A grand jury in Pennsylvania indicted the six men for “conspiracy, computer hacking, wire fraud, aggravated identity theft, and false registration of a domain name,” the DOJ announced on Monday, describing them as officers in Unit 74455 of the Russian Main Intelligence Directorate, or GRU.
The indictment identifies them as Yuriy Sergeyevich Andrienko, Sergey Vladimirovich Detistov, Pavel Valeryevich Frolov, Anatoliy Sergeyevich Kovalev, Artem Valeryevich Ochichenko and Petr Nikolayevich Pliskin.
.@TheJusticeDept says it's indicting 6 Russian government hackers allegedly part of the "Sandworm" team, run by Russian military intelligence GRU (specifically Unit 74455). Among other things, the unit was behind the hack of Ukraine's power grid in 2015. pic.twitter.com/1co5v5aAdk
— Mike Eckel (@Mike_Eckel) October 19, 2020
According to the charges, they used malware like KillDisk, Industroyer, NotPetya and Olympic Destroyer to attack everything from networks in Ukraine and Georgia to the Olympics held in PyeongChang two years ago – in which Russian athletes were not allowed to participate under their national flag, due to doping allegations made by a disgruntled doctor.
The six are also accused of undermining “efforts to hold Russia accountable for its use of a weapons-grade nerve agent, Novichok, on foreign soil” – referring to the March 2018 claims by the British government that Russia “highly likely” used the toxin against a former spy and his daughter, an accusation Moscow repeatedly denied.
Assistant Attorney General for National Security John C. Demers has claimed that “No country has weaponized its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and to satisfy fits of spite.”
Monday’s indictment is hardly a surprise, considering that NATO and US officials have blamed the 2017 NotPetya outbreak on Moscow for years, even though the malware struck numerous Russian companies – from the central bank to the oil giant Rosneft and metal-maker Evraz – as well.
The October 2019 Georgia attack was “in line with Russian tactics,”declared CrowdStrike, the same security company that was tasked with dealing with the 2016 “hack” of the Democratic National Committee. CrowdStrike’s president had secretly admitted to Congress that they had no actual evidence of the hack itself.
The indictment also accuses the “GRU officers” of trying to breach the Organisation for Prohibition of Chemical Weapons (OPCW). The international body faced a scandal after whistleblowers revealed that a report blaming chemical attacks in Syria on the country’s government omitted details that did not fall in line with the narrative pushed by the US and the UK.
US indictment of GRU officers alleges spearphishing attempt of OPCW. Although it's not directly tied, safe bet that this allegation will now be used to help whitewash OPCW's Douma cover-up. We've already seen internal OPCW leaks dismissed as "Russian disinformation." pic.twitter.com/uCoJBgPLJO
— Aaron Maté (@aaronjmate) October 19, 2020
In announcing the indictment, the DOJ thanked the authorities in Ukraine, Georgia, New Zealand, South Korea, and UK “intelligence services” – as well as Google, Facebook and Twitter – for “significant cooperation and assistance” with the investigation.
The same “GRU unit” and Kovalev specifically were previously indicted by Special Counsel Robert Mueller for alleged “meddling” in 2016 US elections. As with Mueller’s indictments, Monday’s charges have largely symbolic value; the accused are not likely to ever see the inside of a US courtroom. The only indictment that was actually contested in court – against the so-called IRA troll farm – was dropped by the DOJ in March, due to lack of evidence.
Russia’s military intelligence has not gone by the name of GRU since 2010.
Think your friends would be interested? Share this story!