A group of Russian hackers launched an attack on computer systems connected to the Ukrainian government and 26 NATO allies, including the U.S., with the aim of supporting Russia’s invasion of Ukraine, federal prosecutors revealed on Thursday.
The Department of Justice unveiled a superseding indictment charging five Russian military intelligence service officers and one civilian with conspiracy to commit computer intrusion and wire-fraud conspiracy. The U.S. is offering a $10 million reward for information leading to their whereabouts or details about their cyber campaign.
The indictment accuses the hackers of using a malware called “WhisperGate” to disrupt and leak data, including sensitive patient health records, from Ukrainian computer systems unrelated to military or defense. This was done to create concern among Ukrainian citizens about the security of their government systems and personal information. The hackers then targeted computer systems in the U.S. and 25 other NATO countries that provided support to Ukraine.
RELATED STORY | Right-wing influencers linked to Russian influence operation
“The GRU’s WhisperGate campaign, which includes targeting Ukrainian critical infrastructure and government systems of no military value, exemplifies Russia’s heinous disregard for innocent civilians as it carries out its unjust invasion,” stated Assistant Attorney General Matthew G. Olsen of the National Security Division.
Court documents state that on Jan. 13, 2022, the hackers utilized services from a U.S. company to distribute WhisperGate on various Ukrainian government networks, including the Ministry of Internal Affairs, State Treasury, Judiciary Administration, State Portal for Digital Services, Ministry of Education and Science, Ministry of Agriculture, State Service for Food Safety and Consumer Protection, Ministry of Energy, Accounting Chamber for Ukraine, State Emergency Service, State Forestry Agency, and Motor Insurance Bureau.
After infiltrating some of the targeted systems, the indictment alleges that the hackers defaced their websites with threatening messages and later attempted to sell the hacked data online.
RELATED STORY | Ukraine’s foreign minister resigns as part of Zelenskyy’s wartime reshuffle
The indictment further reveals that the hackers searched for vulnerabilities in protected computer systems of 26 NATO countries and targeted federal government systems in Maryland repeatedly. Additionally, in August 2022, the defendants allegedly hacked the transportation infrastructure of a central European country supporting Ukraine in the war.
“Through cyber actions, these accused individuals trespassed borders to seek weaknesses and cause harm,” commented Special Agent in Charge William J. DelBagno of the FBI Baltimore Field Office. “We, along with law enforcement partners, both national and international, stand united against Russia’s aggressive and illegal actions. We are dedicated to identifying, prosecuting, and thwarting future crimes, and we are committed to vigorously pursuing and countering these threats.”
In a press conference, Olsen emphasized that the DOJ is holding the hackers accountable to deter other Russian individuals from engaging in cyber activities similar to those of the indicted hackers.
“The identified individuals are now targets. We know who they are. There is a bounty on their heads, and we will pursue them tirelessly,” Olsen stated. “The message to the GRU and the Russians is crystal clear: We are aware of your actions. We have breached your systems. The FBI and the Department of Justice will persistently pursue you, so you better take notice that we have identified you and accessed your systems.”
The defendants named in the superseding indictment are Russian GRU members Yuriy Denisov, Vladislav Borovkov, Denis Denisenko, Dmitriy Goloshubov, and Nikolay Korchagin, along with civilian Amin Sitgal.
