Pages

Thursday, 4 October 2018

Britain, Holland and US spearhead fightback against Putin's cyber war as they reveal how Moscow's web of hackers hit high-profile targets across the globe - including chemical weapons watchdog probing Salisbury attack

  • US charges 7 Russian spies with crimes including hacking, identity theft and fraud using crypto-currencies 
  • British cyber security group accuses Russia's GRU of at least four hacking attacks around the world
  • Dutch authorities lift lid on operation to hack chemical weapons HQ in Netherlands in April 
  • Men were picked up with a cache of computer equipment, linking them to other incidents, and sent home 
  • US has released wanted poster featuring four Hague hackers and three others linked to anti-doping hacks
  • GRU operatives - working under what US identified as Unit 26165 - created fake 'hacktivist' Fancy Bears group
  • Russia faces storm of hacking allegations, but denies claims, calling latest evidence 'big fantasies'
Russian hackers waged a four-year disinformation campaign against the west in which they obtained sensitive information from weapons watchdogs and anti-doping sports bodies, it emerged today.
Seven Kremlin agents working for the GRU are accused of hacking the records of 250 athletes from 30 countries as they travelled across the globe using the intelligence obtained to spread fake news designed to bolster President Vladimir Putin's position on the world stage.
The targets included FIFA, the World Anti-Doping Agency and the 2016 US presidential race that resulted in the election of Donald Trump.
Spies also attempted to hack computers at the UK Foreign Office and the Porton Down military research facility days after assassins tried to murder the Skripals in Salisbury. The unit - nicknamed 'Sandworm' - tried and failed to infiltrate UK IT systems as part of a series of attacks across Europe this year. 
American intelligence identified the spies as working for the GRU's Unit 26165, which it has emerged created the fake 'hacktivist' group Fancy Bears to disseminate the material along with misleading statements designed to exonerate Russia of doping allegations and instead level them at the US. 
And when Dutch authorities caught four of the suspects in The Hague trying to hack the Organisation for the Prevention of Chemical Weapons (OPCW) as it investigated the Salisbury novichok attack, they had to send them back to Russia on account of their diplomatic passports. The OPCW was also due to conduct analysis of the chemical weapons attack in Douma on April 7. 
But despite their 'sophisticated' operation from 2014-2018, the bungling spies were today revealed to have left a trail including  a taxi receipt for a journey from GRU headquarters to Moscow's Sheremetyevo airport the very day that four agents arrived in Amsterdam. One of the group even kept selfies from previous operations including at the 2016 Olympics in Brazil where Russian athletes' doping samples were tampered with and US athletes' medical records leaked.  
The US today charged seven Russian military intelligence officers over hacking attacks around the world. The group are accused of a range of attacks on institutions and individuals around the world. The attacks are linked to Russian attempts to spy on investigations into doping in sport, politics in the Ukraine and the US, and the poisoning of Sergei Skripal in the UK
The US today charged seven Russian military intelligence officers over hacking attacks around the world. The group are accused of a range of attacks on institutions and individuals around the world. The attacks are linked to Russian attempts to spy on investigations into doping in sport, politics in the Ukraine and the US, and the poisoning of Sergei Skripal in the UK
Dutch authorities released images of four Russian agents who tried to hack into the global chemical weapons watchdog a month after the Salisbury novichok attack. CCTV shows them when they were kicked out of the Netherlands
Dutch authorities released images of four Russian agents who tried to hack into the global chemical weapons watchdog a month after the Salisbury novichok attack. CCTV shows them when they were kicked out of the Netherlands
CCTV images show Alexey Minin, who was today unmasked as members of the GRU's hacking squadOleg Sotnikov is pictured on a photo recovered from a phone. He was today unmasked as members of the GRU's hacking squad
CCTV images show Alexey Minin (left), while Oleg Sotnikov (right) is pictured on a photo recovered from a phone. They are both alleged to be members of the GRU's hacking squad, who were unmasked today
US authorities released images of Artem Malyshev, who it named as a GRU hackerUS authorities released images of Ivan Yermakov, who it named as a GRU hackerUS authorities released images of Dmitriy Badin, who it named as a GRU hacker
After the Dutch named four men it caught hacking The Hague, US authorities released images of Artem Malyshev, 30, Ivan Yermakov, 32, and Dmitriy Badin, 27 (pictured, left to right), who it named as GRU hackers
Russian president Vladimir Putin waves to spectators prior to boarding a car after his arrival in New Delhi as the GRU's campaign of cyber warfare against the west was today exposed 
Russian president Vladimir Putin waves to spectators prior to boarding a car after his arrival in New Delhi as the GRU's campaign of cyber warfare against the west was today exposed 
This image, made available by the Dutch Ministry of Defence today, is said to show the hacking equipment that four Russian intelligence officers used for a cyber attack on the OPCWThis image, made available by the Dutch Ministry of Defence today, is said to show the hacking equipment that four Russian intelligence officers used for a cyber attack on the OPCW
These images, made available by the Dutch Ministry of Defence today, are said to show the hacking equipment that four Russian intelligence officers used for a cyber attack on the OPCW
Today the UK accused Russia's GRU intelligence agency of being behind hacks on the World Anti-Doping Agency (Wada), transport systems in Ukraine and democratic elections, such as the 2016 US presidential race. Britain has warned Russia it could face new sanctions, with foreign secretary Jeremy Hunt saying the disclosures were 'hard evidence' of the activities of the 'unacceptable' of Russian intelligence.
Then, Dutch authorities revealed they had caught a team of Kremlin agents rigging up computers, phones and an antenna in the boot of a car to try and hack into the global chemical weapons watchdog in The Hague.
This afternoon, the US Justice Department announced it has charged seven Russian military intelligence officers with hacking anti-doping agencies and other organizations. 
The Kremlin was left trying to hold back a growing flood of evidence of its hacking activities around the world, spread over four years.
As Russia's hacking activities around the world were exposed, Dutch authorities detailed how they caught four GRU agents in The Hague, trying to hack into the chemical weapons watchdog's computers at a time the body was investigate the Sergei Skripal novichok poisoning in Salisbury
As Russia's hacking activities around the world were exposed, Dutch authorities detailed how they caught four GRU agents in The Hague, trying to hack into the chemical weapons watchdog's computers at a time the body was investigate the Sergei Skripal novichok poisoning in Salisbury
The US indictment lists Russian nationals: Aleksei Morenets, 41, Evgenii Serebriakov, 37, Ivan Yermakov, 32, Artem Malyshev, 30, and Dmitriy Badin, 27, from the GRU's Unit 26165, and Oleg Sotnikov, 46, and Alexey Minin, 46, who were also GRU officers.
The FBI indictment lists a series of allegations against the seven wanted men. It says: 
  • As early as November 2014, Yermakov performed reconnaissance of Westinghouse Electric Company's (WEC) in Pennsylvania, a company involved in the supply of power to the Ukraine.
  • In July 2016, Yermakov and Malyshev used 'spoofed domains' to unleash 'spearphishing' attacks on WADA and United States Anti-Doping Agency (USADA) employees.
  • Also in 2016, Morenets and Serebriakov, with the support of Yermakov, went to Rio to target wifi networks used by anti-doping officials at the Olympic Games. 
  • In mid-September 2016, Morenets and Serebriakov compromised the wifi network of a hotel hosting a WADA anti-doping conference in Lausanne, Switzerland.
  • In December 2016 and January 2017, the group successfully compromised the networks of International Association of Athletics Federations (IAAF) and football's governing body FIFA, targeting computers used by each organization's top anti-doping official.  Among the data stolen from officials were anti-doping policies, lab results, and medical reports.
  • In April 2018, Morenets, Serebriakov, Sotnikov, and Minin travelled to The Hague to try and hack into the headquarters of the Organisation for the Prohibition of Chemical Weapons (OPCW) during the investigation in the Salisbury novichok attack. The case against these four was also set out by the Dutch Defence ministry today.
It came after the British National Cyber Security Centre (NCSC) said the GRU were behind at least four hacking attacks around the world:  
  • A hacking strike on Wada in August 2017.
  • A 'BadRabbit' attack in October 2017 that caused disruption to the Kiev metro and Odessa airport in the Ukraine.
  • The NCSC also stated that the GRU was 'almost certainly' to blame for hacking the Democratic National Committee during the US presidential election in 2016.
  • The agency pointed the finger at the GRU for accessing email accounts at a small UK-based TV station in 2015. 
Surveillance footage shows the moment Dutch intelligence officers descended on the scene and caught the four men outside the chemical weapons agency
Surveillance footage shows the moment Dutch intelligence officers descended on the scene and caught the four men outside the chemical weapons agency
A briefing in The Hague was shown pictures of each of the men's passports. Alexey Minin, from Perm, to the north west of Moscow, was named as one of the men
One of the men was named as Evgeny Serebriakov and his passport of photo was released
Another of the men was named as Oleg Sotnikov, said to have been born in Oeljanovsk
The passport numbers of the men were released, including Aleksei Morenets, from Murmansk
The FBI later released this copy of the passport of Dimitry Badin who is accused of hacking related to the 2016 US elections
The FBI later released this copy of the passport of Dimitry Badin who is accused of hacking related to the 2016 US elections

Laptop belonging to Russian spies was also used to hack MH17 investigation in Malaysia

The Russian intelligence officers expelled from the Netherlands after the Dutch government thwarted a major cyber attack had targeted the investigation into the downing of Malaysia Airlines flight MH17.
A laptop belonging to one of the four Russian spies caught trying to hack into the global chemical weapons watchdog OPCW in the wake of the Salisbury Novichok attack could also be placed in Brazil, Switzerland and Malaysia.
Data found on the laptop of the GRU intelligence agency officer put it as having been in use in Kuala Lumpur, and linked it to the MH17 investigation. 
It had been used to specifically target Malaysian police and the country's attorney general, Dutch authorities announced at a press conference in the Hague today.
Malaysia Airlines flight MH17 was shot down over Ukraine in July 2014, killing 298 people, with an four-year investigation finding Russia responsible earlier this year.  
British ambassador to the Netherlands Peter Wilson said there was proof of 'malign activity' in Malaysia, stating: 'This GRU operation was trying to collect information about the MH17 investigation.
'And targeted Malaysian government institutions, including the attorney general's office and the Royal Malaysian Police.'
The three governments' public expose of the operation will reignite hostilities between Putin's regime and the West, following tit-for-tat diplomatic expulsions in the wake of the Salisbury attack.
Russian Foreign Ministry spokeswoman Maria Zakharova dismissed the new hacking accusations from the Netherlands and UK as 'big fantasies'. 
The Dutch Defence Ministry said the team of GRU officers - travelling on official Russian passports - entered the Netherlands on April 10, just a month after the Salisbury nerve agent attack.
Three days later, they parked a car carrying specialist hacking equipment outside the headquarters of the OPCW in the The Hague, where the novichok attack was being investigated.
However, before they could initiate the hacking attack, Dutch counter-intelligence officers descended on the vehicle and seized the men, who were then kicked out of the country.
The hacking attempt - described as a 'close access'  attack due to the attempt by the group to get close to the building - followed a longer-range earlier 'spearphishing attack' on the OPCW headquarters. 
A laptop belonging to one of the four Hague hackers was linked to Brazil, Switzerland and Malaysia, with the activities in Malaysia related to the investigation into the 2014 shooting down of flight MH17 over Ukraine, Dutch Defence Minister Ank Bijleveld told a news conference. 
At a joint press conference in The Hague, British ambassador to the Netherlands Peter Wilson said: 'This disruption happened in April. Around that time the OPCW was working to independently verify the United Kingdom's analysis of the chemical weapons used in the poisoning of the Skripals in Salisbury.' 
In a joint statement Theresa May and Dutch prime minister Mark Rutte said: 'We have, with the operations exposed today, further shone a light on the unacceptable cyber activities of the Russian military intelligence service, the GRU.
'This attempt to access the secure systems of an international organisation working to rid the world of chemical weapons, demonstrates the GRU's disregard for the global values and rules that keep us safe.
'Our action today reinforces the clear message from the international community: we will uphold the rules-based international system and defend international institutions from those that seek to do them harm.' 
Meanwhile NATO Secretary General Jens Stoltenberg warned Russia to halt its 'reckless' behavior amid a series of global cyberattacks blamed on Moscow. 
Surveillance pictures show the men at the scene on the day of the thwarted hacking attack
Surveillance pictures show the men at the scene on the day of the thwarted hacking attack
A map released by the Dutch authorities shows how close the group managed to park their rental car to the OPCW headquarters, where chemical weapons are investigated
A map released by the Dutch authorities shows how close the group managed to park their rental car to the OPCW headquarters, where chemical weapons are investigated
Pictures show the cache of equipment seized from the men. They attempted to smash up some of the phones (inset) when they realised authorities were on to them
Pictures show the cache of equipment seized from the men. They attempted to smash up some of the phones (inset) when they realised authorities were on to them

GRU's links to the 'Fancy Bears' hackers group revealed

GRU hackers operate under a dozen different names, with the most well-known being 'Fancy Bears' group, according to allegations announced over the last 24 hours.
A Fancy Bear hack obtained confidential medical records for international athletes from the World Anti-Doping Agency (WADA) in August last year.
British cyclists Bradley Wiggins and Chris Froome were among those who had records released on their use of banned substances for a legitimate medical reasons.
Another attack, outlined by UK authorities this morning, was made on the US Democrat party, which was targeted by Fancy Bear in 2016 when documents from the Democratic National Committee (DNC) were published online.
In a statement issued during a meeting of NATO defense ministers today, Mr Stoltenberg said: 'NATO allies stand in solidarity with the decision by the Dutch and British governments to call out Russia on its blatant attempts to undermine international law and institutions.'
He said that 'Russia must stop its reckless pattern of behavior, including the use of force against its neighbors, attempted interference in election processes, and widespread disinformation campaigns.' 
The 29 NATO allies are discussing cybersecurity at talks in Brussels, with the US, Britain, Denmark and the Netherlands due to announce that they will provide offensive cyber-capabilities for use by NATO.
The revelations will further strain relations with Russia after Britain blamed Moscow for the nerve agent attack in Salisbury last March which left one person dead.  
Foreign Secretary Jeremy Hunt said Russia could face further sanctions in the wake of the latest 'hard evidence'.
Mr Hunt said: 'The first thing we are doing is to expose it and the words matter because there are countries all over the world that are hearing both sides of the story - they're hearing what the Russians say as well.
'This is the evidence that what we are getting from Russia is fake news, and here is the hard evidence of Russian military activity.
'But of course it will go beyond that, and that is why we will be discussing with our allies what further sanctions should be imposed.
'We will also be discussing how we need, working with our friends and allies, to counter this pattern of cyber attacks, which is the new type of attack that the whole world is having to deal with.' 
Dutch authorities released images of the huge amount the cash found on the men.Sotnikov had 20,000 euros and 20,000 dollars on him
Dutch authorities released images of the huge amount the cash found on the men.Sotnikov had 20,000 euros and 20,000 dollars on him
The men took their own rubbish - including several beer cans - out of their hotel room, presumably because they were concerned about an investigation
The men took their own rubbish - including several beer cans - out of their hotel room, presumably because they were concerned about an investigation
Incredibly, a taxi receipt found on the one of the men named the street in Moscow where the GRU has its headquarters
Incredibly, a taxi receipt found on the one of the men named the street in Moscow where the GRU has its headquarters

How did Russians' hacking operation in The Hague unfold?

  • On April 10, the Russians took a taxi from a GRU base in Moscow to the city's Sheremetyevo airport. Some of their mobile phones were activated near the GRU's HQ.
  • The men travelled to Amsterdam's Schiphol Airport on Russian diplomatic passports.
  • On April 11, they hired a Citroen C3 and scouted the area around the OPCW - all the time being watched by Dutch intelligence. 
  • They set up in the Marriott Hotel next door to the OPCW and took photos, while parking the car at the hotel with the boot facing the OPCW. In the boot was electronic equipment to intercept the OPCW's Wifi and log in codes.
  • Dutch spies intervened and sent them back to Russia.
  • UK Defence Secretary Gavin Williamson, attending a Nato summit in Brussels, said Moscow was targeting organisations with no military value.
He told Sky News: 'What we are seeing is that Russia is quite willing to use such weapons such as cyber attacks against these organisations, and here at Nato we stand shoulder to shoulder with our allies in unity against such actions.
'What we have made clear is that we are not going to be backward leaning. We are going to actually make it clear where Russia acts that we are going to be exposing that action.
'And we believe that by doing so this will act as a disincentive for acting in such a way in the future.'
Details were revealed on Thursday after the UK Government accused the GRU of a wave of other cyber attacks across the globe. 
He added: 'The Russian government needs to know that if they flout international law in this way, there will be consequences, they will be exposed, and people will see the Russian government for what they are; which is an organisation that is trying to foster instability throughout the world and that is totally unacceptable.'
The NCSC associated four new attacks with the GRU, on top of previous strikes believed to have been conducted by Russian intelligence. 
Dutch Minister of Defence Ank Bijleveld, director of Netherlands Defence Intelligence Onno Eichelsheim and British Ambassador to the Netherlands Peter Wilson revealed details of the thwarted hacking attempt at a briefing in The Hague today
Security expert Hamish de Bretton-Gordon said the cyber attacks in The Hague and at Porton Down showed Putin was bent on disrupting the investigation into the novichok attack in Salisbury. 
Mr de Bretton-Gordon said: 'It shows how the Russians did everything they could to undermine and disrupt the novichok investigation and try to make it fall apart. It is completely cynical and they didn't care at all'.
He added: 'Britain asked the OPCW to help and then soon afterwards Russian agents target them in The Hague and in Switzerland. It is no coincidence'.
The intervention by Britain, The Netherlands and the US today will put pressure on Putin to curb his cyber warfare.
But his spies' failure to kill Sergei Skripal and being caught trying to hack the OPCW 'will hurt him more', Mr de Bretton-Gordon said.
He added: 'The British secret services may have considered the GRU as equals but the past few months have shown they are amateurish and the West is now one step ahead of them. Putin will not like that and there will be a lot of anger in Moscow about some of these recent bungled missions'. 
 
Russian spies launched cyber attack from boot of rented Citroen using 'basic' hacking method... but left trail of clues including taxi receipts and cans of Heineken in an Aldi bag
The GRU used a laptop, Wi-Fi dongle and a rudimentary battery pack stored in the boot of a rented Citroen C3 in its botched cyber attack on the global chemical weapons watchdog, it was revealed today.
Using a technique from the early days of Wi-Fi, they attempted to break into the Organisation for the Prohibition of Chemical Weapons's network in The Hague by tricking staff into logging into their fake router.
They parked the car at a local hotel and disguised the Wi-Fi antenna hidden inside the router, so staff would login. The laptop then stole their username and password, allowing the agents to get into the OPCW's network.
The boot of a car filled with hacking equipment in the Citroen rental car which was being used by the four Russian officers
The boot of a car filled with hacking equipment in the Citroen rental car which was being used by the four Russian officers

Authorities released a picture of the car which was rigged up with hacking equipment

Hackers' visit to Rio Olympics exposed by a selfie with female friend

One of the team of hackers unmasked today unwittingly bolstered the evidence against him when he took a selfie at the Rio Olympic Games.
Evgenii Serebriakov was pictured clutching a female friend dressed in a Russia athletes T-shirt in the crowd at the Olympics.
Investigators have since exposed his cyber attacks on doping officials at the games. 
The FBI say Serebriakov hacked into wifi networks used by anti-doping officials and helped access a medical database.
Evgenii Serebriakov was among four Russians trying to hack chemical weapons inspectors and his laptop contained this selfie  at the 2016 Olympics in Brazil - revealing one of more than a dozen GRU missions across the globe
Through the network they could spy on operations within the building, including investigations into the Salisbury Novichok attack.
It also emerged today that Russia's bungling GRU agents left a trail of clues that helped authorities link them to the string of cyber attacks.
Among the items revealed at an extraordinary briefing in The Hague today was a mobile phone one of the men was caught with having been activated near the Russian military intelligence's headquarters in Moscow.
Also discovered on one of the spies was a taxi receipt showing a journey from a street next to the GRU base to Moscow Airport on April 10, the day that the four agents later arrived at Amsterdam Schiphol Airport.
The team of four GRU officers travelling on official Russian passports entered the Netherlands on April 10 – but it turned out that two of them were carrying documents with consecutive passport numbers.
On April 11, they hired a Citroen C3 and scouted the area around the OPCW - all the time being watched by Dutch intelligence.
The agents, who stayed at a Marriott Hotel next to the Organisation for the Prohibition of Chemical Weapons in The Hague, were also found to have used public WiFi hotspots to conduct their operations in the Netherlands.
And they were photographed performed reconnaissance of the OPCW headquarters, where the nerve agent sample was being independently verified.
One of the many phones belonging to four Russian GRU officers is seen after they tried to destroy it when they were arrested
One of the many phones belonging to four Russian GRU officers is seen after they tried to destroy it when they were arrested

What the Russians had in the back of the rental car 

WiFi panel antenna - This would have projected a fake network, known as an 'evil access point', into the building.
The chemical weapons analysts would have tried to connect to this access point thinking they were connecting to their own WiFi network.
When staff logged into the fake router the laptop stole their username and password, allowing agents to break into the OPCW's computer network.
Using the network they could spy on operations within the building, including staff investigations into the March 2018 Salisbury Novichok attack.
The directional antenna were pointing specifically at the OPCW offices which means the fake network would have had a stronger signal than the real signal.
This would have lured the devices away from the real network. 
Smartphone (4G) - The hackers may have created a hotspot using their mobile.
This was then projected into the building using the antenna.
Computer - Using the computer they would have been able to siphon off staff login details.
A laptop belonging to one of the four was linked to Brazil, Switzerland and Malaysia, with the activities in Malaysia related to the investigation into the 2014 shooting down of flight MH17 over Ukraine.
Bag with battery - The battery would have been for powering the computer because when these attacks are mounted the device is left running for a long time.
'That was just to power the computer, and ancillary equipment', Professor Woodward told MailOnline.
'When you mount these attacks you often leave the device in situ running for a long time so it needs a hefty battery and most of those need to have their voltage converted to run, say, laptops.'
Transformer - The battery voltage would need to be converted in order to run the computers and phones.
When leaving The Hague, the men took all the rubbish from their room - including empty cans of Heineken beer and what appeared to be an empty cold meat packet in an Aldi bag - in a further bid to cover their tracks.
On April 13, the GRU officers were said to have parked a rental car with specialist hacking equipment outside the OPCW's headquarters to breach its systems – but British and Dutch intelligence thwarted the operation.
And when the men were arrested, they were caught with €20,000 (£17,000) and $20,000 (£15,000) in cash. The group also tried - and failed - to destroy a mobile phone, and they were caught with incriminating laptops.
A researcher has revealed that the rudimentary technique they used to hack into the OPCW is common - though it has never been used in such a high-profile case.
Professor Alan Woodward, a computer scientist at the University of Surrey, said the Russians likely used an ordinary laptop attached to a directional antenna, which was pointed at the OPCW building.
He said unlike more common remote hacking techniques, the GRU agents needed to park close to the site in order for the WiFi signal to be strong enough.
Looking at the equipment in the boot of the car it appears they were attempting to intercept login credentials as people tried to connect to the WiFi network at OPCW, Professor Woodward said.
'A classic way of doing this is to set yourself up as what is known as an 'evil access point', he told MailOnline. 'You pretend to be the network they are attempting to connect to and steal their login details as their computer or phone tries to connect.'
The cyber security expert said it was unusual for high level intelligence officials to use such a rudimentary form of attack. '[The technique] has been around as long as WiFi has,' he told MailOnline.
'Attacks have evolved as security in WiFi has evolved. But it's so basic that most enterprise style organisations are well protected. Hence the high profile cases tend to be from some more remote source.' 
 
Foreign Office and computers at Porton Down research facility were hacked by Russian spies from GRU cyber unit 'Sandworm' in wake of Salisbury novichok attack
Russian spies attempted to hack computers at the Foreign Office and the Porton Down military research facility days after assassins tried to murder the Skripals in Salisbury.
Moscow's feared GRU cyber unit nicknamed 'Sandworm' tried and failed to infiltrate UK IT systems as part of a series of attacks across Europe this year.
They carried out an unsuccessful 'spearfishing' attack on the Foreign Office in March as the police, MI5 and MI6 were trying to find out who attacked Sergei and Yulia Skripal with novichok.
At the same time they targeted computers at Porton Down in April, Britain's top military research facility where experts were testing for the nerve agent.
Computers at Porton Down were targeted by Russian spies at a time when British experts inside were testing for novichok
Computers at Porton Down were targeted by Russian spies at a time when British experts inside were testing for novichok
British intelligence helped thwart the operation, which was launched in April, a month after the Salisbury Novichok poisoning.
Details were revealed on Thursday after the UK Government accused the GRU of a wave of other cyber attacks across the globe.
At a press conference in The Hague, British ambassador to the Netherlands Peter Wilson said: 'The disruption of this attempted attack on the OPCW was down to the expertise and the professionalism of the Dutch security services in partnership with the United Kingdom.
'The OPCW is a respected international organisation which is working to rid the world of chemical weapons.
'Hostile action against it demonstrates complete disregard for this vital mission.' catalogue of evidence shows why the Dutch are excellent partners and that the decades of theft have stripped Russia's intelligence of the skills they once had. Putin's corrupt greed has turned the GRU into an amateurish bunch of jokers.'Russia 'interfered in three elections' as it targeted Britain, Macedonia, U.S. and Ukraine in string of 'brazen' cyber attacks aimed at destabilising democracies around the world
Russian spies launched a global cyber war to interfere with three elections, the Olympics, the MH17 investigation and the hunt for the men behind the Skripal attack in Salisbury, it was revealed today.
The Kremlin has been accused of using its agents to 'foster instability' in democracies around the world as their operations over the past three years were laid bare.
Targets included the metro and airports in Ukraine, police in Malaysia investigating claims the Russians shot down MH17 killing 300 passengers and even the emails of a small UK TV station.
Russian president Vladimir Putin appeared untroubled the growing storm over Russian hacking as he met India's Prime Minister Narendra Modi in New Delhi today
Russian president Vladimir Putin appeared untroubled the growing storm over Russian hacking as he met India's Prime Minister Narendra Modi in New Delhi today

Timeline: Putin's cyber army's worldwide missions 

2015: Hacker sent to Kuala Lumpur targets the Malaysian investigation into the shooting down of flight MH17 over Ukraine. He targeted Malaysian government institutions, including the attorney general's office and the Royal Malaysian Police
2015: The GRU accesses email accounts at a small UK-based TV station
2015-2016: Russia hacks the Danish defence ministry and gained access to employees' emails
May 2016: Russia accused of being behind a series of cyber attacks on German state computer systems
June 2016: Hackers accessed the Democratic National Committee during the 2016 US presidential campaign.
August 2016: Agent photographed posing at the Brazil Olympics where confidential US athlete medical data was hacked and leaked
September 2016: GRU officers connected to WiFi at the Alpha Palmiers Hotel in Lausanne, Switzerland, where a WADA conference was taking place
August 2017: Agents try to interfere and influence the Macedonian elections and GRU 'Fancy Bears' again attack WADA in August 2017
October 2017: The GRU behind a 'BadRabbit'attack that caused disruption to the Kiev metro and Odessa airport
March 2018: The GRU attempted to compromise UK Foreign and Commonwealth Office computer systems in London via a spear phishing attack
April 2018: GRU intrusions targeted both the computers Porton Down in Salisbury and the Organisation for the Prohibition of Chemical Weapons in The Hague
May 2018: GRU hackers sent spear phishing emails which impersonated Swiss federal authorities to target OPCW employees in Holland
Their hacking missions were inadvertently revealed by the four bungling spies caught trying to hack into computers used by chemical weapons inspectors investigating Russian attacks in Salisbury and Syria at their Dutch headquarters.
Cyber expert Evgenii Serebriakov's laptop was seized at The Hague and revealed he kept selfies from previous operations including at the 2016 Olympics in Brazil where Russian athletes' doping samples were tampered with and US athletes' medical records leaked.
His laptop also linked the men to cyber attacks in Switzerland, America, Denmark and Germany.
Two of the officers were planning to travel on to Switzerland where the OPCW - which was at the time investigating the Salisbury attack and a suspected chemical weapons attack in Syria - has laboratories.
The National Cyber Security Centre (NCSC) has said a number of hackers known to have launched attacks have been linked to the GRU.
The NCSC associated four new attacks with the GRU, on top of previous strikes believed to have been conducted by Russian intelligence.
Among targets of the GRU attacks were the World Anti-Doping Agency (Wada), transport systems in Ukraine, and democratic elections, such as the 2016 US presidential race, according to the NCSC.
The centre said it was 'almost certainly' the GRU behind a 'BadRabbit' attack in October 2017 that caused disruption to the Kiev metro, Odessa airport and Russia's central bank.
Britain's cyber security chiefs say they have 'high confidence' Russian intelligence was responsible for a strike on Wada in August 2017.
The NCSC also said the GRU was 'almost certainly' to blame for hacking the Democratic National Committee during the US presidential election in 2016.
And the agency pointed the finger at the GRU for accessing email accounts at a small UK-based TV station in 2015.
The hackers were planning to travel on to the Spiez Laboratory, where the OPCW was studying chemical weapons
The hackers were planning to travel on to the Spiez Laboratory, where the OPCW was studying chemical weapons

Theresa May and the Dutch PM blast the Kremlin for 'unacceptable' cyber attacks and warn Russia is showing a total 'disregard for the global values and rules that keep us safe' 

Theresa May today tore into Russia for its 'unacceptable cyber activities' and vowed to hit back to defend the international order against their strikes.
In a joint statement with the Dutch Prime Minister, she said the Kremlin is showing flagrant 'disregard' for the global values which keep the world safe.
And she warned that Britain and its allies will stand up to the Russian aggression to  ensure that Western institutions are protected from the onslaught of attacks ordered by Moscow.
She issued the stern rebuke in a joint statement with the Dutch PM Mark Rutte after the two countries today revealed Russia's GRU intelligence agency tried to hack into the global chemical weapons watchdog a month after the Salisbury attack. The Dutch Defence Ministry this morning took the extraordinary step of naming and picturing four Russian agents involved in the attack on the OPCW in April.
The two leaders said: 'We have, with the operations exposed today, further shone a light on the unacceptable cyber activities of the Russian military intelligence service, the GRU.
'This attempt to access the secure systems of an international organisation working to rid the world of chemical weapons, demonstrates the GRU's disregard for the global values and rules that keep us safe.
'Our action today reinforces the clear message from the international community: we will uphold the rules-based international system and defend international institutions from those that seek to do them harm.'

No comments:

Post a Comment