The UK Government has claimed a number notorious cyber attackers responsible for some of the biggest hacks in recent years are all in fact Russian military intelligence (GRU).
Operating under names such as Voodoo Bear, CyberCaliphate and Pawnstorm, the National Cyber Security Centre (NCSC) accused GRU of “working in secret to undermine international law and international institutions”.
Those targeted include the World Anti-Doping Agency (WADA), transport systems in Ukraine and a TV station in the UK.
Foreign Secretary Jeremy Hunt said: “The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries; they are even prepared to damage Russian companies and Russian citizens.”
The NCSC said it could assess with “high confidence” that the GRU was “almost certainly responsible” for:
- In October 2017 attack, BadRabbit ransomware encrypted hard drives and rendered IT inoperable. This caused disruption including to the Kyiv metro, Odessa airport, Russia’s central bank and two Russian media outlets.
- In August 2017, confidential medical files relating to a number of international athletes were released. WADA stated publicly that this data came from a hack of its Anti-Doping Administration and Management system.
- In 2016, the Democratic National Committee (DNC) was hacked and documents were subsequently published online.
- Between July and August 2015 multiple email accounts belonging to a small UK-based TV station were accessed and content stolen.
The GRU is Russia’s most secretive intelligence agency and conducts military intelligence tasks and foreign intelligence operations.
Any operations undertaken by the agency are almost certainly approved at the highest levels of the Russian Government.
It was recently implicated in the poisoning of Sergei Skripal and his daughter Yulia in Salisbury in March.
One of the suspects was identified as a GRU colonel called Anatoliy Chepiga, a veteran officer who has served in Chechnya and Ukraine.
Hunt added: “This pattern of behaviour demonstrates their desire to operate without regard to international law or established norms and to do so with a feeling of impunity and without consequences.
“Our message is clear: together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.”