The US has charged six Russian military intelligence officers with hacking targets including Emmanuel Macron’s political party, the International Olympic Committee and the UK government lab that investigated the poisoning of Sergei Skripal.
The indictment announced on Monday tied a number of cyber attacks that allegedly advanced Russian interests in multiple countries to a group of current and former Russian military officers who worked for the GRU, the country’s spy agency.
The US Department of Justice said the alleged hackers were behind a 2015 and 2016 attack on Ukraine’s energy grid; a 2017 “hack-and-leak” effort against En Marche!; the French president’s party; and attacks on the 2018 Winter Olympics, from which Russia was banned.
The accused Russian officers were also responsible for the destructive 2017 malware NotPetya; the targeting of Georgia’s parliament in 2019; and attacks on organisations that probed the 2018 poisoning of Mr Skripal in the UK, which has been attributed to Russia.
“No country has weaponised its cyber capabilities as maliciously or irresponsibly as Russia, wantonly causing unprecedented damage to pursue small tactical advantages and to satisfy fits of spite,” said John Demers, the head of the justice department’s national security division.
He said the six officers had conducted “the most disruptive and destructive series of computer attacks ever attributed to a single group, including by unleashing the NotPetya malware”.
The Kremlin and Russia’s defence ministry did not immediately respond to a request for comment from the FT.
The indictment is the latest in a series of cyber-hacking cases announced by the US against Russian nationals. One of the six was previously indicted for allegedly stealing and leaking Democratic party emails during the 2016 US presidential election.
The UK on Monday formally accused Moscow of trying to hack the Tokyo Olympics and Paralympics, which had been planned for this summer. According to British officials, Russian hackers conducted “cyber reconnaissance” operations against organisers, logistics suppliers and sponsors of the games.
Dominic Raab, UK foreign secretary, described the GRU’s actions against the Olympic and Paralympic Games as “cynical and reckless”.
“We condemn them in the strongest possible terms,” Mr Raab said. “The UK will continue to work with our allies to call out and counter future malicious cyber attacks.”
The UK’s National Cyber Security Centre, a branch of signals intelligence agency GCHQ, also revealed that the attacks on the 2018 Pyeongchang winter games were perpetrated by the GRU’s Main Centre for Special Technologies.
The hacks were intended to destabilise the event after Russian athletes were banned from participating under their own flag due to revelations of state-sponsored doping.
In an attempt to cover their tracks, the GRU team posed as hackers from China and North Korea by mimicking their digital techniques.
Russian hackers have previous form in so-called false flag attacks, having hijacked tools used by Iranian cyber units to investigate military establishments, government departments, scientific organisations and universities.
A Moscow-backed attack on French TV network TV5Monde in 2015 was initially disguised as the work of Isis militants.
Additional reporting by Henry Foy