US Charges 6 Russian GRU Officers Over International Hacking Operations

Janita Kan
By Janita Kan
October 19, 2020US News
share
US Charges 6 Russian GRU Officers Over International Hacking Operations
A poster showing six wanted Russian military intelligence officers is displayed before a news conference at the Department of Justice, in Washington on Oct. 19, 2020. (Andrew Harnik/AP Photo)

The Justice Department announced on Monday that six Russian military hackers were charged for allegedly engaging in a series of hacking efforts targeting other countries’ infrastructure, elections, or businesses, in what has been described as the “most disruptive and destructive series of computer attacks ever attributed to a single group.”

The military hackers, who are agents of a Russian military intelligence agency known as GRU, allegedly used various cyber tactics, including deploying destructive malware with the purpose of furthering the Russian government’s interest to destabilize and interfere with the political and economic systems of other countries, the department said. The GRU is the same agency that was allegedly involved in hacking efforts to interfere in the 2016 U.S. presidential election.

Among those targeted includes Ukraine’s electric power grid, Ministry of Finance, and State Treasury Service; French Emmanuel Macron’s political party and French politicians; hosts, participants, partners, attendees, and the IT systems of the PyeongChang 2018 Winter Olympics; organizations and entities investigating the nerve agent poisoning of Sergei Skripal; Georgian companies and government entities; as well as businesses and medical facilities in the United States.

“No country has weaponized its cyber capabilities as maliciously and irresponsibly as Russia, wantonly causing unprecedented collateral damage to pursue small tactical advantages and to satisfy fits of spite,” Assistant Attorney General for National Security John C. Demers said during a press conference on Monday announcing the charges.

John Demers
Assistant Attorney General for the National Security Division John Demers speaks at a news conference at the Department of Justice, in Washington on Oct. 19, 2020. (Andrew Harnik/AP Photo)

According to the indictment, the hackers deployed “some of the world’s most destructive malware to date”—such as KillDisk, Industroyer, and NotPetya—which caused widespread damage, including blackouts in Ukraine and disruption to thousands of computers used to support the 2018 Winter Olympics.

The men have been charged with conspiracy to conduct computer fraud and abuse, conspiracy to commit wire fraud, wire fraud, damaging protected computers, and aggravated identity theft. Each defendant is charged in every count in an indictment returned by a federal grand jury in Pittsburgh.

six wanted Russian military intelligence officers
A poster showing six wanted Russian military intelligence officers. (Justice Department)

The department said several of the men had previously been charged for their role in allegedly interfering in the 2016 U.S. elections.

Demers said the allegations should be evidence into why the United States should not accept President Vladimir Putin’s offer for a cyber “reset” between the two countries. The agreement would require both counties to provide guarantees not to engage in cyber-meddling in each other’s elections.

“Russia is certainly right that technologically sophisticated nations that aspire to lead have a special responsibility to secure the world order and contribute to widely accepted norms, peace and stability. That’s what we’re doing here today,” Demers said.

“But this indictment lays bare Russia’s use of its cyber capabilities to destabilize and interfere with the domestic political and economic systems of other countries, thus providing a cold reminder of why its proposal is nothing more than dishonest rhetoric and cynical and cheap propaganda.”

The department said the attacks caused nearly $1 billion in losses to three U.S. victims including the Heritage Valley Health System in Pennsylvania. The men allegedly deployed the NotPetya malware, which caused “the unavailability of patient lists, patient history, physical examination files, and laboratory records.”

“Heritage Valley lost access to its mission-critical computer systems (such as those relating to cardiology, nuclear medicine, radiology, and surgery) for approximately one week and administrative computer systems for almost one month, thereby causing a threat to public health and safety,” according to a department statement.

Other U.S. victims include a FedEx Corporation subsidiary TNT Express B.V. and a large pharmaceutical manufacturer.

From The Epoch Times

ntd newsletter icon
Sign up for NTD Daily
What you need to know, summarized in one email.
Stay informed with accurate news you can trust.
By registering for the newsletter, you agree to the Privacy Policy.
Comments