Illustration by Alex Castro / The Verge
The Justice Department has charged six Russian intelligence officers with involvement in an extensive hacking campaign, including the notorious Petya ransomware attacks that targeted Ukraine in 2015. According to the indictment, the efforts also targeted the country of Georgia, the French elections, the 2018 winter Olympics, and investigations into the poisoning of former Russian military officer Sergei Skripal.
Many of the specific incidents in the indictment have been previously reported, but no law enforcement agency has publicly charged Russia’s GRU with orchestrating the attacks. Russia’s primary military intelligence agency, the GRU has previously been associated with a wide range of cyberattacks dubbed “Fancy Bear” by private-sector researchers. In this case, prosecutors even pin the operation down to a specific GRU building located at 22 Kirova Street in Moscow, which the indictment refers to as “the Tower.”
The indictment follows previous prosecutions concerning GRU campaigns against the 2014 Olympics or the Democratic National Committee during the 2016 campaign. One of the six defendants, Anatoliy Kovalev, was also named in the DNC indictments. But Monday’s indictment reaches further, alleging an international campaign of cyberattacks and political influence campaigns to further Russian national interests.
The most devastating of the attacks came against Ukrainian power grids in 2015. The first attack compromised internal networks at all three of the country’s major energy distribution companies, rendering computers inoperable and leaving more than 200,000 people without power in the dead of winter. The following year, a subsequent attack was launched against the country’s Ministry of Finance and State Treasury Service.
As with previous indictments against foreign hackers, Russia is unlikely to extradite the defendants, and it is unlikely that they will ever stand trial. Nonetheless, the new prosecution is a significant milestone in the ongoing efforts to hold the GRU accountable for its digital attacks.
The indictment is the result of more than two years of investigation by the FBI, a point that was emphasized by agents who worked on the case. “The exceptional talent and dedication of our teams in Pittsburgh, Atlanta and Oklahoma City who spent years tracking these members of the GRU is unmatched,” said Michael Christman, FBI special agent in charge of the Pittsburgh field office, in a statement. “These criminals underestimated the power of shared intelligence, resources and expertise through law enforcement, private sector and international partnerships.”