Russia Denies That It Attacked Georgia

The government of Georgia has accused Russia’s military intelligence agency (GRU) of launching a massive cyber-attack on their government and business organisations on 20th February. 

British and US Security Services have also issued official statements formally accusing the GRU and their 'Sandworm' unit for a cyberattack on Georgia, amid fears it could be the start of a wider destabilisation campaign.

Britain and US governments say the GRU was also responsible for carrying out a coordinated cyber-attack on thousands of Georgian websites which ocurred in October 2019  which knocked thousands of Georgian websites offline and disrupted national television broadcasts. This confrontation is considered the largest cyber-attack in Russian electronic history.

"The GRU's reckless and brazen campaign of cyber-attacks against Georgia, a sovereign and independent nation, is totally unacceptable," British Foreign Secretary Dominic Raab said in a statement. 

"The Russian government has a clear choice: continue this aggressive pattern of behaviour against other countries, or become a responsible partner which respects international law."

The British government said its National Cyber Security Centre had decided Moscow was behind the Georgia cyber-attack "with the highest level of probability". 

The US State Department said the incident demonstrated "a continuing pattern of reckless Russian GRU cyber operations against a number of countries".

"The stability of cyberspace depends on the responsible behaviour of nations," the US statement said.

Fake messages usiing the image of controversial ex- President Kikheil Saakasvilli were reported as appearing on sites for the Georgian government, courts, NGOs, news media, and local businesses. In some cases, the web host disruption also took down broadcasting services for some radio and TV stations.

But while the attack and its aftermath was superficial and easily reversible, the mass fake messaging campaign caused domestic political tensionsinside Georgia, primarily due to the use of Saakashvili's photo.

This statement is not the first time the US, UK, and their allies have accused Russia's military intelligence of orchestrating cyber-attacks against foreign governments.

Previously, allies have called out Russia's GRU for cyber-attacks such as:

  • BlackEnergy: December 2015 shut off part of Ukraine's electricity grid, with 230,000 people losing power for between 1 - 6 hours.
  • Industroyer: December 2016 shut off part of Ukraine's electricity grid, also known as CrashOverride. It resulted in a fifth of Kyiv losing power for an hour. It is the first known malware designed specifically to disrupt electricity grids.
  • NotPetya: June 2017 destructive cyber-attack targeting the Ukrainian financial, energy and government sectors and affecting other European and Russian businesses
  • BadRabbit: October 2017 ransomware encrypted hard drives and rendered IT inoperable. This caused disruption including to the Kyiv metro, Odessa airport, Russia's central bank, and two Russian media outlets

The October attack is not the first time Russia's state hackers attacked Georgia. In 2008, Russia fought a brief war with Georgia, which had made a botched attempt to regain control over the breakaway province of South Ossetia. Moscow then recognised the independence of South Ossetia and another breakaway Georgian province, Abkhazia, and set up military bases there.

The Russia's Foreign Ministry has denied  the allegations that its was behind the large-scale cyber-attack on Georgia.

The Cyberwire:        France24:          Telegraph:          Fifth Domain


You Might Also Read: 

Ukraine Battles To Combat Election Hackers:

 

 

« The Cyber Skills Gap Increases
90% Of Breaches Are Caused By Human Error »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North American Electric Reliability Corporation (NERC)

North American Electric Reliability Corporation (NERC)

NERC is a not-for-profit international regulatory authority whose mission is to assure the reliability and security of the bulk power system in North America.

Onspring

Onspring

Onspring is the cloud-based platform of choice for governance, risk and compliance (GRC) teams and business operations experts across multiple industries.

Honeynet Project

Honeynet Project

The Honeynet Project is a leading international non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools.

Xcina Consulting (XCL)

Xcina Consulting (XCL)

Xcina Consulting provides high quality business and technology risk assurance and advisory services.

NAVEX Global

NAVEX Global

NAVEX Global’s compliance management system consolidates your entire GRC program onto a scalable cloud-based platform.

Samoby

Samoby

Samoby provide a subscription solution for Mobile Threat Protection and usage control on Android and iOS devices.

Penacity

Penacity

Penacity, LLC provides strategic consulting technology services and Information Security Services to commercial and government organizations.

Sanderson Recruitment

Sanderson Recruitment

Sanderson is a recruitment company providing expert recruitment services in areas including Cyber & Information Security.

iosiro

iosiro

iosiro was created to guide companies through securely using blockchain technologies. We help teams launch and manage ICOs, deploy secure dApps, and integrate private networks into business practices.

TAC Security (TAC Infosec)

TAC Security (TAC Infosec)

TAC Security (aka TAC Infosec) is a leading and trusted cyber security consulting partner that specializes in securing the IT infrastructure and assets of enterprises.

Knovos

Knovos

Knovos is a leading technology innovator developing solutions for automating, integrating, and innovating Information Governance.

e360

e360

e360 (formerly Entisys360) is an award-winning IT consultancy specializing in advanced IT infrastructure, virtualization, security, automation and cloud first solutions.

Cyber Risk Institute (CRI)

Cyber Risk Institute (CRI)

CRI is a not-for-profit coalition of financial institutions and trade associations working to protect the global economy by enhancing cybersecurity and resiliency through standardization.

Inflexor Ventures

Inflexor Ventures

Inflexor Ventures is a technology focused venture capital firm that invests in early stage companies from seed to Series-A+ stages.

KnoTra Global

KnoTra Global

KnoTra Global is a next-generation Managed Service provider with a portfolio of services including Cybersecurity Solutions, Network Management, IT Leadership, and Day-to-Day Helpdesk and IT services.

Bluerydge

Bluerydge

Bluerydge specialises in cyber security and technology, focusing on the delivery of innovative sovereign solutions through trusted, cleared and experienced professionals.