Spy games online. The secret of military unit 74455
Asymmetric response
Obviously, along with the nuclear missile shield and traditional types of weapons, cyber troops are well developed in Russia at a fairly high level. At least, this is being actively discussed in the camp of our potential adversary, NATO. The latest incident was the indictment against six GRU officers, allegedly responsible for numerous atrocities in the global information space. The list includes Yuri Andrienko, Sergei Detistov, Pavel Frolov, Anatoly Kovalev, Artem Ochichenko and Petr Pliskin. The US justice, together with representatives of the FBI, accuse these defendants of the fact that their work has long gone beyond the boundaries of simple intelligence gathering and poses a serious danger to the civilian population.
According to FBI Deputy Director David Bowdich, the activities of the GRU cyber units have led to the loss of several billion dollars over the past few years. The most interesting thing about this stories the fact that the American counterintelligence was not able to investigate the subversive activities of Russian hackers on its own and attracted IT corporations Google, Cisco, Facebook and Twitter for this. Speaking about such a "noble" mission of eminent companies, one should not forget about their long and fruitful work for the needs of US intelligence in providing personal data of users. Through the FBI, the main search and investigative work was carried out by divisions of the office in Oklahoma, Pittsburgh and Atlanta. Bowdich, during one of the press conferences dedicated to the "exposure" of the GRU officers, mentioned:
Apparently, the results of the US counterintelligence work seriously infuriated the local establishment. John C. Demers, Assistant Attorney General for National Security, commented on this:
Apparently, Demers forgot about the Stuxnet virus, which Israel and the United States infected the centrifuges of Iran's nuclear facilities. And this was far from the only act of cyber aggression by the American special services against the Islamic Republic of Iran. A whole program of online sabotage was organized under the name Operation Olympic Games. According to the logic of the office in Langley, cyberwar had a completely noble idea - to deprive the "aggressive Arabs" of nuclear weapons... But similar attempts at cyberattacks against them are viewed by the Americans exclusively as "malicious and irresponsible."
Yuri Andrienko is now in the rank of wanted and especially dangerous on the FBI website. Source: fbi.gov
What are Andrienko, Detistov, Frolov, Kovalev, Ochichenko and Pliskin accused of, whose names will obviously now be on a par with Boshirov and Petrov? First of all, in a series of the largest cyberattacks in history, perpetrated by a group of individuals. It seems that all the significant hacker attacks of recent years have been hanged on the alleged Russian intelligence officers.
GRU can do anything!
The "hackers" from the Main Intelligence Directorate, according to the FBI, honed their skills on ... lighting Ukrainian cities. In 2015, a large-scale blackout happened in Prykarpattyaoblenergo - 230 thousand residents of the Ivano-Frankivsk region of Ukraine were without electricity. Hackers using the Blackenergy-3 malware were able to remotely reflash converters at substations. It is the converters that are responsible for transmitting the control electronic signal directly to the switches that turn off the power supply. According to experts, this method of attack was used for the first time. A step-by-step large-scale attack on the Ivano-Frankivsk power grids looked like this: first, they cut off the autonomous power supply at three distribution stations remotely, then bombarded the Prykarpattyaoblenergo call center with calls (this did not allow residents to report the lack of light in time), then turned off 30 substations and cut off communications operators with converters. As a result, part of Ukraine was de-energized for six hours. Power engineers had to manually switch the switches to the “on” position. By the way, according to cybersecurity experts, such a trick would not have taken place in the United States, where the vast majority of substations are controlled remotely and there are no physical switches. In total, Ukrainian infrastructure was subjected to hacker attacks until December 2016. The targets were the objects of the Ministry of Finance and the State Treasury Service. According to the US intelligence services, the main blame for this lies with the mentioned Russian citizens. On the FBI website, the young people are wanted and, apparently, a reward has been announced for information that facilitates the capture. The Americans are echoed by the odious information resource of Ukraine myrotvorets.center, where you can find a photo of the "accused":
The site forgot to mention a similar hacker attack on the power systems of the Crimea, which happened a little earlier than the blackout in Ivano-Frankivsk. Neither the State Department nor Ukraine is told who is behind this provocation.
Sergey Detistov. Source: fbi.gov
The next large-scale action was the attack on the presidential elections in France. Initially, this story involved a certain group of hackers Fancy Bear, which initiated a phishing cyber game against Macron, who won in the first round. The goal was to organize the leakage of incriminating information about the presidential candidate through the distribution of e-mails with "bookmarks" to the campaign staff. According to the French side, everything ended relatively well, but all traces then led to Russia. On October 15, the Americans confirmed the suspicions of the French and announced a list of six main culprits.
Petr Pliskin. According to the US, the author of the NotPetya virus. Source: fbi.gov
The NotPetya virus in 2017, as everyone remembers, did a lot of sinful things around the world. And, as the FBI specialists found out, Pyotr Pliskin is guilty of its development. Undoubtedly, a beautiful story in American style, when the author of the program code of the virus names a creation in his honor. In the future, it is possible to make a film about a Russian villain. But this whole story is clearly lacking in drama: after all, destroyed computers and multibillion-dollar losses of state corporations do not seem to be such a universal evil. Therefore, the American justice system accused NotPetya and its author of destroying part of the Western District of Pennsylvania medical service, which made thousands of people unable to receive help on time, and, possibly, subsequently died prematurely. Now the mythical hackers from the GRU really look like unscrupulous villains.
Pavel Frolov. Source: fbi.gov
The hacker attack on the 2018 Olympic Games in PyeongChang, when the Olympic Destroyer virus almost disrupted the opening and seriously hampered the issuance of paid tickets, is considered a real act of revenge on Russia in the United States. "Russian hackers" from the GRU took revenge, of course, for the ban on the participation of compatriots in the Olympics. As you know, in 2018, the Russians were not at the games after a large-scale doping scandal. After the attack on the organizing committee of the Olympics, the hackers worked on the British case of Novichok and the Skripals, trying to cover up the traces leading to the Russian special services. The comparatively innocent attempts to hack the websites of state structures of Georgia in 2018-2019 look quite trifling, almost hooligan antics.
Anatoly Kovlev Source: fbi.gov
Artem Ochichenko. Source: fbi.gov
According to Radio Liberty, this award reveals the departmental affiliation of military unit 74455. Source: svoboda.org
In the United States, it is claimed that at least two large groups of hackers work in the Russian special services: Fancy Bear, which consists of the mentioned heroes of the material, and Cozy Bea, which includes FSB specialists. At the same time, Fancy Bear appears in the internal reporting of the domestic intelligence department as military unit 74455. According to some "liberal" media outlets, this military unit is based in Khimki on Kirov Street in the Tower object. It is interesting that the main reason for such addressing was a sign on the building with the inscription Oboronstroy JSC. Such are the online spy games ...
Each of the Russian citizens convicted in absentia in the United States in the case of state hacking can face up to 27 years in prison.
Information