Russia Stands Accused Of Global Hacking Campaign

Western countries issued coordinated denunciations of Russia, on Thursday 4th October, for running what they described as computer hacking programmes to undermine democracies, targeting institutions from sports anti-doping bodies to the chemical weapons watchdog.

The US Justice Department on Thursday also announced the indictment of seven Russian military spies on cyber hacking charges linked to the leaking of Olympic athletes’ drug-test data in an alleged attempt to undermine international efforts to expose Russian doping.

Four of the officers with Russia’ GRU military intelligence agency also were charged with targeting organisations probing Russia’s alleged use of chemical weapons, including the poisoning of a former Russian spy in Britain. Three were indicted in July for allegedly conspiring to interfere in the 2016 presidential election.

In some of the strongest language aimed at Moscow since the Cold War, Britain said Russia had become a “pariah state”. The United States said Moscow must be made to pay the price for its actions. And their allies around the world issued stark assessments of what they described as a campaign of hacking by Russia’s GRU military intelligence agency. 

Russia denied what its Foreign Ministry spokeswoman called a “diabolical perfume cocktail” of allegations dreamt up by someone with a “rich imagination”. But the accusations deepen Moscow’s isolation at a time when its diplomatic ties with the West have been downgraded over the poisoning of an ex-spy and while it is under U.S. and EU sanctions over actions in Ukraine.

Britain and the Netherlands accused Russia of sending agents with computer gear and WiFi antennas to the Hague, to try to hack into the Organisation for the Prohibition of Chemical Weapons (OPCW). 

The watchdog at the time was looking into the attack on ex-spy Sergei Skripal in Britain and Western reports of chemical weapons being used by Russia’s ally, Syria, against internal opponents. 

The United States indicted seven suspected Russian agents for conspiring to hack computers and steal data to delegitimise international anti-doping organisations and punish officials who had revealed a Russian state-sponsored athlete doping programme. 

The Justice department said one of the Russian intelligence officers also performed reconnaissance of personnel at Westinghouse Electric Co, a nuclear power company that provides atomic fuel and plant designs to customers. 
The accusations were unveiled at briefings around the globe that were held as NATO defence ministers gathered in Brussels to present a united front to their Cold War-era foe. 

“This is not the actions of a great power, these are the actions of a pariah state,” British Defence Secretary Gavin Williamson told reporters. US Defense Secretary Jim Mattis, at a news conference in the Belgian capital, said Russia must pay a price, and a number of response options were available. 

EU officials said in a statement Russia’s “aggressive act demonstrated contempt for the solemn purpose” of the OPCW. Australia, New Zealand and Canada were among other countries which issued strongly worded statements backing the findings of their allies.

Dutch authorities said they had disrupted the attempt to hack into the Hague-based OPCW in April, as it investigated the Skripal nerve agent poisoning and alleged use of chemical weapons in Syria by Russian-backed President Bashar al-Assad. 
Four Russians arrived in the Netherlands on April 10 and were caught three days later with spying equipment at a hotel located next to the OPCW headquarters, the Dutch military intelligence agency said. 

The men had planned to travel on to a laboratory in Spiez, Switzerland used by the OPCW to analyse samples, Dutch Major-General Onno Eichelsheim said. They were expelled to Russia. The Netherlands released copies of passports of the four men, which identified them as Alexey Minin, Oleg Sotnikov, Evgenii Serebriakov and Aleksei Morenets, all in their 30s or 40s. Reuters was not immediately able to contact them. 

Earlier on Thursday, Britain released an assessment based on work by its National Cyber Security Centre (NCSC), which cast Russia’s GRU military intelligence agency as a cyber aggressor which used a network of hackers to sow worldwide discord. 

The GRU, Britain said, was almost certainly behind the BadRabbit and World Anti-Doping Agency hacking attacks of 2017, the hack of the US Democratic National Committee (DNC) in 2016 and the theft of emails from a UK-based TV station in 2015. 

“The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries,” said British Foreign Secretary Jeremy Hunt. “Our message is clear - together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.” 

The GRU, now officially known in Russia by a shorter acronym GU, is also the agency Britain has blamed for the attack on former GRU spy Skripal with a nerve agent sprayed on his door. 

Skripal, his daughter and a police officer fell seriously ill and a British woman later died after her partner found the poison in a discarded perfume bottle. Russia says the two men Britain blames for the attack were tourists who twice visited Skripal’s home town for sightseeing during a weekend trip to England, a story Britain has dismissed as far-fetched. 

After the Skripal poisoning, dozens of Western countries launched the biggest expulsion of Russian spies working under diplomatic cover since the height of the Cold War. Moscow replied with tit-for-tat expulsions of Westerners. 

In a separate case on Thursday, a Norwegian court extended for a second two-week period the detention of a Russian citizen suspected of spying on Norway’s parliament. Norway arrested Mikhail Bochkaryov on Sept. 21 as he was about to fly out of the country. Moscow says he is a Russian parliamentary staff member and has demanded Oslo lift the “absurd charges”. 
Britain said the GRU was associated with a host of hackers including APT 28, Fancy Bear, Sofacy, Pawnstorm, Sednit, CyberCaliphate, Cyber Berkut and Voodoo Bear. 

The United States has sanctioned GRU officers including its chief, Igor Korobov, in 2016 and 2018 for attempted interference in the 2016 U.S. election and cyber-attacks.

Reuters:       Washington Post

You Might Also Read

Britian Accuses Russian GRU Spy Agency Of International Cyber Attacks:

Britain Plots Cyber Revenge On Russia For Novichok Poisonings:

Dutch Intelligence Agency Pinpoints Cyberattacks:

 

« Uber Pay $148m Penalty For Breach Cover-Up
US Offers Its Cyber Secrets To NATO »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Kramer Levin

Kramer Levin

Kramer Levin is a full-service law firm with offices in New York and Paris. Practice areas include Cybersecurity, Privacy and Data Protection.

Seclab

Seclab

Seclab is an innovative player in the protection of industrial systems and critical infrastructure against sophisticated cyber attacks.

Athena Dynamics

Athena Dynamics

Athena Dynamics focuses on Cyber Security, especially in Critical Information Infra-structure Protection and Enterprise IT Operation Management products and Services.

RedShield Security

RedShield Security

RedShield is the world's first web application shielding-with-a-service company.

CounterCraft

CounterCraft

The CounterCraft Cyber Deception Platform fits seamlessly into existing security strategies and delivers high-end deception for threat hunting and threat detection.

Matrix42

Matrix42

Matrix42 software for digital workspace experience manages devices, applications, processes and services simple, secure and compliant.

CTM360

CTM360

CTM360® is a Cyber Security subscription service offering 24 x 7 x 365 Cyber Threat Management for detecting and responding to cyber threats.

Zymbit

Zymbit

Zymbit provides hardware security modules (HSM) for IoT devices, including Raspberry Pi and other single board computers.

NetSecurity

NetSecurity

NetSecurity is a Brazilian company specializing in Information Security. We provide Managed Security Services (MSS), network security solutions and other specialist services.

Allthenticate

Allthenticate

Allthenticate Single Device Authentication (SDA), enables seamless authentication in both the physical and digital words while unifying management in one easy-to-use interface.

Zeusmark

Zeusmark

Zeusmark are a digital brand security company. We enable companies to successfully defend their brands, revenue and consumers online.

RevBits

RevBits

RevBits provides high-performance cybersecurity solutions including email security, endpoint security, deception technology and PAM solution to enterprise companies and public sector organizations.

Risk Strategies

Risk Strategies

Risk Strategies is a leading specialty risk management consultancy and insurance broker offering smarter, practical approaches to risk mitigation including Cyber Liability insurance.

US Fleet Cyber Command (FLTCYBER)

US Fleet Cyber Command (FLTCYBER)

US Fleet Cyber Command is responsible for Navy information network operations, offensive and defensive cyberspace operations, space operations and signals intelligence.

Secuna Software Technologies

Secuna Software Technologies

Secuna is the most trusted Cybersecurity Testing Platform in the Philippines. Our pool of vetted security researchers will find and ethically report security vulnerabilities in your product.

Raiven Capital

Raiven Capital

Raiven Capital is a global early-stage technology venture capital fund. We focus on founder-led, driven companies on the leading edge of disruption.