ZCZC
BFF-17
US-RUSSIA-JUSTICE-CYBER
US charges Russians with cyberattacks on Ukraine, French elections, Olympics
WASHINGTON, Oct 20, 2020 (BSS/AFP) – Six Russian military intelligence officers have
been charged in the United States with carrying out cyberattacks on Ukraine’s power
grid, the 2017 French elections and the 2018 Winter Olympic Games, the Justice
Department announced on Monday.
The six GRU agents were also accused of staging a malware attack called “NotPetya”
that infected computers of businesses worldwide causing nearly $1 billion in losses to
three US companies alone.
In addition, they allegedly targeted international investigations into the nerve
agent poisoning of Russian former double agent Sergei Skripal and his daughter, and
waged cyberattacks on media outlets and parliament in Georgia.
Assistant Attorney General John Demers said the six were responsible for “the most
disruptive and destructive series of computer attacks ever attributed to a single
group.”
Demers said members of the same GRU unit have been charged previously with seeking to
disrupt the 2016 US elections — but there were “no (2020) election interference
allegations” in this indictment.
The indictment of the six, none of whom are in US custody, was brought by a federal
grand jury in Pittsburgh, Pennsylvania, where hospitals were allegedly targeted by the
NotPetya hackers.
The charges include conspiracy to conduct computer fraud and abuse, conspiracy to
commit wire fraud, wire fraud, damaging protected computers, and aggravated identity
theft.
Demers said the defendants launched destructive malware attacks against the electric
power grid in Ukraine in December of 2015 and December of 2016.
“These were the first reported destructive malware attacks against the control
systems of civilian critical infrastructure,” he said.
“These attacks turned out the lights and turned off the heat in the middle of the
Eastern European winter, as the lives of hundreds of thousands of Ukrainian men, women
and children went dark and cold.”
– ‘Petulant child’ –
The Justice Department said they conducted “hack-and-leak” campaigns against French
President Emmanuel Macron’s political party and local French governments prior to the
2017 elections.
Demers said the 2018 PyeongChang Winter Olympics in South Korea were targeted after
Russian athletes were banned from participating under their own flag because of
government-sponsored doping efforts.
“Their cyber attack combined the emotional maturity of a petulant child with the
resources of a nation state,” he said, adding that they attempted to pin it on North
Korea.
“During the opening ceremony, they launched the ‘Olympic Destroyer’ malware attack,
which deleted data from thousands of computers supporting the Games, rendering them
inoperable,” he said.
The 2017 NotPetya attacks were aimed at businesses and critical infrastructure
worldwide and US targets included hospitals, a subsidiary of delivery giant FedEx and a
pharmaceutical manufacturer.
In April 2018, spearphishing campaigns were launched against investigations being
carried out into the Skripal poisoning by the Organisation for the Prohibition of
Chemical Weapons (OPCW) and the United Kingdom’s Defence Science and Technology
Laboratory (DSTL).
In Georgia, a spearphishing campaign was launched in 2018 against a major media
company, and in 2019 efforts were made to compromise the computer network of the
country’s parliament, according to the Justice Department.
The six were identified as Yuriy Sergeyevich Andrienko, 32, Sergey Vladimirovich
Detistov, 35, Pavel Valeryevich Frolov, 28, Anatoliy Sergeyevich Kovalev, 29, Artem
Valeryevich Ochichenko, 27, and Petr Nikolayevich Pliskin, 32. Kovalev was indicted
previously, in 2018, for attempting to gain access to US computers involved in the
administration of the 2016 US elections.
BSS/AFP/MMA/1111HRS