U.S. Charges Six Russian Agents for Hacking That Cost Billions

The U.S. charged six current and former members of Russia’s military intelligence agency for allegedly carrying out some of the world’s most destructive hacking attacks from 2015 to 2019, including knocking out Ukraine’s power grid and causing almost $1 billion in damage to three American companies.

The hackers allegedly carried out attacks against the 2017 elections in France and the 2018 Pyeongchang Winter Olympic Games, according to an indictment unsealed by the Justice Department on Monday.

“According to the indictment, beginning in or around November 2015 and continuing until at least in or around October 2019, the defendants and their co-conspirators deployed destructive malware and took other disruptive actions, for the strategic benefit of Russia, through unauthorized access to victim computers,” the department said.

Read the grand jury indictment unsealed on Monday

The hackers from the military intelligence unit known as GRU allegedly spread what is known as NotPetya malware, which damaged computers used for critical infrastructure, including impairing the administration of medical services by a hospital system in Pennsylvania.

“The attack caused the unavailability of patient lists, patient history, physical examination files and laboratory records,” according to the department.

The NotPetya attack also caused about $400 million in damages to a subsidiary ofFedEx Corp. and more than $500 million in damages to a large U.S. pharmaceutical manufacturer, which the indictment didn’t identify.Merck & Co. has been previously identified as one of the targets.

None of the charges involved the current U.S. presidential campaign, although the FBI and other agencies say Russia continues trying to interfere in U.S. politics.

“No country has weaponized its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and fits of spite,” John Demers, head of the department’s national security division, told reporters during a news conference on Monday.

Demers said the release of the indictment wasn’t particularly intended to send a message to Russia against interfering in the 2020 election. He said U.S. agencies haven’t seen evidence that hackers can compromise voting in this year’s election.

“Americans should be confident that a vote cast for their candidate will be counted for that candidate,“ Demers said.

The Justice Department also said the investigation was aided by social media companies Facebook Inc. and Twitter Inc., as well as Alphabet Inc.’s Google and Cisco Systems Inc.

‘Voodoo Bear’

The hackers are part of a group known variously as “Sandworm Team” and “Voodoo Bear” among cybersecurity experts. The group’s espionage and sabotage hacking operations are “highly advanced” and consistent with “Russian economic and national objectives,” according to ananalysis by the firm Crowdstrike Inc. The group has an interest in “targeting critical systems” and disrupting infrastructure, according to ananalysis by the firm FireEye Inc.

The timing of the indictment, weeks before the U.S. presidential election, is notable. A separate hacking unit that is associated with Russia’s GRU meddled in the 2016 U.S. election, and Microsoft Corp. recently found that group attempting to hack political targets ahead of the 2020 election.

In addition, one of the defendants in the indictment unsealed on Monday was alsocharged in 2018 by the U.S. for hacking tied to the 2016 election. He conspired “to gain unauthorized access into the computers of U.S. persons and entities involved in the administration of the 2016 U.S. elections,” according to the Justice Department.

The U.S. intelligence community has assessed that Russia is attempting to help President Donald Trump succeed and hurt his rival, former Vice President Joe Biden. The U.S. also indictedhackers from GRU in October 2018, before the midterm elections. Russia denies any role.

Source: Read Full Article