Russia Stands Accused Of Global Hacking Campaign

Western countries issued coordinated denunciations of Russia, on Thursday 4th October, for running what they described as computer hacking programmes to undermine democracies, targeting institutions from sports anti-doping bodies to the chemical weapons watchdog.

The US Justice Department on Thursday also announced the indictment of seven Russian military spies on cyber hacking charges linked to the leaking of Olympic athletes’ drug-test data in an alleged attempt to undermine international efforts to expose Russian doping.

Four of the officers with Russia’ GRU military intelligence agency also were charged with targeting organisations probing Russia’s alleged use of chemical weapons, including the poisoning of a former Russian spy in Britain. Three were indicted in July for allegedly conspiring to interfere in the 2016 presidential election.

In some of the strongest language aimed at Moscow since the Cold War, Britain said Russia had become a “pariah state”. The United States said Moscow must be made to pay the price for its actions. And their allies around the world issued stark assessments of what they described as a campaign of hacking by Russia’s GRU military intelligence agency. 

Russia denied what its Foreign Ministry spokeswoman called a “diabolical perfume cocktail” of allegations dreamt up by someone with a “rich imagination”. But the accusations deepen Moscow’s isolation at a time when its diplomatic ties with the West have been downgraded over the poisoning of an ex-spy and while it is under U.S. and EU sanctions over actions in Ukraine.

Britain and the Netherlands accused Russia of sending agents with computer gear and WiFi antennas to the Hague, to try to hack into the Organisation for the Prohibition of Chemical Weapons (OPCW). 

The watchdog at the time was looking into the attack on ex-spy Sergei Skripal in Britain and Western reports of chemical weapons being used by Russia’s ally, Syria, against internal opponents. 

The United States indicted seven suspected Russian agents for conspiring to hack computers and steal data to delegitimise international anti-doping organisations and punish officials who had revealed a Russian state-sponsored athlete doping programme. 

The Justice department said one of the Russian intelligence officers also performed reconnaissance of personnel at Westinghouse Electric Co, a nuclear power company that provides atomic fuel and plant designs to customers. 
The accusations were unveiled at briefings around the globe that were held as NATO defence ministers gathered in Brussels to present a united front to their Cold War-era foe. 

“This is not the actions of a great power, these are the actions of a pariah state,” British Defence Secretary Gavin Williamson told reporters. US Defense Secretary Jim Mattis, at a news conference in the Belgian capital, said Russia must pay a price, and a number of response options were available. 

EU officials said in a statement Russia’s “aggressive act demonstrated contempt for the solemn purpose” of the OPCW. Australia, New Zealand and Canada were among other countries which issued strongly worded statements backing the findings of their allies.

Dutch authorities said they had disrupted the attempt to hack into the Hague-based OPCW in April, as it investigated the Skripal nerve agent poisoning and alleged use of chemical weapons in Syria by Russian-backed President Bashar al-Assad. 
Four Russians arrived in the Netherlands on April 10 and were caught three days later with spying equipment at a hotel located next to the OPCW headquarters, the Dutch military intelligence agency said. 

The men had planned to travel on to a laboratory in Spiez, Switzerland used by the OPCW to analyse samples, Dutch Major-General Onno Eichelsheim said. They were expelled to Russia. The Netherlands released copies of passports of the four men, which identified them as Alexey Minin, Oleg Sotnikov, Evgenii Serebriakov and Aleksei Morenets, all in their 30s or 40s. Reuters was not immediately able to contact them. 

Earlier on Thursday, Britain released an assessment based on work by its National Cyber Security Centre (NCSC), which cast Russia’s GRU military intelligence agency as a cyber aggressor which used a network of hackers to sow worldwide discord. 

The GRU, Britain said, was almost certainly behind the BadRabbit and World Anti-Doping Agency hacking attacks of 2017, the hack of the US Democratic National Committee (DNC) in 2016 and the theft of emails from a UK-based TV station in 2015. 

“The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries,” said British Foreign Secretary Jeremy Hunt. “Our message is clear - together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.” 

The GRU, now officially known in Russia by a shorter acronym GU, is also the agency Britain has blamed for the attack on former GRU spy Skripal with a nerve agent sprayed on his door. 

Skripal, his daughter and a police officer fell seriously ill and a British woman later died after her partner found the poison in a discarded perfume bottle. Russia says the two men Britain blames for the attack were tourists who twice visited Skripal’s home town for sightseeing during a weekend trip to England, a story Britain has dismissed as far-fetched. 

After the Skripal poisoning, dozens of Western countries launched the biggest expulsion of Russian spies working under diplomatic cover since the height of the Cold War. Moscow replied with tit-for-tat expulsions of Westerners. 

In a separate case on Thursday, a Norwegian court extended for a second two-week period the detention of a Russian citizen suspected of spying on Norway’s parliament. Norway arrested Mikhail Bochkaryov on Sept. 21 as he was about to fly out of the country. Moscow says he is a Russian parliamentary staff member and has demanded Oslo lift the “absurd charges”. 
Britain said the GRU was associated with a host of hackers including APT 28, Fancy Bear, Sofacy, Pawnstorm, Sednit, CyberCaliphate, Cyber Berkut and Voodoo Bear. 

The United States has sanctioned GRU officers including its chief, Igor Korobov, in 2016 and 2018 for attempted interference in the 2016 U.S. election and cyber-attacks.

Reuters:       Washington Post

You Might Also Read

Britian Accuses Russian GRU Spy Agency Of International Cyber Attacks:

Britain Plots Cyber Revenge On Russia For Novichok Poisonings:

Dutch Intelligence Agency Pinpoints Cyberattacks:

 

« Uber Pay $148m Penalty For Breach Cover-Up
US Offers Its Cyber Secrets To NATO »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Security Innovation

Security Innovation

Security Innovation is a leader in software security assessments and application security training to top organizations worldwide.

Kaymera Technologies

Kaymera Technologies

Kaymera’s comprehensive mobile enterprise security solution defends against all mobile threat and attack vectors.

BSA - The Software Alliance

BSA - The Software Alliance

BSA is the leading advocate for the global software industry before governments and in the international marketplace.

Entrust

Entrust

Entrust is a global leader in digital security, identities, payments, and data protection.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Saudi Federation for Cyber Security and Programming (SAFCSP)

Saudi Federation for Cyber Security and Programming (SAFCSP)

SAFCSP is a national institution under the umbrella of the Saudi Arabian Olympic Committee, which seeks to build national and professional capabilities in the fields of cyber security and programming.

Austrian Trust Circle

Austrian Trust Circle

Austrian Trust Circle is an initiative of CERT.at and the Austrian Federal Chancellery and consists of Security Information Exchanges in the areas of the strategic information infrastructure.

The Legal 500

The Legal 500

The Legal 500 Hall of Fame highlights, to clients, the law firm partners who are at the pinnacle of the profession. Practice areas covered include Data Protection, Privacy and Cybersecurity.

Wynyard Group

Wynyard Group

Wynyard Group is a niche, technology-driven company specializing in Integrated Border Security solutions for enhanced public safety.

Cybil

Cybil

Cybil is a publicly-available portal where members of the international cyber capacity building community can find and share information to support the design and delivery of programs and projects.

Visible Statement

Visible Statement

Visible Statement is a computer-based delivery system designed to insure the retention and recall of your most important security training messages.

Securolytics

Securolytics

Securolytics offers the simplest, most complete and affordable IoT security for all organizations. Securolytics quickly identifies unmanaged devices to reduce security and compliance risks.

Primus Institute of Technology

Primus Institute of Technology

At Primus Institute of Technology our mission is to inspire, support, and empower current and aspiring IT professionals through training and career development workshops.

CyXcel

CyXcel

CyXcel is a cyber security consulting business grounded in the law which natively fuses crises, legal, technical, and consulting expertise digital networks, information and operational technology.

Baselime

Baselime

Baselime, the cloud-native observability platform. Resolve issues in your cloud application before they become problems.

Odaseva

Odaseva

Odaseva delivers the strongest data security solution for enterprises running on Salesforce, safeguarding confidentiality and integrity of critical business information.