BREAKING: A federal grand jury has charged six Russian hackers with launching the devastating NotPetya malware, hacking the 2018 Olympics and the Ukrainian power grid, targeting the 2017 French election, and several other campaigns.
Press conference starting soon.
Press conference starting soon.
We've known about all of these operations, but the indictment goes into detail about who did what and how.
Stand by for more.
Stand by for more.
This campaign represents the “most disruptive and most destructive series of attacks ever attributed to a single group,” says John Demers, head of DOJ's National Security Division, as press conference begins.
Demers says Russia's cyber M.O. is "causing unprecedented collateral damage to pursue small tactical advantages and fits of spite."
Referring to NotPetya, Demers says, “Rather than express remorse for the damage they inflicted against victims worldwide, the conspirators callously celebrated their success.”
Yes, the indictment says DOJ has evidence of the defendants celebrating. Now that's good intel.
Yes, the indictment says DOJ has evidence of the defendants celebrating. Now that's good intel.
Demers: "Today's allegations in their entirety provide a useful lens for evaluating Russia's offer two weeks ago for a reset in cyber relations between the Russia and the United States." I'll say!
The Russian hacker team, Unit 74455 of the GRU (aka "Sandworm"), was also involved in the 2016 U.S. election interference, per a Mueller indictment. (This indictment doesn't cover that already charged activity.)
Among NotPetya's many victims: Heritage Valley Health System in PA.
The attack compromised "two hospitals, 60 physician offices, and 18 community satellite facilities," according to the indictment.
The attack compromised "two hospitals, 60 physician offices, and 18 community satellite facilities," according to the indictment.
U.S. Attorney Scott Brady says the shared democratic ideals of the targeted countries (U.S., U.K., France, Ukraine) mean that they're all top targets of Russia, which "will stop at nothing to destroy those ideals and instill a sense of instability in its adversaries."
➡️➡️ Here is the indictment: justice.gov/opa/press-rele…
How does DOJ have so much information about what the Russian defendants said and did?
Well, here's one hint: FBI Deputy Director David Bowdich just thanked Google, Cisco, Facebook, and Twitter for their investigative assistance.
Well, here's one hint: FBI Deputy Director David Bowdich just thanked Google, Cisco, Facebook, and Twitter for their investigative assistance.
FBI Pittsburgh SAC Michael Christman thanks agents at partner field offices, including Atlanta (expertise on Ukrainian blackouts and NotPetya) and Oklahoma City (expertise on GRU).
Q: Is there a significance to the timing of this announcement?
Demers: “Not particularly.” We announce when we reach the right point in our investigation.
Demers: “Not particularly.” We announce when we reach the right point in our investigation.
For those following the news about today's charges, here's my initial story, but I just filed a big update that will have a lot more details, so stay tuned: politico.com/news/2020/10/1…
Also, if you're interested in NotPetya after reading about these charges, I highly recommend @a_greenberg's story about how the malware just crushed companies.
The Maersk stuff is just extraordinary. This was a real-world crisis.
wired.com/story/notpetya…
The Maersk stuff is just extraordinary. This was a real-world crisis.
wired.com/story/notpetya…
• • •
Missing some Tweet in this thread? You can try to
force a refresh
