Russia Denies That It Attacked Georgia

The government of Georgia has accused Russia’s military intelligence agency (GRU) of launching a massive cyber-attack on their government and business organisations on 20th February. 

British and US Security Services have also issued official statements formally accusing the GRU and their 'Sandworm' unit for a cyberattack on Georgia, amid fears it could be the start of a wider destabilisation campaign.

Britain and US governments say the GRU was also responsible for carrying out a coordinated cyber-attack on thousands of Georgian websites which ocurred in October 2019  which knocked thousands of Georgian websites offline and disrupted national television broadcasts. This confrontation is considered the largest cyber-attack in Russian electronic history.

"The GRU's reckless and brazen campaign of cyber-attacks against Georgia, a sovereign and independent nation, is totally unacceptable," British Foreign Secretary Dominic Raab said in a statement. 

"The Russian government has a clear choice: continue this aggressive pattern of behaviour against other countries, or become a responsible partner which respects international law."

The British government said its National Cyber Security Centre had decided Moscow was behind the Georgia cyber-attack "with the highest level of probability". 

The US State Department said the incident demonstrated "a continuing pattern of reckless Russian GRU cyber operations against a number of countries".

"The stability of cyberspace depends on the responsible behaviour of nations," the US statement said.

Fake messages usiing the image of controversial ex- President Kikheil Saakasvilli were reported as appearing on sites for the Georgian government, courts, NGOs, news media, and local businesses. In some cases, the web host disruption also took down broadcasting services for some radio and TV stations.

But while the attack and its aftermath was superficial and easily reversible, the mass fake messaging campaign caused domestic political tensionsinside Georgia, primarily due to the use of Saakashvili's photo.

This statement is not the first time the US, UK, and their allies have accused Russia's military intelligence of orchestrating cyber-attacks against foreign governments.

Previously, allies have called out Russia's GRU for cyber-attacks such as:

  • BlackEnergy: December 2015 shut off part of Ukraine's electricity grid, with 230,000 people losing power for between 1 - 6 hours.
  • Industroyer: December 2016 shut off part of Ukraine's electricity grid, also known as CrashOverride. It resulted in a fifth of Kyiv losing power for an hour. It is the first known malware designed specifically to disrupt electricity grids.
  • NotPetya: June 2017 destructive cyber-attack targeting the Ukrainian financial, energy and government sectors and affecting other European and Russian businesses
  • BadRabbit: October 2017 ransomware encrypted hard drives and rendered IT inoperable. This caused disruption including to the Kyiv metro, Odessa airport, Russia's central bank, and two Russian media outlets

The October attack is not the first time Russia's state hackers attacked Georgia. In 2008, Russia fought a brief war with Georgia, which had made a botched attempt to regain control over the breakaway province of South Ossetia. Moscow then recognised the independence of South Ossetia and another breakaway Georgian province, Abkhazia, and set up military bases there.

The Russia's Foreign Ministry has denied  the allegations that its was behind the large-scale cyber-attack on Georgia.

The Cyberwire:        France24:          Telegraph:          Fifth Domain


You Might Also Read: 

Ukraine Battles To Combat Election Hackers:

 

 

« The Cyber Skills Gap Increases
90% Of Breaches Are Caused By Human Error »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

HDI

HDI

HDI is the worldwide professional association and certification body for the technical service and support industry.

FinalCode

FinalCode

FinalCode offers a file encryption and file-based enterprise digital rights management (eDRM) platform.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

NetKnights

NetKnights

NetKnights is an independent IT security company which offers services and products for strong authentication, identity management and encryption.

IBA Security

IBA Security

IBA Security is a center of competence consolidating the cybersecurity expertise of the IBA Group.

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF) of Armenia is one of the largest technology business incubators and IT development agencies in the region.

ePLDT

ePLDT

ePLDT delivers best-in-class digital business solutions that include Cloud, Cyber Security, purpose-built Data Center facilities and Managed IT Services.

DeepView

DeepView

DeepView delivers a unified platform for managing risk on digital platforms. One interactive secure portal allowing employees to engage their networks securely and compliantly.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

Gula Tech Adventures

Gula Tech Adventures

Gula Tech Adventures invests in companies and nonprofits that help close the gap in needed technology and workforce to defend the country in cyberspace.

Binary Security AS

Binary Security AS

Binary Security is a Norwegian information security consultancy company. We are specialists at application security, penetration testing and secure code reviews.

Twingate

Twingate

Twingate help organizations secure and manage access to their technology resources in a world where people work from anywhere.

Aptum

Aptum

Aptum is a global hybrid multi-cloud managed service provider delivering complex and high-performance cloud solutions with an integrated secure network.

LastPass

LastPass

LastPass provides award-winning password and identity management solutions that are convenient, effortless, and easy to manage.

Rootly

Rootly

Rootly is an incident management platform on Slack that helps automate manual admin work during incidents.