British Foreign Secretary Jeremy Hunt on Thursday accused Russian military intelligence of conducting a campaign of “indiscriminate and reckless” online attacks targeting political institutions, businesses, media and sport bodies around the world. Britain’s National Cyber Security Centre (NCSC) has identified operatives from Russia’s GRU arm as being behind various high-profile computer attacks, according to the Foreign Office. Many have been previously linked to Moscow, including the 2017 “BadRabbit” ransomware targeting of a Ukrainian international airport and Russian media outlets, and last year’s attempted hacking of the World Anti-Doping Agency in Switzerland.
“This pattern of behaviour demonstrates their desire to operate without regard to international law or established norms and to do so with a feeling of impunity and without consequences,” Hunt said in a statement. “Our message is clear: together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.”The NCSC has “high confidence” that the GRU was “almost certainly” responsible for the 2017 attacks, as well as others including the infamous targeting of the US Democratic Party ahead of the 2016 presidential election, according to Whitehall sources.
The British government holds the Kremlin ultimately responsible for the cyber campaign, they said.The Foreign Office described it as a “flagrant violation of international law” that had cost national economies millions of pounds. “These cyber attacks serve no legitimate national security interest, instead impacting the ability of people around the world to go about their daily lives free from interference, and even their ability to enjoy sport,” Hunt added. “The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries; they are even prepared to damage Russian companies and Russian citizens.”
The hackers identified as GRU operatives by the NCSC include an entity variously called “APT28”, “Pawn Storm”, “Sandworm”, “Fancy Bear” and the “Sofacy Group”.The Justice Department in the United States has previously blamed the group for conducting numerous hacking operations there and around the world. They include targeting everything from American political parties and the websites of conservative US think tanks to key infrastructure industries like power grids.Malcolm Chalmers, deputy director general at the Royal United Services Institute (RUSI), said the GRU’s activities “go well beyond traditional peacetime espionage”. “By launching disruptive operations that threaten life in target societies, they blur the line between war and peace,” he added.