Seven officers in the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces of the Russian Federation, have been indicted for computer hacking, wire fraud, aggravated identity theft, and money laundering related to Russia’s state-sponsored doping program. Three of the GRU officers have also been charged and accused of conspiring to gain unauthorized access into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election.
Beginning in December 2014 and continuing until at least May 2018, GRU officers Aleksei Sergeyevich Morenets, Evgenii Mikhaylovich Serebriakov, Ivan Sergeyevich Yermakov, Artem Andreyevich Malyshev, Dmitriy Sergeyevich Badin, Oleg Mikhaylovich Sotnikov, and Alexey Valerevich Minin allegedly conducted persistent and sophisticated computer intrusions affecting U.S. persons, corporate entities, international organizations, and their respective employees located around the world, based on their strategic interest to the Russian government. In addition to hacking computers and stealing information, the GRU officers publicized portions of stolen information as part of an influence and disinformation campaign designed to undermine, retaliate against, and otherwise delegitimize the efforts of international anti-doping organizations and officials who had publicly exposed a Russian state-sponsored athlete doping program and to damage the reputations of more than 250 athletes around the world by falsely claiming that such athletes were using banned or performance-enhancing drugs.
“State-sponsored hacking and disinformation campaigns pose serious threats to our security and to our open society, but the Department of Justice is defending against them,” Attorney General Jeff Sessions announced on Thursday. “Today we are indicting seven GRU officers for multiple felonies each, including the use of hacking to spread the personal information of hundreds of anti-doping officials and athletes as part of an effort to distract from Russia’s state-sponsored doping program. The defendants in this case allegedly targeted multiple Americans and American entities for hacking, from our national anti-doping agency to the Westinghouse Electric Company near Pittsburgh.”
“The actions of these seven hackers, all working as officials for the Russian government, were criminal, retaliatory, and damaging to innocent victims and the United States’ economy, as well as to world organizations,” stated FBI Director Christopher Wray. “Their actions extended beyond borders, but so did the FBI’s investigation. We worked closely with our international partners to identify the actors and disrupt their criminal campaign – and today, we are sending this message: The FBI will not permit any government, group, or individual to threaten our people, our country, or our partners. We will work tirelessly to find them, stop them, and bring them to justice.”
Often using fictitious personas and proxy servers, Yermakov, Malyshev, Badin, and unidentified conspirators researched victims, sent spearphishing emails, and compiled, used, and monitored malware command and control servers according to the indictment. Using specialized equipment, and with the remote support of conspirators in Russia, including Yermakov, teams of GRU technical intelligence officers, including Morenets, Serebriakov, Sotnikov, and Minin, traveled to locations around the world where targets were physically located and hacked computer networks used by victim organizations or their personnel through Wi-Fi connections, including hotel Wi-Fi networks.
Besides launching cyber-attacks against the World Anti-Doping Agency, Westinghouse Electric Company, and the U.S. Anti-Doping Agency, Yermakov, Malyshev, and Badin are also charged defendants in federal indictment number CR 18-215 in the District of Columbia, and accused of conspiring to gain unauthorized access into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election, steal documents from those computers, and stage releases of the stolen documents to interfere with the 2016 U.S. presidential election.
Each defendant is charged with one count of conspiracy to commit computer fraud and abuse, which carries a maximum sentence of five years in prison, one count each of conspiracy to commit wire fraud and conspiracy to commit money laundering, both of which carry a maximum sentence of 20 years. Morenets, Serebriakov, Yermakov, Malyshev, and Badin have also been charged with two counts of aggravated identity theft, which carries a consecutive sentence of two years in prison. Yermakov has also been charged with five counts of wire fraud, which carries a maximum sentence of 20 years.
In July, the office of special counsel Robert Mueller announced an indictment against 12 GRU officers for participating in a criminal conspiracy to interfere with the 2016 U.S. presidential election. According to the indictment, the GRU officers were charged with conspiracy to commit computer crimes, aggravated identity theft, and conspiracy to launder money.