Six Russian military officers sought to disrupt through computer hacking the French election, the Winter Olympic Games and US businesses, according to a Justice Department indictment unsealed on Monday that details attacks on a broad range of political, financial and athletic targets.
The indictment also accuses the defendants, all alleged officers in the Russian military agency known as the GRU, of destructive attacks on Ukraine’s power grid and of a hack-and-leak effort directed at the political party of French President Emmanuel Macron during the 2017 election.
The indictment does not charge the defendants in connection with interference in US elections, focusing instead on attacks that prosecutors said were aimed at promoting Russian’s own geopolitical interests. Those include cyberattacks that targeted the 2018 Winter Olympic Games in South Korea, where Russian athletes were banned because of a state-sponsored doping effort.
“No country has weaponized its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and to satisfy fits of spite,” said Assistant Attorney General John Demers, the Justice Department’s top national security official.
He called it “the most disruptive and destructive series of computer attacks ever attributed to a single group”.
British officials joined their US counterparts in accusing Russian military officers, saying the GRU hackers had also conducted “cyber reconnaissance” operations against organisers of the 2020 Tokyo Games, which were originally scheduled to be held this year but postponed because of the coronavirus outbreak in Japan.
The officials declined to give specific details about the attacks or whether they were successful, but said they had targeted Games organisers, logistics suppliers and sponsors, the Reuters news agency reported.
US and UK officials also accused Russians of a hack of the 2018 Winter Olympic Games opening ceremony in South Korea, which compromised hundreds of computers, took down Internet access and disrupted broadcast feeds.
The attack in South Korea had previously been linked to Russia by cybersecurity researchers but was made to look like the work of Chinese or North Korean hackers, the UK’s foreign ministry said in a statement.
“The attacks on the 2020 Summer Games are the latest in a campaign of Russian malicious activity against the Olympic and Paralympic Games,” it said.
“The UK is confirming for the first time today the extent of GRU targeting of the 2018 Winter Olympic and Paralympic Games in Pyeongchang, Republic of Korea.”
British Foreign Secretary Dominic Raab said: “The GRU’s actions against the Olympic and Paralympic Games are cynical and reckless. We condemn them in the strongest possible terms.
“The UK will continue to work with our allies to call out and counter future malicious cyberattacks”.
FBI Deputy Director David Bowdich said: “The FBI has repeatedly warned that Russia is a highly capable cyber adversary, and the information revealed in this indictment illustrates how pervasive and destructive Russia’s cyber activities truly are.”
Big news: DOJ today unsealed charges against Sandworm, naming the Russian GRU hackers who have for 5 years crossed every red line in cyberwar from blackouts to disrupting the Olympics to unleashing the NotPetya worm that cost $10 billion. https://t.co/2eviueSKT5 < Updates to come
— Andy Greenberg (@a_greenberg) October 19, 2020
Russia was banned from the world’s top sporting events for four years in December over widespread doping offences.
The alleged attacks on the 2020 Games are the latest in a string of hacking attempts against international sporting organisations that Western officials and cybersecurity experts say have been orchestrated by Russia since its doping scandal erupted five years ago.
Moscow has repeatedly denied the allegations.