page cache of emails from a special adviser’s personal email account by the security services concludes.
Boris Johnson and his predecessor as prime minister, Theresa May, have both appeared reluctant to discuss Kremlin disinformation, with Johnson refusing to allow a report on Russian infiltration in the UK to be published before the election.
Versions of the “no successful examples” statement were regularly deployed in response to allegations of Russian interference in the Brexit referendum, to the frustration of MPs who believed a full investigation was necessary.
Officials said the revised position about Russian interference was set out by Earl Howe, the deputy leader of the House of Lords, in a parliamentary answer earlier this year, when he was asked if there were plans to investigate interference by foreign governments in December’s election.
The peer said the government was determined to protect the integrity of the democratic process in the UK. “As you would expect, the government examines all aspects of the electoral process following an election, including foreign interference, and that work is ongoing,” he said.
Stephen Kinnock, a Labour MP, said the government was being slow in acknowledging the disinformation threat from Russia. “From the hacking of NHS emails to the St Petersburg troll factories and bot farms, it’s clear that the Kremlin is pursuing a deliberate strategy of online disinformation and manipulation that is undermining our democracy.”
Security sources said that Russian strategy of “hack and leak” and “disinformation and misinformation” – which first came to prominence with the hack of Democratic emails in the run-up to the 2016 US presidential election that handed victory to Donald Trump – was becoming widespread internationally.
Last month, the Foreign Office said Russia’s GRU spy agency had carried out a series of “large-scale, disruptive cyber-attacks” in Georgia “in an attempt to undermine Georgia’s sovereignty, to sow discord and disrupt the lives of ordinary Georgian people”.
But despite the strong words in support of an ally in the Caucasus, ministers had been reluctant to publicly call out any Russian disinformation efforts in the UK – and there has been little public acknowledgement of the NHS hack during the election, first reported by the Guardian.
The scale of the Russian threat will be examined in the long-awaited report on Kremlin infiltration into British politics from the independent intelligence and security committee, which cannot be published until Downing Street appoints a new set of members following the election.
Earlier this week, it emerged that among those in the frame were the error-prone former transport secretary Chris Grayling and recently sacked environment minister Theresa Villiers.
The NHS emails are believed to have been hacked from an adviser’s personal Gmail account, and were disseminated online via Reddit, under the headline “Great Britain is practically standing on her knees working on a trade agreement with the US”.
Initially ignored, the documents covering six rounds of UK-US trade talks were eventually picked up by Labour from the posting and produced during a dramatic press conference by Jeremy Corbyn, who said they showed the NHS was “on the table” in the negotiations.
Following an investigation, Reddit concluded “we believe this was part of a campaign that has been reported as originating from Russia” and said it bore the hallmarks of the earlier Secondary Infektion disinformation operation, which was exposed by Facebook in 2018.