The U.S., Australia and United Kingdom accused Russian G.R.U. of Cyberattacks on Georgia

The Russian Intelligence Agency G.R.U. Headquarter

The United States, Australia and United Kingdom allies on Thursday accused Russia’s main military intelligence agency of a broad cyberattack against the republic of Georgia in October that took out websites and interrupted television broadcasts, in a coordinated effort to deter Moscow from intervening in the 2020 presidential election in the United States.

Russian military intelligence, known as the G.R.U., was one of the agencies implicated in the cyberoperations aimed at interfering in that election and in a 2017 attack that struck major companies around the world, including Merck, Federal Express and Maersk. That attack is considered one of the most destructive and expensive in history, causing billions of dollars in damage.

By comparison, the attack on Georgia in October was limited, and received only modest press coverage at the time. So it was a surprise when Mr. Pompeo’s statement on Thursday was backed up by simultaneous accusations from Britain, Australia and a host of European nations, all lending credence to the American conclusion that Russia’s Main Center for Special Technology, a unit with the G.R.U., was responsible.

For the first time, the State Department also linked the Russian military unit to a notorious Russian hacker group known as Sandworm, which is believed to be responsible for some of the most brazen cyberattacks around the world over the past decade.

The official said the announcement was specifically meant as a warning to the Kremlin. It mirrors the National Security Agency’s move in 2018 to briefly shut down the Internet Research Agency, another Russian unit that operates outside the formal government structure and that had been involved in the attacks related to the last presidential election.

For years, Russia has tormented neighboring countries with targeted cyberattacks, including orchestrating two blackouts in Ukraine and broad online assaults on Estonian institutions. There were cyberattacks on Georgia in 2008, as part of a hybrid action in which Russia took control of some Russian-speaking parts of the country. It retains that control today.

The United States never formally attributed the cyberelement of those attacks to Russia, though outside experts say it was all part of a unified military operation that, in retrospect, was a crude but effective foreshadowing of Russian operations to come.

The attack on Georgia was a classic act of disruption, though relatively modest by current standards. It affected more than 2,000 government and privately run websites, interfered with government operations and interrupted television broadcasts, including that of the national television station.

In the attack, for example, the image of a former president of Georgia, Mikheil Saakashvili, was pasted to the home pages of many sites, with the caption, “I’ll be back.”

Mr. Saakashvili served two terms from 2004 to 2013. He gave up his Georgian citizenship in 2015 and is wanted in the country on criminal charges, which he says are politically motivated.

Vladimer Konstantinidi, a spokesman for Georgia’s Foreign Ministry, told reporters at a news briefing on Thursday, “The investigation conducted by the Georgian authorities, together with information gathered through cooperation with partners, concluded that this cyberattack was planned and carried out by the main division of the General Staff of the Armed Forces of the Russian Federation.”

© 2020, GDC. © GDC and Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to with appropriate and specific direction to the original content.

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.