A grand jury in Maryland has charged six Russian nationals with conspiracy to engage in computer intrusion and wire fraud.
The indictment, unsealed today, accuses these individuals of orchestrating a series of cyberattacks targeting Ukrainian government networks, exacerbating tensions amid the Russian invasion of Ukraine.
GRU Officers Among the Accused
The indictment highlights the involvement of five officers from Unit 29155 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the Russian Armed Forces.
These officers, Yuriy Denisov, Vladislav Borovkov, Denis Denisenko, Dmitriy Goloshubov, and Nikolay Korchagin, are accused of executing a sophisticated hacking campaign against Ukrainian government systems.
A civilian co-conspirator, Amin Sitgal, who was already indicted for similar charges, is also implicated.
According to court documents, the hackers utilized a malware known as “WhisperGate” to infiltrate and disrupt Ukrainian government networks.
This malware, masquerading as ransomware, was designed to destroy data and cripple computer systems.
The targeted entities included critical infrastructure and non-military government departments, such as the Ministry of Internal Affairs and Education and Science.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial
International Efforts and Rewards for Justice
The U.S. Department of State’s Rewards for Justice program has announced a reward of up to $10 million for information leading to the identification or location of the accused hackers.
This initiative underscores the international effort to combat cyber threats and hold perpetrators accountable.
“Today’s indictment underscores our commitment to using all available tools to disrupt malicious cyber activity and hold perpetrators accountable,” stated Assistant Attorney General Matthew G. Olsen of the National Security Division.
The Department of Justice and international partners are determined to thwart the destructive activities of Unit 29155 and other similar entities.
The indictment is part of “Operation Toy Soldier,” an international effort involving the FBI and partners from nine countries. A Joint Cybersecurity Advisory has been released to bolster network defenses against such malicious activities.
Broader Implications and Future Threats
The hacking campaign extended beyond Ukrainian borders, targeting computer systems in countries supporting Ukraine, including the United States and 25 other NATO countries.
The indictment alleges that the hackers probed various protected systems from August 2021 to February 2022, searching for vulnerabilities.
“The FBI and our law enforcement partners, both national and international, will collectively defend against Russia’s aggressive and illegal actions,” said Special Agent in Charge William J. DelBagno of the FBI Baltimore Field Office.
The agency is committed to identifying, prosecuting, and preventing future cyber threats.
The indictment is a stark reminder of cyber warfare’s evolving nature and the critical need for robust cybersecurity measures.
As digital threats continue to shape the geopolitical landscape, international cooperation remains vital in safeguarding national security and protecting global digital infrastructure.
The FBI Baltimore Field Office is investigating the case, with assistance from the Milwaukee and Boston Field Offices.
Assistant U.S. Attorneys Aaron S.J. Zelinsky and Robert I. Goldaris lead the prosecution, supported by the National Security Division’s National Security Cyber Section.
What Does MITRE ATT&CK Expose About Your Enterprise Security? - Watch Free Webinar!