Six Russian Military Intel Agents In Massive Hacking Operations
The US has indicted six Russians involved in the hacker attacks, the US Department of Justice officials informed on Monday.
The US investigators stated that the hackers were involved in attacks against organizers of the Pyongyang Olympics in 2018 and participants in the French presidential elections in 2017. All six Russians aged from 35 to 27 are operatives of the Main Directorate of the General Staff of the Russian Armed Forces (better known as the GRU).
The United States and Britain said the attacks were carried out by military unit 74455, one of the GRU divisions. According to them, the Russians were planning; cyberattacks on the organizers of the Tokyo Olympic Games, which did not take place this year due to the Wuhan virus pandemic. Reuters sources claim that the hackers' activities included creating fake websites and accounts allegedly belonging to officials in order to then hack into the resources.
No country has used its cyber potential as maliciously and irresponsibly as Russia, unreasonably causing unprecedented damage to achieve small tactical advantages out of evil motives, said Assistant Attorney General John Demers.
These GRU hackers and their co-conspirators engaged in computer intrusions and attacks intended to support Russian government efforts to undermine, retaliate against or otherwise destabilize Ukraine; Georgia; elections in France; efforts to hold Russia accountable for its use of a weapons-grade nerve agent, Novichok, on foreign soil; and the 2018 PyeongChang Winter Olympic Games after Russian athletes were banned from participating under their nation’s flag, as a consequence of Russian government-sponsored doping effort. Moscow agents caused damage and disruption to computer networks worldwide, including in France, Georgia, the Netherlands, the Republic of Korea, Ukraine, the United Kingdom, and the United States.
The 50-page indictment describes alleged crimes of Russian defendants providing the exact dates of their operations, their techniques, the information about the targets and the extent of the damage.
Russian malware caused a threat to health and public safety in Pennsylvania
The hackers created a malware called NotPetya which spread worldwide, damaged computers used in critical infrastructure, and caused enormous financial losses, the US investigators emphasised.
One of the example of the damage were impairment the Heritage Valley’s provision of critical medical services to citizens of the Western District of Pennsylvania through its two hospitals, 60 offices, and 18 community satellite facilities. The attack caused the unavailability of patient lists, patient history, physical examination files, and laboratory records. Heritage Valley lost access to its mission-critical computer systems (such as those relating to cardiology, nuclear medicine, radiology, and surgery) for approximately one week and administrative computer systems for almost one month, thereby causing a threat to public health and safety.
Russians build also a forgery of the website of Korean Ministry of Agriculture, Food and Rural Affairs to mimick the original. Through that website they targeted organisations and individuals associated with the 2018 Winter Olympics. They also created malware mimicking the malware of other hacking groups as the Lazarus Group sponsored by the North Korea's regime - as part of a "false flag" operation.
On December 23, 2015 during the winter in Ukraine, Russian disrupted power supply to 225,000 Ukrainian customers. Few days earlier, they attacked computers of the Ukrainian Ministry of Finance and State Treasury Service preventing executions of 150,000 transactions.
During the campaign before presidential elections in May 7, 2017, Russians attacked computers of at least 100 members of President Macron's political party En Marche!
Hacking involved identification of data, collection, packaging, stealing credentials and also overwriting of the files and erasing data making impossible it to be recovered.
The crimes committed by Russian government officials were against real victims who suffered real harm, stressed U.S. Attorney Scott W. Brady for the Western District of Pennsylvania.
The GRU operatives also erased a critical part of the system of some of the Ukrainian government computers and its energy firms, putting under the risk the energy security of the country in 2017.
If apprehended and brought to the US, the defendants face charges carrying a maximum life sentence.
The US investigators expressed their gratitude to the assistance provided by Ukrainian authorities, the Governments of the Republic of Korea and New Zealand, Georgian authorities, and the United Kingdom’s intelligence services.
US Department of Justice officials also appreciated help of Google, Facebook, Twitter, Cisco and the private investigation firms.