The criminal charges the Department of Justice (DOJ) and Federal Bureau of Investigation (FBI) announced today against six officers of the Russian General Staff Main Intelligence Directorate’s (GRU) Military Unit 74455 highlight once again Russia’s continuing disruptive, destructive, and destabilizing activities in cyberspace.
As the DOJ and FBI make clear, this Russian military intelligence unit unleashed some of the most destructive malware the world has seen. The 2017 NotPetya cyber attack, which we publicly attributed previously to Russian military intelligence, was launched in Ukraine and caused billions of dollars in damage across Europe, Asia, and the Americas. The GRU’s action disrupted the delivery of critical infrastructure services to the public, including in the transportation and healthcare sectors.
Meanwhile, the GRU’s targeting of the 2018 PyeongChang Winter Olympics, after Russia was penalized for anti-doping violations, shows Russia’s willingness to use cyber capabilities to lash out at those who would hold it accountable for its malign behavior. Another GRU cyber attack described in the indictment resulted in the disruption of critical electrical distribution networks and financial services in Ukraine. Additional malicious cyber activities included in the indictment targeted organizations investigating the 2018 nerve agent poisoning of Sergei Skripal and others in the UK. Finally, the indictment describes GRU malicious cyber activity targeting government entities and private companies in Georgia and elections in France.
In sum, these cyber activities demonstrate a complete disregard for public safety and international stability. Russia, which presents itself as a champion of stability in cyberspace, is in fact one of the global internet’s greatest disruptors. We call on Russia to put an end to its irresponsible behavior. Furthermore, we call upon all states that wish to see greater stability in cyberspace to join us in helping bring the actors charged today to justice.