US accuses Russian military of carrying out NotPetya cyberattack 

An indictment against six Russian hackers serving in the GRU, Russia's military intelligence agency, reveals that the attack was sponsored by the Kremlin 

US accuses Russian military of carrying out NotPetya cyberattack 

State Department Photo by Ron Przysucha/ Public Domain

A US federal grand jury in Pittsburgh returned an indictment against six hackers, all citizens of the Russian Federation and officers in unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the armed forces. 

These GRU hackers and their colleagues intended to support the efforts of the Russian government to undermine, retaliate against, or otherwise destabilize Ukraine, Georgia and France, as well as efforts to hold Russia accountable for its use of weapons-grade nerve agent Novichok on foreign soil. The indictment also refers to the 2018 PyeongChang Winter Olympic Games after Russian athletes were banned from participating under their nation’s flag, as a result of a Russian government-sponsored doping effort.

Their computer attacks used some of the world’s most destructive malware, including KillDisk and Industroyer, which each caused blackouts in Ukraine; NotPetya, which caused nearly $1 billion in losses to the three victims identified in the indictment alone; and Olympic Destroyer, which disrupted thousands of computers used to support the 2018 PyeongChang Winter Olympics.  In the indictment, the defendants are charged with conspiracy, computer hacking, fraud, identity theft, and false registration of a domain name.

According to the indictment, beginning around November 2015 and continuing until at least October 2019, the defendants and their colleagues deployed destructive malware and took other disruptive actions, for the strategic benefit of Russia, through unauthorized access to victim computers.  

“No country has weaponized its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages,” said Assistant Attorney General for National Security John C. Demers.  “Today the department has charged these Russian officers with conducting the most disruptive and destructive series of computer attacks ever attributed to a single group, including by unleashing the NotPetya malware.  No nation will recapture greatness while behaving in this way.”