Russian hackers with military ties charged after attacks on critical infrastructure
US intelligence agencies have charged a group of five Russian hackers linked to Unit 29155 of Russia’s Main Directorate of the General Staff of the Armed Forces (GRU), as well as a civilian hacker working for the Russian government. This places Russian military intelligence at the center of critical infrastructure attacks on NATO member states.
The five GRU members have been charged in connection with a series of attacks known as “Whisper Gate” that took place in January 2022. The operations targeted Ukrainian government agencies and infrastructure and are largely seen as a precursor to Russia’s invasion of Ukraine.
The U.S. State Department has offered a $10 million reward for information on each of the six suspects through its Rewards for Justice program. The GRU is also believed to have attacked the computer systems of 26 other NATO countries that supported Ukraine, a strategy we have seen has been used many times before.
First shot of the war
The attacks were thwarted by the U.S. Cyber Command and private cybersecurity firms such as Microsoft and Google. They failed to disrupt satellite communications or disrupt Ukrainian government operations as intended.
U.S. officials said the GRU members posed as criminal hackers by leaving ransom notes, but the attacks were designed to destroy any data obtained. According to the joint advice“The objectives of Unit 29155 cyber actors appear to include gathering information for espionage purposes, reputational damage caused by theft and leakage of sensitive information, and systematic sabotage caused by the destruction of data”
Since none of the hackers are on US soil, it’s unlikely they will face the consequences of the charges anytime soon, but the US has reportedly in cooperation with Interpol to “bring about this indictment”.
Via BleepingComputer