Russia Stands Accused Of Global Hacking Campaign

Western countries issued coordinated denunciations of Russia, on Thursday 4th October, for running what they described as computer hacking programmes to undermine democracies, targeting institutions from sports anti-doping bodies to the chemical weapons watchdog.

The US Justice Department on Thursday also announced the indictment of seven Russian military spies on cyber hacking charges linked to the leaking of Olympic athletes’ drug-test data in an alleged attempt to undermine international efforts to expose Russian doping.

Four of the officers with Russia’ GRU military intelligence agency also were charged with targeting organisations probing Russia’s alleged use of chemical weapons, including the poisoning of a former Russian spy in Britain. Three were indicted in July for allegedly conspiring to interfere in the 2016 presidential election.

In some of the strongest language aimed at Moscow since the Cold War, Britain said Russia had become a “pariah state”. The United States said Moscow must be made to pay the price for its actions. And their allies around the world issued stark assessments of what they described as a campaign of hacking by Russia’s GRU military intelligence agency. 

Russia denied what its Foreign Ministry spokeswoman called a “diabolical perfume cocktail” of allegations dreamt up by someone with a “rich imagination”. But the accusations deepen Moscow’s isolation at a time when its diplomatic ties with the West have been downgraded over the poisoning of an ex-spy and while it is under U.S. and EU sanctions over actions in Ukraine.

Britain and the Netherlands accused Russia of sending agents with computer gear and WiFi antennas to the Hague, to try to hack into the Organisation for the Prohibition of Chemical Weapons (OPCW). 

The watchdog at the time was looking into the attack on ex-spy Sergei Skripal in Britain and Western reports of chemical weapons being used by Russia’s ally, Syria, against internal opponents. 

The United States indicted seven suspected Russian agents for conspiring to hack computers and steal data to delegitimise international anti-doping organisations and punish officials who had revealed a Russian state-sponsored athlete doping programme. 

The Justice department said one of the Russian intelligence officers also performed reconnaissance of personnel at Westinghouse Electric Co, a nuclear power company that provides atomic fuel and plant designs to customers. 
The accusations were unveiled at briefings around the globe that were held as NATO defence ministers gathered in Brussels to present a united front to their Cold War-era foe. 

“This is not the actions of a great power, these are the actions of a pariah state,” British Defence Secretary Gavin Williamson told reporters. US Defense Secretary Jim Mattis, at a news conference in the Belgian capital, said Russia must pay a price, and a number of response options were available. 

EU officials said in a statement Russia’s “aggressive act demonstrated contempt for the solemn purpose” of the OPCW. Australia, New Zealand and Canada were among other countries which issued strongly worded statements backing the findings of their allies.

Dutch authorities said they had disrupted the attempt to hack into the Hague-based OPCW in April, as it investigated the Skripal nerve agent poisoning and alleged use of chemical weapons in Syria by Russian-backed President Bashar al-Assad. 
Four Russians arrived in the Netherlands on April 10 and were caught three days later with spying equipment at a hotel located next to the OPCW headquarters, the Dutch military intelligence agency said. 

The men had planned to travel on to a laboratory in Spiez, Switzerland used by the OPCW to analyse samples, Dutch Major-General Onno Eichelsheim said. They were expelled to Russia. The Netherlands released copies of passports of the four men, which identified them as Alexey Minin, Oleg Sotnikov, Evgenii Serebriakov and Aleksei Morenets, all in their 30s or 40s. Reuters was not immediately able to contact them. 

Earlier on Thursday, Britain released an assessment based on work by its National Cyber Security Centre (NCSC), which cast Russia’s GRU military intelligence agency as a cyber aggressor which used a network of hackers to sow worldwide discord. 

The GRU, Britain said, was almost certainly behind the BadRabbit and World Anti-Doping Agency hacking attacks of 2017, the hack of the US Democratic National Committee (DNC) in 2016 and the theft of emails from a UK-based TV station in 2015. 

“The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries,” said British Foreign Secretary Jeremy Hunt. “Our message is clear - together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.” 

The GRU, now officially known in Russia by a shorter acronym GU, is also the agency Britain has blamed for the attack on former GRU spy Skripal with a nerve agent sprayed on his door. 

Skripal, his daughter and a police officer fell seriously ill and a British woman later died after her partner found the poison in a discarded perfume bottle. Russia says the two men Britain blames for the attack were tourists who twice visited Skripal’s home town for sightseeing during a weekend trip to England, a story Britain has dismissed as far-fetched. 

After the Skripal poisoning, dozens of Western countries launched the biggest expulsion of Russian spies working under diplomatic cover since the height of the Cold War. Moscow replied with tit-for-tat expulsions of Westerners. 

In a separate case on Thursday, a Norwegian court extended for a second two-week period the detention of a Russian citizen suspected of spying on Norway’s parliament. Norway arrested Mikhail Bochkaryov on Sept. 21 as he was about to fly out of the country. Moscow says he is a Russian parliamentary staff member and has demanded Oslo lift the “absurd charges”. 
Britain said the GRU was associated with a host of hackers including APT 28, Fancy Bear, Sofacy, Pawnstorm, Sednit, CyberCaliphate, Cyber Berkut and Voodoo Bear. 

The United States has sanctioned GRU officers including its chief, Igor Korobov, in 2016 and 2018 for attempted interference in the 2016 U.S. election and cyber-attacks.

Reuters:       Washington Post

You Might Also Read

Britian Accuses Russian GRU Spy Agency Of International Cyber Attacks:

Britain Plots Cyber Revenge On Russia For Novichok Poisonings:

Dutch Intelligence Agency Pinpoints Cyberattacks:

 

« Uber Pay $148m Penalty For Breach Cover-Up
US Offers Its Cyber Secrets To NATO »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

QNAP Systems

QNAP Systems

QNAP Systems, Inc. delivers world class network attached storage (NAS) and network video recorder (NVR) solutions.

Resource Centre for Cyber Forensics (RCCF)

Resource Centre for Cyber Forensics (RCCF)

RCCF is a pioneering institute, pursuing research activities in the area of Cyber Forensics.

Huntsman Security

Huntsman Security

Huntsman Security provides technology to enable real-time security monitoring and immediate visibility of advanced threats and compliance issues.

CI-CERT

CI-CERT

CI-CERT is the national Computer Incident Response Team for Cote d'Ivoire.

Base Cyber Security

Base Cyber Security

Base Cyber Security is an information and cyber security talent service provider and career specialist.

Sylint

Sylint

Sylint is an internationally recognized cyber security and digital data forensics firm with extensive experience discretely addressing some of today’s biggest cyber breaches.

Fastcomcorp

Fastcomcorp

Fastcomcorp offers a world-class proactive cyber security defense and risk management consulting. Including Darkweb monitoring and posture assessments.

Tracepoint

Tracepoint

Tracepoint provide full-service cyber incident response, remediation and recovery solutions for the most time-sensitive situation your company may ever face.

Nexon Asia Pacific

Nexon Asia Pacific

Nexon solutions include cloud infrastructure and services, unified communications, managed security services, business continuity, secured high-performance network and business applications.

LGMS - LE Global Services

LGMS - LE Global Services

LGMS is a leading cyber security penetration testing and assessment firm in the Asia Pacific region.

Wazuh

Wazuh

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Liminal

Liminal

Liminal is a boutique strategy advisory firm serving digital identity, fintech, and cybersecurity clients, and the private equity / venture capital community.

Pathlock

Pathlock

Pathlock (formerly Greenlight) help enterprises and organizations automate the enforcement of any process, access, or IT general control, for any business application.

Binarly

Binarly

Binarly is a global firmware and software supply chain security company founded in 2021.

Daisy Corporate Services

Daisy Corporate Services

Daisy is one of the largest providers of communications and IT solutions across the UK, with a portfolio spanning unified communications, cloud, cyber security and resilience.

Breez Security

Breez Security

Breez Security's mission is to address the increasingly complex and ever evolving challenges of identity security.