US, Britain pin blame for major cyber attacks on Russian hackers

Updated
Oct 21, 2020, 11:14 AM
Published
Oct 21, 2020, 05:00 AM

WASHINGTON/LONDON • The US and Britain have condemned what they said were a litany of malicious cyber attacks orchestrated by Russian military intelligence, including efforts to disrupt the Olympic and Paralympic Games in Tokyo.

Officials from both countries said the cyber attacks were carried out by Unit 74455 of Russia's GRU military intelligence agency, also known as the Main Centre for Special Technologies.

In an indictment unsealed on Monday, the US Justice Department said six members of the unit had played key roles in attacks on targets ranging from the Organisation for the Prohibition of Chemical Weapons to the 2017 French polls.

The charges covered four years of malicious cyber activity - from 2015 to last year.

US officials would not say whether the announcement's timing, just ahead of the Nov 3 presidential election, was intended to serve as a warning to foreign, government-linked hacking groups.

Prosecutors said the suspects were from the same unit that helped distribute stolen Democratic e-mails in the 2016 election.

The prosecutors focused on seven breaches that showed how Russia sought in recent years to use its hacking abilities to undermine democratic institutions and ideals, retaliate against enemies and destroy rival economies.

Cyber-security and national-security experts had long argued that the Russians were behind the hacks that prosecutors detailed on Monday. But the indictment was the first time a major law enforcement agency made the charge, bolstering the hacking unit's notoriety as one of the most audacious in the world.

British officials, meanwhile, said the GRU hackers had also conducted "cyber reconnaissance" operations against organisers of the Tokyo Games, which were originally scheduled to be held this year but postponed because of the coronavirus outbreak.

More On This Topic
Olympics: Japan to require Covid-19 tests for all athletes

The British officials declined to give specific details about the latest attacks or say whether they were successful, but said they had targeted Games organisers, logistics suppliers and sponsors.

During a virtual press conference on Monday, US Justice Department Assistant Attorney-General John Demers also declined to discuss the hacking activity around the 2020 Games.

British Foreign Secretary Dominic Raab said: "The GRU's actions against the Olympic and Paralympic Games are cynical and reckless. We condemn them in the strongest possible terms."

Federal Bureau of Investigation deputy director David Bowdich said: "The FBI has repeatedly warned that Russia is a highly capable cyber adversary, and the information revealed in this indictment illustrates how pervasive and destructive Russia's cyber activities truly are."

Mr Demers said: "No country has weaponised its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and to satisfy fits of spite."

The Russian Embassy in Washington on Monday strongly denied the allegations.

"It is absolutely obvious that such news breaks have no bearing on reality and are aimed at whipping up Russophobic sentiments in American society, at launching a 'witch hunt' and spy mania, which have been a distinctive feature of the political life in Washington for several years," the embassy's press office said in a written statement.

More On This Topic
Weather, Russia are Japan's concerns
Russia banned from major sports events for four years over doping

The attacks on the 2020 Games are the latest in a string of hacking attempts against international sporting organisations that Western officials and cyber-security experts say have been orchestrated by Russia since its doping scandal erupted five years ago. Moscow has repeatedly denied the allegations.

Britain and the United States also said on Monday that the hackers were involved in other attacks, such as the hack of the 2018 Winter Olympics opening ceremony in South Korea, which compromised hundreds of computers, took down Internet access and disrupted broadcast feeds.

The attack in South Korea had previously been linked to Russia by cyber-security researchers, but was made to look like the work of Chinese or North Korean hackers, Britain's Foreign Ministry said.

"The attacks on the 2020 Summer Games are the latest in a campaign of Russian malicious activity against the Olympic and Paralympic Games," it said.

"The UK is confirming for the first time today the extent of GRU targeting of the 2018 Winter Olympic and Paralympic Games in Pyeongchang, Republic of Korea."

Among the operations that the Justice Department cited was the release of stolen documents just as voting was beginning in France's presidential election in 2017, in an apparent attempt to hurt Mr Emmanuel Macron in his eventual victory against Ms Marine Le Pen, a far-right candidate supported by Moscow.

Other cyber operations allegedly conducted by the GRU officers since 2015, according to the Justice Department, included the global cyber attack known as NotPetya.

It was originally aimed at Ukraine but quickly boomeranged around the world, paralysing some of the biggest corporations in Europe and the US at an estimated total cost of US$10 billion (S$13.6 billion).

The new charges did not address interference in the US election next month. American intelligence agencies have assessed that Russia is trying to influence the vote on Nov 3.

REUTERS, NYTIMES

Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Straits Times on October 21, 2020, with the headline US, Britain pin blame for major cyber attacks on Russian hackers. Subscribe

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top