In a series of coordinated announcements, authorities in the US, UK, the Netherlands and Australia have accused the Russian military intelligence agency GRU of a huge array of cyberattacks around the world.
The stunning revelations included details about Russian alleged attempts to target everything from the global chemical weapons watchdog to anti-doping agencies, and a probe into the downed Malaysian Airlines Flight 17.
Russia rejected the allegations on Thursday, calling it a “diabolical cocktail” of someone with a “rich imagination”.
Here’s an overview of what Russia is being accused of:
2014: MH17 plane crash investigation
British authorities allege that a GRU operation conducted “malign activity” when it tried to collect information about the investigation into the 2014 downing of the Malaysia Airlines Flight 17 over war-ravaged eastern Ukraine by targeting Malaysian government institutions, including the Attorney General’s office and Malaysian police.
Dutch officials added that GRU agents had logged into Wi-Fi networks near a Malaysian hotel where investigators had gathered.
The reconstructed frame of Malaysia Airlines flight MH17 was shown at the presentation of the final report into the crash of July 2014 [Michael Kooren/Reuters] |
Most of the 298 people killed onboard MH17 were Dutch citizens, and investigators say they have strong evidence the Buk missile that downed the plane came from Russia, a charge Russia denies.
Dutch Defence Minister Ank Bijleveld said: “We have been aware of the interest of Russian intelligence services in this investigation and have taken appropriate measures.”
2016: US elections and Olympics
According to US investigators, agents from the GRU’s Unit 26165 broke into the Democratic National Committee’s emails, wreaking havoc during the 2016 US presidential election.
Authorities also accuse the GRU of sustained efforts to breach the computer systems of global and national anti-doping agencies and sporting governing bodies including the International Olympic Committee and football’s FIFA.
Russian agents allegedly hacked into the website of the Court of Arbitration for Sport, the highest court in world sports, during the 2016 Rio de Janeiro Olympics.
The court had been looking at doping cases involving Russian athletes.
In September 2016, medical data of 250 athletes was released following a hack. Evidence suggests that in the same month, GRU agents also logged into Wi-Fi networks near a Lausanne, Switzerland, hotel where a World Anti-Doping Agency conference was held.
One official from the Canadian Center for Ethics in Sport had their laptop compromised by malware.
According to a US indictment on Thursday, the GRU targeted the hacking victims because they had publicly supported a ban on Russian athletes in international sports competitions and because they had condemned Russia’s state-sponsored athlete doping programme.
2017: Ukraine infrastructure
The GRU is accused of a catastrophic attack in June 2017 on Ukraine using malicious software that briefly knocked out cash machines, gas stations, pharmacies and hospitals.
According to a secret White House assessment recently cited by Wired, the attack caused $10bn worth of damage worldwide.
2018: Skripal poisoning, hacking attempt at OPCW
British authorities say that in March, immediately after the nerve agent attack on ex-Russian spy Sergei Skripal in Salisbury, the GRU tried to hack into Foreign Office computer systems via a phishing attack.
Sergei and Yulia Skripal were poisoned with a nerve agent in the southern English city of Salisbury on March 4 [Rex Features] |
In April, four GRU operatives allegedly flew from Moscow to the Netherlands and attempted to hack into and infect the Organization for the Prohibition of Chemical Weapons’ Wi-Fi network in what’s known as a close access hack operation.
Four Russian citizens, who allegedly attempted to hack the Organization for the Prohibition of Chemical Weapons in The Hague [Dutch defence ministry] |
Mobile phones and a camera were found in possession of the four Russian men, who allegedly attempted to hack the OPCW in The Hague [Dutch defence ministry] |
Dutch authorities showed photos including one of a gray rented Citroen with its trunk full of hacking equipment.
The men were caught and expelled from the Netherlands.
In May, GRU hackers allegedly sent phishing emails impersonating Swiss federal authorities to target OPCW employees directly.
The chemical weapons watchdog had confirmed that Skripal was poisoned by the Soviet-produced nerve agent known as Novichok.
Britain says the attack was carried out by GRU officers and almost certainly approved “at a senior level of the Russian state”.
Russian reaction
Moscow on Thursday rejected the accusations, saying they were unworthy and part of a disinformation campaign designed to damage Russian interests.
Maria Zakharova, a spokesperson for the Russian Ministry of Foreign Affairs, told a news briefing that the accusations were the product of someone with a “rich imagination”.
“It’s some kind of a diabolical perfume cocktail [of allegations],” TASS news agency quoted Zakharova as telling reporters.
“The vivid imagination of our colleagues from the UK has no boundaries indeed […] it’s undignified for the country, which pretends to play one of the leading roles in the world,” she said.