Yahoo News Bad Rabbit and Fancy Bear: UK blames Russian spies for series of ‘reckless’ global cyber attacks
The UK has blamed Russia’s military intelligence unit the GRU for a series of global cyber attacks.
Hackers operating under a number of different names, including Bad Rabbit, Fancy Bear, Pawnstorm and Tsar Team, are accused of waging a campaign of ‘indiscriminate and reckless’ cyber strikes targeting political institutions, businesses, media and sport, Foreign Secretary Jeremy Hunt said this morning.
It also emerged today that the GRU launched a cyber attack on the global chemical weapons watchdog, the OPCW, which was foiled by Dutch intelligence services.
The Dutch defence minister said that after the hack it expelled four Russian intelligence officers.
The team of four GRU officers, travelling on official Russian passports, entered the Netherlands on April 10. On April 13 they parked a car carrying specialist hacking equipment outside the headquarters of the OPCW in The Hague.
At that point the Dutch counter-terrorism officers intervened to disrupt the operation and the four GRU officers were ordered to leave the country.
The “close access” hacking attempt, just a month after the Salisbury nerve agent attack, followed an earlier failed “spearphishing attack” on the OPCW headquarters.
At a press conference in The Hague, British ambassador to the Netherlands Peter Wilson said: “The disruption of this attempted attack on the OPCW was down to the expertise and the professionalism of the Dutch security services in partnership with the United Kingdom.”
Russia has rejected Britain’s accusations, according to TASS news agency.
The Russian embassy called the claims ‘crude disinformation’ and ‘another element in the anti-Russian crusade executed by the British government’.
We have identified that a number of cyber actors widely known to have been conducting attacks around the world are, in fact, the GRU.
Read the Foreign Secretary’s statement here: https://t.co/eBXQH88MW6@Jeremy_Hunt @foreignoffice pic.twitter.com/QfrB2spQi8— NCSC UK (@NCSC) October 4, 2018
The move will further strain relations with Russia after Britain blamed Moscow for the Novichok attack on former spy Sergei Skripal in Salisbury in March and the subsequent death of Dawn Butler by nerve agent poisoning.
The NCSC associated four new attacks with the GRU, on top of previous strikes believed to have been conducted by Russian intelligence.
Among the targets were the World Anti-Doping Agency (Wada), transport systems in Ukraine and democratic elections, such as the 2016 US presidential race.
In a joint statement with her Dutch counterpart Mark Rutte, Theresa May said: “We have, with the operations exposed today, further shone a light on the unacceptable cyber activities of the Russian military intelligence service, the GRU. It has targeted institutions across the world, including the Organisation for the Prohibition of Chemical Weapons (OPCW) in The Hague.
“This attempt to access the secure systems of an international organisation working to rid the world of chemical weapons, demonstrates the GRU’s disregard for the global values and rules that keep us all safe.
“The GRU’s reckless operations stretch from destructive cyber activity to the use of illegal nerve agents, as we saw in Salisbury. That attack left four people fighting for their lives and one woman dead.
“Our action today reinforces the clear message from the international community. We will uphold the rules-based international system, and defend international institutions from those that seek to do them harm.”
Britain’s relations with Russia have been strained since the Salisbury attack which targeted former Kremlin agent Mr Skripal.
The Government has accused Russians Alexander Petrov and Ruslan Boshirov of smearing nerve agent Novichok on a door handle at the Wiltshire home of Mr Skripal on March 4.
The attack left Mr Skripal and his daughter Yulia critically ill, and Dawn Sturgess, 44, who was later exposed to the same nerve agent, died in July.
What is the GRU?
The GRU is Russia’s military intelligence service. Sergei Skripal, the former spy targeted in the Salisbury attack, was previously a colonel in the GRU. It declined in importance and size by the end of the Soviet period, but it has become increasingly prominent since its officers led Russia’s annexation of Crimea in 2014.
The military intelligence service has been blamed or implicated in assassinations, espionage and cyber warfare around the world. The US authorities believe the Democratic National Committee hack in the 2016 Presidential election was the work of GRU agents.
As well as being active in the annexation of Crimea, reports have also linked a GRU officer to the downing of Malaysian Air flight MH17 over Ukraine.
Government officials have said on record that Russian president Vladimir Putin would have had to approve any assassinations as 2006 Russian Federation law demands it.
Theresa May has said Britain would ‘deploy the full range of tools from across our national security apparatus in order to counter the threat posed by the GRU‘.
In the US, a number of GRU-linked individuals, including its chief Igor Korobov, are already subject to sanctions over the agency’s activities.
