Wednesday, April 14, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

US charges Russian hackers behind NotPetya, KillDisk, OlympicDestroyer attacks

October 20, 2020
in Internet Security
US charges Russian hackers behind NotPetya, KillDisk, OlympicDestroyer attacks
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: Warner Bros

The US Department of Justice has unsealed charges today against six Russian nationals believed to be part of one of Russia’s most elite and secretive hacking groups, universally known as Sandworm.

US officials said all six nationals are officers in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the Russian Army, DOJ officials said today.

You might also like

ASIO boss says he’s not concerned with Australian Parliament’s March outage

‘FLoC off!’ Vivaldi declares as it says no to Google’s tracking system

Microsoft April patch download covers 114 CVEs including new Exchange Server bugs

Under orders from the Russian government, US officials said the six (believed to be part of a much larger group) conducted cyber-attacks on behalf of the Russian government with the intent to destabilize other countries, interfere in their internal politics, and cause havoc and monetary losses.

Their attacks span the last decade and include some of the biggest cyber-attacks known to date:

  1. Ukrainian Government & Critical Infrastructure: December 2015 through December 2016 destructive malware attacks against Ukraine’s electric power grid, Ministry of Finance, and State Treasury Service, using malware known as BlackEnergy, Industroyer, and KillDisk; 
  2. French Elections: April and May 2017 spearphishing campaigns and related hack-and-leak efforts targeting French President Macron’s “La République En Marche!” (“En Marche!”) political party, French politicians, and local French governments prior to the 2017 French elections; 
  3. Worldwide Businesses and Critical Infrastructure (NotPetya): June 27, 2017, destructive malware attacks that infected computers worldwide using malware known as NotPetya, including hospitals and other medical facilities in the Heritage Valley Health System (“Heritage Valley”) in the Western District of Pennsylvania; a FedEx Corporation subsidiary, TNT Express BV; and a large US pharmaceutical manufacturer, which together suffered nearly $1 billion in losses from the attacks; 
  4. PyeongChang Winter Olympics Hosts, Participants, Partners, and Attendees: December 2017 through February 2018 spearphishing campaigns and malicious mobile applications targeting South Korean citizens and officials, Olympic athletes, partners, and visitors, and International Olympic Committee (“IOC”) officials;  
  5. PyeongChang Winter Olympics IT Systems (Olympic Destroyer): December 2017 through February 2018 intrusions into computers supporting the 2018 PyeongChang Winter Olympic Games, which culminated in the February 9, 2018, destructive malware attack against the opening ceremony, using malware known as Olympic Destroyer;
  6. Novichok Poisoning Investigations: April 2018 spearphishing campaigns targeting investigations by the Organisation for the Prohibition of Chemical Weapons (“OPCW”) and the United Kingdom’s Defence Science and Technology Laboratory’s (“DSTL”) into the nerve agent poisoning of Sergei Skripal, his daughter, and several UK citizens; and 
  7. Georgian Companies and Government Entities: a 2018 spearphishing campaign targeting a major media company, 2019 efforts to compromise the network of Parliament, and a wide-ranging website defacement campaign in 2019.

The group’s activities have not gone undetected.

Many of these cyber-attacks have been documented by the cyber-security industry in reports published since at least 2010.

The group’s activities and malware have been often referenced under codenames like Telebots, BlackEnergy, Voodoo Bear, but above all Sandworm — now, the universal name under which the group is mostly referred to.

According to court documents, the six GRU officers charged today, and their respective crimes, are listed below:

Defendant

Summary of Overt Acts

Yuriy Sergeyevich Andrienko

·         Developed components of the NotPetya and Olympic Destroyer malware.

Sergey Vladimirovich Detistov

·         Developed components of the NotPetya malware; and

·         Prepared spearphishing campaigns targeting the 2018 PyeongChang Winter Olympic Games. 

Pavel Valeryevich Frolov

·         Developed components of the KillDisk and NotPetya malware.

Anatoliy Sergeyevich Kovalev

·         Developed spearphishing techniques and messages used to target:

–          En Marche! officials;

–          employees of the DSTL;

–          members of the IOC and Olympic athletes; and

–          employees of a Georgian media entity.

Artem Valeryevich Ochichenko

·         Participated in spearphishing campaigns targeting 2018 PyeongChang Winter Olympic Games partners; and

·         Conducted technical reconnaissance of the Parliament of Georgia official domain and attempted to gain unauthorized access to its network.

Petr Nikolayevich Pliskin

·         Developed components of the NotPetya and Olympic Destroyer malware.

sandworm-apt.png

Image: FBI

The six supects are still at large in Russia. If they are apprehended and trialed in the US, all six risk sentences of tens of years in prison, each.

Irresponsible use of destructive malware

But today’s case is also a rarity. International norms exempt espionage operations from international prosecution.

But in a press conference today, US officials said the group’s cyber-attacks often relied on the indiscriminate use of malware with destructive capabilities that caused not only financial losses to thousands of companies but also put human life at risk, showing a disregard for norms.

“As this case shows, no country has weaponized its cyber capabilities as maliciously and irresponsibly as Russia, wantonly causing unprecedented collateral damage to pursue small tactical advantages and to satisfy fits of spite,” said Assistant Attorney General for National Security John C. Demers, referring to the attacks against Olympic Games infrastructure (a non-espionage target) after Russian athletes where banned from participating, and the NotPetya ransomware, which Sandworm initially targeted only at Ukraine but over which they quickly lost control, damaging companies worldwide.

Because of this “irresponsible” use of destructive malware, US officials claim Sandworm caused damages of over $1 billion to victims worlwide.

US Attorney Scott W. Brady said the US has been working for the past two years on a case against Sandworm operators.

“The crimes committed by Russian government officials were against real victims who suffered real harm,” Brady said in a prepared statement. “We have an obligation to hold accountable those who commit crimes – no matter where they reside and no matter for whom they work – in order to seek justice on behalf of these victim.”

Credit: Zdnet

Previous Post

Research to bring more secure software for autonomous battlefield operations

Next Post

7 marketing trends for 2021

Related Posts

ASIO boss says he’s not concerned with Australian Parliament’s March outage
Internet Security

ASIO boss says he’s not concerned with Australian Parliament’s March outage

April 14, 2021
‘FLoC off!’ Vivaldi declares as it says no to Google’s tracking system
Internet Security

‘FLoC off!’ Vivaldi declares as it says no to Google’s tracking system

April 14, 2021
Microsoft April patch download covers 114 CVEs including new Exchange Server bugs
Internet Security

Microsoft April patch download covers 114 CVEs including new Exchange Server bugs

April 14, 2021
Cybersecurity: Victims are spotting cyber attacks much more quickly – but there’s a catch
Internet Security

Cybersecurity: Victims are spotting cyber attacks much more quickly – but there’s a catch

April 14, 2021
Samsung’s new Galaxy Quantum 2 uses quantum cryptography to secure apps
Internet Security

Samsung’s new Galaxy Quantum 2 uses quantum cryptography to secure apps

April 14, 2021
Next Post
7 marketing trends for 2021

7 marketing trends for 2021

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

ASIO boss says he’s not concerned with Australian Parliament’s March outage
Internet Security

ASIO boss says he’s not concerned with Australian Parliament’s March outage

April 14, 2021
Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits
Internet Privacy

Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits

April 14, 2021
Seminar on Machine Learning Techniques in Banking – India Education| Global Education |Education News
Machine Learning

Seminar on Machine Learning Techniques in Banking – India Education| Global Education |Education News

April 14, 2021
Four Tips for Better Videos Ads on LinkedIn [Infographic]
Marketing Technology

Four Tips for Better Videos Ads on LinkedIn [Infographic]

April 14, 2021
‘FLoC off!’ Vivaldi declares as it says no to Google’s tracking system
Internet Security

‘FLoC off!’ Vivaldi declares as it says no to Google’s tracking system

April 14, 2021
Applying artificial intelligence to science education — ScienceDaily
Machine Learning

Machine learning can help slow down future pandemics — ScienceDaily

April 14, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • ASIO boss says he’s not concerned with Australian Parliament’s March outage April 14, 2021
  • Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits April 14, 2021
  • Seminar on Machine Learning Techniques in Banking – India Education| Global Education |Education News April 14, 2021
  • Four Tips for Better Videos Ads on LinkedIn [Infographic] April 14, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates