US DoJ indicts six Russian hackers

By Dylan Bushell-Embling
Friday, 23 October, 2020

The US Department of Justice has won an indictment against six Russian members of one of the nation’s military intelligence agencies accused of being behind sophisticated attacks intended to advance Russian interests.

The six indicted suspects, all officers of the Russian Main Intelligence Directorate (GRU) — an agency of the General Staff of the Armed Forces — have been accused of being behind attacks using some of the world’s most destructive malware to date.

According to the indictments, the six hackers and their co-conspirators engaged in computer intrusions and attacks intended to support Russian government efforts to destabilise Ukraine and Georgia.

The suspects are also accused of being behind attacks designed to interfere with elections in France, interfere with the investigation into Russia’s alleged use of the weapons-grade nerve agent Novichok on foreign soil, and retaliate against the 2018 PyeongChang Winter Olympic Games after Russian athletes were banned from participating under their nation’s flag due to doping allegations.

The attacks were linked to high-profile malware including KillDisk and Industroyer — which caused blackouts in Ukraine — NotPetya, which caused billions in losses to victim organisation, and Olympic Destroyer, which disrupted thousands of computers used to support the 2018 PyeongChang Winter Olympics.

The attacks are alleged to have taken place from late 2015 to late 2019.

Meanwhile the US National Security Agency (NSA) has released a new cybersecurity advisory detailing 25 vulnerabilities that Chinese state-sponsored malicious cyber actors are alleged to be currently exploiting or targeting.

While the vulnerabilities are publicly known, the NSA published evidence showing that they are now being actively exploited.

Many of the vulnerabilities can be used to gain initial access to a network by exploiting products that are directly accessible from the internet, the NSA said.

“We hear loud and clear that it can be hard to prioritise patching and mitigation efforts,” NSA Cybersecurity Director Anne Neuberger said.

“We hope that by highlighting the vulnerabilities that China is actively using to compromise systems, cybersecurity professionals will gain actionable information to prioritise efforts and secure their systems.”

Image credit: ©stock.adobe.com/au/James Thew