A range of assaults against targets across the world have been attributed to the GRU
Credit: NurPhoto/SIPA USA/PA Images
The National Cyber Security Centre has pinned a range of “reckless and indiscriminate” cyberattacks around the world on the Russian military intelligence service the GRU.
The NCSC has today attributed to Russian intelligence four malicious campaigns going back over a period of three years. This includes an attack in summer 2015, in which “multiple email accounts belonging to a small UK-based TV station were accessed and content stolen”.
The following year, the GRU attacked the US Democratic National Committee and published sensitive documents online, according to the NCSC. In August 2017, more files were allegedly leaked, after GRU hackers breached the defences of the World Anti-Doping Agency – an organisation established by the International Olympic Committee to combat the use of performance-enhancing drugs in sport.
- US Cyber Command outlines policy of ‘defending forward’
- NCSC warns government and power companies about Russian cyberthreat
- NSA: ‘We have not responded to a zero-day in two years – our adversaries are hitting known vulnerabilities’
UK authorities have also concluded that the GRU was responsible for spreading the BadRabbit ransomware in October 2017. The malicious program “caused disruption including to the Kyiv metro, Odessa airport, Russia’s central bank and two Russian media outlets”, the NCSC said.
Foreign secretary Jeremy Hunt condemned the attacks.
“These cyberattacks serve no legitimate national security interest, instead impacting the ability of people around the world to go about their daily lives free from interference, and even their ability to enjoy sport,” he said. “The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries; they are even prepared to damage Russian companies and Russian citizens. This pattern of behaviour demonstrates their desire to operate without regard to international law or established norms and to do so with a feeling of impunity and without consequences.”
Hunt added: “Our message is clear: together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.”
In April, the NCSC teamed up with the US Department of Homeland Security and the FBI to announce that Russia was responsible for a sustained campaign of cyberattacks against US and UK targets.
At the time, NCSC chief executive Ciaran Martin said: “This is a significant moment in the transatlantic fightback against Russia’s aggressive activity in cyberspace. We have called it out before, but never have we joined together… to give advice to industry and citizens.”