UK and Australia blame Russian GRU for quartet of cyber attacks
The Russian military intelligence unit GRU is behind a fresh wave of global cyber attacks, British officials say.
UK Foreign Secretary Jeremy Hunt says the GRU is responsible for "indiscriminate and reckless" attacks against political institutions, businesses, media, and sports.
Britain's National Cyber Security Centre has concluded that hackers behind numerous attacks have been identified as GRU personnel.
Australia has joined the UK in attributing the attacks to the GRU.
In a statement released on Thursday morning, Australian Prime Minister Scott Morrison and Foreign Affairs Minister Marise Payne placed the blame on Russia for:
- The October 2017 BadRabbit ransomware that hit Russia, Ukraine, Germany, and Turkey
- Releasing data from a World Anti-Doping agency hack
- Hacking the US Democratic National Committee in 2016, which resulted in the publishing of the party's emails on WikiLeaks
- Attacking a "small UK-based TV station" between July and August of 2015
Hunt said the UK and its allies would "expose and respond to the GRU's attempts to undermine international stability."
"These cyber attacks serve no legitimate national security interest, instead impacting the ability of people around the world to go about their daily lives free from interference, and even their ability to enjoy sport," he said.
"The GRU's actions are reckless and indiscriminate; they try to undermine and interfere in elections in other countries. They are even prepared to damage Russian companies and Russian citizens."
For its part, Australia said the rule of law applies online just as it does offline, and it would protect the "rules-based international order".
"Cyberspace is not the Wild West," Morrison and Payne said. "The International Community -- including Russia -- has agreed that international law and norms of responsible state behaviour apply in cyberspace.
"By embarking on a pattern of malicious cyber behaviour, Russia has shown a total disregard for the agreements it helped to negotiate."
At the start of the year, the United States, the United Kingdom, and Australia pointed the finger at Russia for the NotPetya malware attacks.
"The UK government judges that the Russian government, specifically the Russian military, was responsible for the destructive NotPetya cyber attack of June 2017," UK Foreign Office Minister for Cyber Security Tariq Ahmad said at the time.
Also see: Blaming Russia for NotPetya was coordinated diplomatic action
"The attack showed a continued disregard for Ukrainian sovereignty. Its reckless release disrupted organisations across Europe, costing hundreds of millions of pounds."
British officials also earlier blamed the GRU for the March nerve agent attack on Russian former spy Sergei Skripal and his daughter Yulia in the English city of Salisbury.
Russia denies any involvement.
Earlier this month, former Facebook CSO Alex Stamos said it was "pretty clear" that GRU wanted to weaken a potential Clinton presidency in 2016.
"Putin has a [you know, it's been well-documented] like a personal antipathy towards her and believes that she was behind the protests against him in the 2012 Russian election, and so the GRU activity was specifically focused on weakening her," he said. "I think it was less about actually electing Trump.
"I find it unlikely that the Russians are better than Nate Silver at predicting elections."
With AAP
Related Coverage
Cyber security: Nation-state cyber attacks threaten everyone, warns ex-GCHQ boss
Citing Russian cyber attacks and WannaCry, ex-GCHQ director Robert Hannigan says nation-state campaigns have become "a problem for everybody"
Edge computing: the cyber security risks you must consider
Edge computing could be an innovative new way to collect data, but it also opens up a world of additional security headaches.
Tesco Bank fined £16.4m over cyber attack
Regulator said the attack which saw hackers steal £2.25m from account holders was 'largely avoidable'.
Cyber security strategy must be a board-level issue
Hacking and data breaches are an ongoing threat, so why are so many execs ignoring the issue?
Here's what happens during a social engineering cyber-attack (TechRepublic)
BioCatch's VP Frances Zelazny explains each step of social engineering hacks, low-tech cyberattacks that have a big impact on business.
How weaponized AI creates a new breed of cyber-attacks (TechRepublic)
IBM security researchers discovered invasive and targeted artificial intelligence-powered cyber-attacks triggered by geolocation and facial recognition.