This article is from the source 'nytimes' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at https://www.nytimes.com/2020/10/19/homepage/russian-intelligence-cyberattacks.html

The article has changed 6 times. There is an RSS feed of changes available.

Version 0 Version 1
U.S. Charges Russian Intelligence Officers in Major Cyberattacks U.S. Charges Russian Intelligence Officers in Major Cyberattacks
(32 minutes later)
The Justice Department announced indictments on Monday of six Russian military intelligence officers in connection with major hacks worldwide, including of the Winter Olympics and elections in France as well as an attack in 2017 aimed at destabilizing Ukraine that spread rapidly and was blamed for billions of dollars in damage. The Justice Department on Monday announced indictments of six Russian military intelligence officers in connection with major hacks worldwide, including of the Winter Olympics and elections in France as well as an attack in 2017 aimed at destabilizing Ukraine that spread rapidly and was blamed for billions of dollars in damage.
Prosecutors said the suspects were from the same Russian unit that conducted one of the Kremlin’s major operations to interfere in the 2016 American election, the theft of Democratic emails. They attacked the 2017 French presidential elections; targeted British authorities investigating the poisoning of a Russian former intelligence operative and the 2018 Winter Olympics in Pyeongchang, South Korea; and hacked the Ukrainian parliament, finance ministry and electrical grid, according to court documents. Prosecutors said the suspects were from the same Russian unit that conducted one of the Kremlin’s major operations to interfere in the 2016 American election: the theft of Democratic emails. They attacked the 2017 French presidential elections; targeted British authorities investigating the poisoning of a Russian former intelligence operative and the 2018 Winter Olympics in Pyeongchang, South Korea; and hacked the Ukrainian Parliament, finance ministry and electrical grid, according to court documents.
The case marked another effort by Trump administration officials to punish Russia for its meddling in other countries’ affairs, even as President Trump has adopted a more accommodating stance toward Moscow. The charges did not address 2020 election interference; American intelligence agencies have assessed that Russia is trying to influence the vote in November. The case was another effort by Trump administration officials to punish Russia for its meddling in other countries’ affairs, even as President Trump has adopted a more accommodating stance toward Moscow. The charges did not address 2020 election interference; American intelligence agencies have assessed that Russia is trying to influence the vote in November.
“No country has weaponized its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and to satisfy fits of spite,” said the assistant attorney general for national security, John C. Demers. “No country has weaponized its cybercapabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and to satisfy fits of spite,” said John C. Demers, the assistant attorney general for national security.
In a dig at President Vladimir V. Putin’s claims that he is restoring Russia to its greatness, Mr. Demers added: “No nation will recapture greatness while behaving in this way.” In a dig at President Vladimir V. Putin’s claims that he is restoring Russia to greatness, Mr. Demers added, “No nation will recapture greatness while behaving in this way.”
Prosecutors said the suspects worked for Unit 74455 of the Russian Main Intelligence Directorate, commonly referred to as the G.R.U. Known among cybersecurity analysts as Fancy Bear, the unit led the 2016 campaign to steal Democrats’ emails and help make them public, embarrassing Hillary Clinton’s campaign in the final stretch. Prosecutors said the suspects worked for Unit 74455 of the Russian Main Intelligence Directorate, commonly referred to as the G.R.U. Known among cybersecurity analysts as Sandworm, the unit worked hand in hand with another G.R.U. unit, known as Fancy Bear, to leak Democrats’ stolen emails during the 2016 election, embarrassing Hillary Clinton’s campaign in the final stretch.
One of the suspects charged in the newly unsealed indictments, Anatoliy Sergeyevich Kovalev, was indicted two years ago on charges announced by the special counsel, Robert S. Mueller III, over his suspected role in the 2016 election meddling.One of the suspects charged in the newly unsealed indictments, Anatoliy Sergeyevich Kovalev, was indicted two years ago on charges announced by the special counsel, Robert S. Mueller III, over his suspected role in the 2016 election meddling.
It was unclear whether the suspects will stand trial for the charges. The Russian government is highly unlikely to hand them over to be prosecuted. But the charges could potentially restrict their travels and they could be arrested if they enter a country willing to turn them over to the United States. It was unclear whether the Russian officers would stand trial for the charges. Moscow is highly unlikely to hand them over to be prosecuted. But the charges could potentially restrict their travels, and they could be arrested if they enter a country willing to turn them over to the United States.
One of the intrusions that the Justice Department focused on was the 2017 attempt to interfere in the French presidential election. That year, hackers released stolen documents just as voting was beginning, aimed at trying to hurt Emmanuel Macron in his race against Marine Le Pen, a far-right candidate supported by Moscow. One of the intrusions that the Justice Department focused on was the 2017 attempt to interfere in the French presidential election. That year, hackers released stolen documents just as voting was beginning, aiming to hurt Emmanuel Macron in his race against Marine Le Pen, a far-right candidate supported by Moscow.
Security researchers at the time quickly blamed the hack-and-dump on Fancy Bear. Security researchers at the time quickly blamed Fancy Bear for the hack-and-dump.
But unlike the Russian work in the 2016 American election, the French operation mixed genuine documents with altered material. The French media largely ignored the stolen documents, in part because of questions of their authenticity, but also because France was in a government-mandated blackout period immediately before the vote. But unlike the Russian work in the 2016 American election, the French operation mixed genuine documents with altered material. The French news media largely ignored the stolen documents, in part because of questions of their authenticity, but also because France was in a government-mandated blackout period immediately before the vote.
American officials have warned that Russia could repeat those tactics in this year’s presidential race in the United States, mixing falsified material with real stolen documents in a way that is difficult to tell fact from fiction. American officials have warned that Russia could repeat those tactics in the presidential race in the United States this year, mixing falsified material with real stolen documents in a way that is difficult to tell fact from fiction.
The indictments showed how the hacking unit became emboldened after its success interfering in the 2016 American election, despite the resulting furor and the Obama administration’s decision to punish and publicly rebuke Russia for its role.The indictments showed how the hacking unit became emboldened after its success interfering in the 2016 American election, despite the resulting furor and the Obama administration’s decision to punish and publicly rebuke Russia for its role.
“If you were under the impression that, after 2016, they hung it up and gave up their aggressive behavior, the fact they hacked the Olympics should disabuse you of that notion,” said John Hultquist, the director of threat intelligence at FireEye, the Silicon Valley cybersecurity firm. “It was a vindictive attack. There was no clear geopolitical reason to do that. And it impacted the entire international community.”“If you were under the impression that, after 2016, they hung it up and gave up their aggressive behavior, the fact they hacked the Olympics should disabuse you of that notion,” said John Hultquist, the director of threat intelligence at FireEye, the Silicon Valley cybersecurity firm. “It was a vindictive attack. There was no clear geopolitical reason to do that. And it impacted the entire international community.”
The 2018 hack of the Pyeongchang Olympics, which took out internet access and telecasts, grounded broadcasters’ drones, shut down the Olympics websites and prevented spectators from attending the opening ceremony. The 2018 hack of the Pyeongchang Olympics, which took out internet access and telecasts, grounded broadcasters’ drones, shut down Olympics websites and prevented spectators from attending the opening ceremony.
At the time, security experts coined the attack “Sour Grapes” because they believed it was conducted by Russians out of spite for the Olympic Committee banning its athletes from participating in the games after systemic violations of antidoping rules. At the time, security experts named the attack Sour Grapes because they believed it was conducted by Russians out of spite for the Olympic Committee banning its athletes from participating in the Games after systemic violations of antidoping rules.
The suspects were also responsible for developing malware used in two attacks on Ukraine’s power grid, according to the court documents. The first attack, on Dec. 23, 2015, infiltrated Ukrainian energy companies, cutting power for hours to over 200,000 residents in the country’s west.The suspects were also responsible for developing malware used in two attacks on Ukraine’s power grid, according to the court documents. The first attack, on Dec. 23, 2015, infiltrated Ukrainian energy companies, cutting power for hours to over 200,000 residents in the country’s west.
In a follow-up attack that hit Kyiv’s power grid a year later, the suspects used a second piece of malware, called Industroyer, to cut power for an hour, the indictment said. The malware, according to experts, posed one of the greatest digital threats to critical infrastructure since Stuxnet, the computer attack by the United States and Israel that took out Iran’s uranium centrifuges in 2009. In a follow-up attack that hit the power grid in Kyiv, Ukraine, a year later, the suspects used a second piece of malware, called Industroyer, to cut electricity for an hour, the indictment said. The malware, according to experts, posed one of the greatest digital threats to critical infrastructure since Stuxnet, the computer attack by the United States and Israel that took out Iran’s uranium centrifuges in 2009.
The wide-ranging attack in June 2017 is considered the most costly in history. Called NotPetya, it was originally aimed at Ukraine but quickly boomeranged around the world, paralyzing some of the biggest corporations in Europe and the United States at an estimated total cost of $10 billion. It cost Mondelez, the maker of Oreo cookies and Ritz crackers, more than $100 million, and Merck, the pharmaceutical giant, some $700 million in damages.The wide-ranging attack in June 2017 is considered the most costly in history. Called NotPetya, it was originally aimed at Ukraine but quickly boomeranged around the world, paralyzing some of the biggest corporations in Europe and the United States at an estimated total cost of $10 billion. It cost Mondelez, the maker of Oreo cookies and Ritz crackers, more than $100 million, and Merck, the pharmaceutical giant, some $700 million in damages.
“If you looked at a list of the top 10 most destructive cyberattacks in history, these guys were responsible for four of them,” Mr. Hultquist said.“If you looked at a list of the top 10 most destructive cyberattacks in history, these guys were responsible for four of them,” Mr. Hultquist said.
Julian E. Barnes contributed reporting.Julian E. Barnes contributed reporting.