Who are the Russian hackers named by UK government?
UK National Cyber Security Centre says Kremlin masterminded high-profile cyberattacks
The British government has directly accused Russia’s GRU military intelligence agency of being behind a spate of “reckless and indiscriminate cyberattacks” across the world.
A new report by the UK’s National Cyber Security Centre accuses Russian intelligence services of masterminding six acts of cyberwarfare that served no legitimate Russian national security interests.
In an unprecedented statement, Foreign Secretary Jeremy Hunt said: “The GRU’s actions are reckless and indiscriminate. They try to undermine and interfere in elections in other countries, they are even prepared to damage Russian companies and Russian citizens.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
“This pattern of behaviour demonstrates their desire to operate without regard to international law or established norms, and to do so with a feeling of impunity and without consequences.
“Our message is clear - together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.”
The UK Foreign Office has identified 12 code-named hacking groups believed to be linked to the GRU - Fancy Bear, Voodoo Bear, APT28, Sofacy, Pawnstorm, Sednit, CyberCaliphate, Cyber Berku, BlackEnergy Actors, STRONTIUM, Tsar Team and Sandworm.
“Some of the groups are well known, like Fancy Bear, and others less well known,” says the BBC’s Gordon Corera. “The British statement puts them all together in one place and confirms that in the view of British intelligence, they all belong to the GRU.”
The alleged attacks by the intelligence agency include the hacking of the US Democratic National Committee in 2016, which resulted in a mass leak of private emails and message logs from party officials.
Also on the list is the hacking of an unnamed small UK-based TV station between July and August 2015, when multiple email accounts were accessed and content stolen.
And UK cyber experts believe the GRU was almost certainly behind the Bad Rabbit ransomware attack last year, which “targeted a Ukrainian international airport and Russian media outlets, as well as the hacking of the World Anti-Doping Agency in Switzerland”, says the Radio Free Europe/Radio Liberty news site.
Former UK diplomat Lord Ricketts told the BBC that Russia may have targeted the doping watchdog “to distract from the very serious allegations about Russian athletes”, while the Ukraine attack was probably intended to “destabilise” the region.
But some of the other attacks appear to have been random, Ricketts added, and might have been part of a “pilot project” to “see what they can do at a point where they wanted to use” cyberwarfare.
Professor Malcolm Chalmers of London-based defence think-tank Rusi told The Guardian: “Most intelligence services try to gain advantage through stealing the secrets of their adversaries. But the GRU’s activities go well beyond this traditional peacetime espionage role.
“By launching disruptive operations that threaten life in target societies, they blur the line between war and peace.”
The allegations in the new report “are bound to be dismissed as propaganda by Russia, but experts claim [Russian President Vladimir] Putin would be taken aback by the depth of the exposure of his intelligence service’s actions”, adds the newspaper.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
-
Women are getting their own baseball league again
In the Spotlight The league is on track to debut in 2026
By Justin Klawans, The Week US Published
-
Giant TVs are becoming the next big retail commodity
Under the Radar Some manufacturers are introducing TVs over 8 feet long
By Justin Klawans, The Week US Published
-
When will mortgage rates finally start coming down?
The Explainer Much to potential homebuyers' chagrin, mortgage rates are still elevated
By Becca Stanek, The Week US Published
-
The new powers to stop stalking in the UK
The Explainer Updated guidance could help protect more victims, but public is losing trust in police and battered criminal justice system
By Harriet Marsden, The Week UK Published
-
Russia blamed for cyberattack that exposed UK voters’ data
Speed Read Electoral Commission has not formally identified ‘hostile actors’ behind massive breach but experts say Russians ‘top suspect list’
By Richard Windsor Published
-
‘Pig butchering’ and dodgy apps: four convincing scams to watch out for
Speed Read Consumer watchdog warns cybercriminals are becoming ‘more sophisticated’
By Julia O'Driscoll Published
-
Dark web marketplace that sold bank-hacking bots seized by FBI
Speed Read
By Justin Klawans Published
-
Ukrainian hackers’ hoax unmasks Russian pilots accused of Mariupol theatre bombing
Speed Read Military wives and girlfriends duped into posing for photoshoot in ‘virtual false-flag operation’
By Jamie Timson Published
-
DOJ warns of spike in 'sextortion' cases targeting underage boys
Speed Read
By Theara Coleman Published
-
How Scotland Yard took down iSpoof in UK’s biggest ever fraud investigation
Speed Read Thousands of victims robbed of £10,000 each on average by scammers posing as banks and trusted sources
By Julia O'Driscoll Published
-
Indian ‘hack-for-hire’ gangs target UK firms and politicians
Speed Read Cybercriminals access private email accounts of dozens of high-profile Brits
By The Week Staff Published