October 5, 2018
The Justice Department’s National Security Division claims that seven hackers suspected of working with Russia’s GRU military intelligence unit were part of a conspiracy to hack multiple organizations including the World Anti-Doping Agency, the Democratic National Committee, a nuclear energy company and several media outlets. The Fancy Bear cyber espionage group, also known as Sofacy or APT28, is accused of launching a disinformation campaign leading up to the 2016 U.S. presidential election, and “hacking to obtain non-public, health information about athletes and others in the files of anti-doping agencies in multiple countries.”
TechCrunch reports that the Justice Department’s indictment accuses the Russian hackers of “often using fictitious personas and proxy servers,” and claims that they “researched victims, sent spearphishing emails, and compiled, used, and monitored malware command and control servers.”
“As part of its influence and disinformation efforts, the Fancy Bears’ Hack Team engaged in a concerted effort to draw media attention to the leaks through a proactive outreach campaign,” explained the prosecutors. “The conspirators exchanged e-mails and private messages with approximately 186 reporters in an apparent attempt to amplify the exposure and effect of their message.”
“The actions of these seven hackers, all working as officials for the Russian government, were criminal, retaliatory, and damaging to innocent victims and the United States’ economy, as well as to world organizations,” said FBI director Christopher Wray.
“Although it’s not the first time that Russia has been linked or suspected of carrying out cyberattacks and spreading disinformation, the U.S. and U.K. have not until today officially accused the Kremlin of its role in these attacks,” notes TechCrunch.
West Accuses Russia of Persistent Campaign of Hacking by the Kremlin, The Wall Street Journal, 10/4/18
Technology Advances Make It Easier to Assign Blame for Cyberattacks, The Wall Street Journal, 10/4/18
U.S. Warns of New Hacking Spree From Group Linked to China, Reuters, 10/3/18