Security News > 2020 > October > US charges Sandworm hackers who mounted NotPetya, other high-profile attacks
The Sandworm Team hacking group is part of Unit 74455 of the Russian Main Intelligence Directorate, the US Department of Justice claimed as it unsealed an indictment against six hackers and alleged members on Monday.
"These GRU hackers and their co-conspirators engaged in computer intrusions and attacks intended to support Russian government efforts to undermine, retaliate against, or otherwise destabilize: Ukraine; Georgia; elections in France; efforts to hold Russia accountable for its use of a weapons-grade nerve agent, Novichok, on foreign soil; and the 2018 PyeongChang Winter Olympic Games after Russian athletes were banned from participating under their nation's flag, as a consequence of Russian government-sponsored doping effort," the DoJ alleges.
The UK government confirmed their prior assessments that many of the aforementioned attacks had been the work of the Russian GRU. Sandworm Team hackers.
Sandworm Team is the group behind many conspicuous attacks in the last half a decade, the DoJ claims, all allegedly performed under the aegis of the Russian government.
It's unusual to see the US mount criminal charges against intelligence officers that were engaged in cyber-espionage operations outside the US, but the rationale here is that many of the attacks resulted in real-world consequences that were aimed at undermining the target countries' governments and destabilizing the countries themselves, and that they affected individuals, civilian critical infrastructure, and private sector companies.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Znsk8N1CAIo/
Related news
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Healthcare attacks spread beyond US – just ask India's Star Health (source)
- China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- US says Chinese hackers breached multiple telecom providers (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)