Russian military officers charged in vast hacking campaign

Elias Hubbard
October 20, 2020

The Justice Department Monday announced an indictment against six Russia GRU officers charged with engaging in a series of hacking and malware deployment operations to attack other countries' infrastructure, elections and other actions created to further Russia's interests.

In addition, they allegedly targeted worldwide investigations into the nerve agent poisoning of Russian former double agent Sergei Skripal and his daughter, and waged cyberattacks on media outlets and parliament in Georgia.

The indictment does not charge the defendants in connection with interference in US elections, though the officers are part of the same military intelligence unit that prosecutors say interfered in the 2016 USA presidential election by hacking Democratic email accounts.

The computer attacks used "some of the world's most destructive malware to date", including the NotPetya malware in 2017, which caused almost $1 billion (€8.5 million) in losses to the three victims identified in the indictment: a USA health care provider, a FedEx Corporation subsidiary and a "large U.S. pharmaceutical manufacturer".

The indictment of the six, none of whom are in USA custody, was brought by a federal grand jury in Pittsburgh, Pennsylvania, where hospitals were allegedly targeted by the NotPetya hackers.

The government said the GRU unit behind the attacks on the Olympics is the same one which targeted Ukraine's electricity grid in 2015, and was behind the NotPetya cyber attack of 2017 which hit Ukrainian financial, energy, and government sectors as well as other European businesses.

The six accused hackers work for the Russian Main Intelligence Directorate, commonly known as the GRU, that's been connected to interference in the 2016 USA election and other major cyberattacks.

Britain said on Monday those attacks included a hack of the 2018 Winter Olympics opening ceremony in South Korea, which compromised hundreds of computers, took down Internet access and disrupted broadcast feeds.

"The GRU's actions against the Olympic and Paralympic Games are cynical and reckless", he said. "Their cyber attack combined the emotional maturity of a petulant child with the resources of a nation state".

The 2017 NotPetya attacks were aimed at businesses and critical infrastructure worldwide and USA targets included hospitals, a subsidiary of delivery giant FedEx and a pharmaceutical manufacturer.

The NCSC said the same unit is also responsible for an attack on the UK Foreign Office's computer systems in March 2018, and another targeting the Defence and Science Technology Laboratory (DSTL) in April of the same year, which at the time was investigating the Salisbury Novichok poisoning.

They also are accused of carrying out cyberattacks on media outlets and the parliament in Georgia, in the Caucasus region.

The alleged hackers - Yuriy Sergeyevich Andrienko, 32; Sergey Vladimirovich Detistov, 35; Pavel Valeryevich Frolov, 28; Anatoliy Sergeyevich Kovalev, 29; Artem Valeryevich Ochichenko, 27; and Petr Nikolayevich Pliskin, 32 - are all charged with seven counts of conspiracy to hack, commit wire fraud and causing computer damage.

Kovalev was indicted previously, in 2018, for attempting to gain access to United States computers involved in the administration of the 2016 USA elections.

Other reports by Click Lancashire

Discuss This Article