Skip to content

Illustration by Security Management

U.S. Charges Russian Hackers in Most Destructive Cyberattack in History

In the summer of 2017, what would become known as the NotPetya attack would cause cyber destruction worldwide—the most damaging cyberattack ever perpetrated, according to Wired magazine. In the weeks and months that followed, investigators in the United States, United Kingdom, and others traced the event to an attack from Russia against Ukraine, which spread across global networks like a destructive, uncontrolled wildfire.

russian-hackers-wanted-poster.jpg On Monday, the U.S. Department of Justice (DOJ) announced charges related to Notpetya against six Russians who, the DOJ says, either currently or formerly worked for the Russian cyber intelligence operations known as the “Sandworm Team.” In addition to the NotPetya attacks, the sextet is charged with the following:

  • Attacks on the Ukrainian power grid that preceded the NotPetya attacks, and which left hundreds of thousands of Ukrainians without heat in winter.
  • Attacks designed to disrupt the 2018 Winter Olympics, including spearphishing campaigns against South Korea, the International Olympic Committee, Olympic partners, and individual athletes, as well as a malware attack that crippled thousands of computers supporting the games.
  • Attacks on French President Emmanuel Macron’s 2017 re-election campaign in which hacked emails and other information was leaked prior to election.
  • Attacks on the government and corporate websites of the country of Georgia.

Notably, the charges do not involve U.S. elections, though one of the people charged was also charged with 2016 election interference during Special Counsel Robert Mueller’s investigation.

In prepared remarks released by the DOJ, Assistant Attorney General for National Security John Demers said, “Today, we announce criminal charges against a conspiracy of Russian military intelligence officers who stand accused of conducting the most disruptive and destructive series of computer attacks ever attributed to a single group. …no country has weaponized its cyber capabilities as maliciously and irresponsibly as Russia, wantonly causing unprecedented collateral damage to pursue small tactical advantages and to satisfy fits of spite.”

The charged are unlikely to ever be extradited so they can stand trial. The indictments did serve as rebuke to a proposal from Russian President Vladimir Putin, who last month offered to reset cyber relations with the United States. In the released statement, Devers said, “Russia is certainly right that technologically sophisticated nations that aspire to lead have a special responsibility to secure the world order and contribute to widely accepted norms, peace, and stability. That’s what we’re doing here today. But this indictment lays bare Russia’s use of its cyber capabilities to destabilize and interfere with the domestic political and economic systems of other countries, thus providing a cold reminder of why its proposal is nothing more than dishonest rhetoric and cynical and cheap propaganda.”