AP NEWS

Alleged operations by Russia’s GRU in recent years

October 4, 2018
1 of 6

In this image released by the Dutch Defense Ministry on Thursday Oct. 4, 2018, one of the many phones belonging to four Russian officers of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, GRU, is seen after one of the four officers tried to destroy it when they were caught on April 13, 2018. The officers were expelled from the Netherlands for allegedly trying to hack into the chemical watchdog OPCW's network. The Dutch defense minister on Thursday Oct. 4, 2018, accused Russia's military intelligence unit of attempted cybercrimes targeting the U.N. chemical weapons watchdog and the investigation into the 2014 Malaysian Airlines crash over Ukraine. (Dutch Defense Ministry via AP)

THE HAGUE, Netherlands (AP) — In a series of coordinated announcements, authorities in United States, Britain, The Netherlands and Australia on Thursday accused the shadowy Russian military intelligence agency known as GRU of a huge array of cyberattacks around the world.

The stunning revelations included details about Russian attempts to target everything from the global chemical weapons watchdog to anti-doping agencies and a probe into the downed Malaysian Airlines Flight 17. A U.S. indictment charged seven GRU officers Thursday.

A closer look at what Russia is being accused of:

__

2014: PLANE CRASH INVESTIGATION

British authorities allege that a GRU operation conducted “malign activity” when it tried to collect information about the investigation into the 2014 downing of the Malaysia Airlines Flight 17 over war-ravaged eastern Ukraine by targeting Malaysian government institutions, including the Attorney General’s office and Malaysian police.

Dutch officials added that GRU agents had logged into Wi-Fi networks near a Malaysian hotel where investigators had gathered.

Most of the 298 people killed onboard MH17 were Dutch citizens, and investigators say they have strong evidence the Buk missile that downed the plane came from Russia, a charge Russia denies. 

Dutch Defense Minister Ank Bijleveld said: “We have been aware of the interest of Russian intelligence services in this investigation and have taken appropriate measures.”

__

2016: US ELECTION AND OLYMPICS

According to American investigators, agents from the GRU’s Unit 26165 broke into the Democratic National Committee’s emails, wreaking havoc during the 2016 U.S. presidential election.

Authorities also accuse the GRU of sustained efforts to breach the computer systems of global and national anti-doping agencies and sporting governing bodies including the International Olympic Committee and soccer’s FIFA.

Russian agents allegedly hacked into the website of the Court of Arbitration for Sport, the highest court in world sports, during the 2016 Rio de Janeiro Olympics. The court had been looking at doping cases involving Russian athletes.

In September 2016, medical data of 250 athletes was released following a hack. Evidence suggests that in the same month, GRU agents also logged into Wi-Fi networks near a Lausanne, Switzerland, hotel where a World Anti-Doping Agency conference was held. One official from the Canadian Center for Ethics in Sport had their laptop compromised by malware.

According to a U.S. indictment Thursday, the GRU targeted the hacking victims because they had publicly supported a ban on Russian athletes in international sports competitions and because they had condemned Russia’s state-sponsored athlete doping program.

__

2017: UKRAINE INFRASTRUCTURE

The GRU is accused of a catastrophic attack in June 2017 on Ukraine using malicious software that briefly knocked out cash machines, gas stations, pharmacies and hospitals. According to a secret White House assessment recently cited by Wired, the attack caused $10 billion worth of damage worldwide.

__

2018: SPY POISONING

British authorities say that in March, immediately after the nerve agent attack on ex-Russian spy Sergei Skripal in Salisbury, the GRU tried to hack into Foreign Office computer systems via a phishing attack.

In April, four GRU operatives allegedly flew from Moscow to the Netherlands and attempted to hack into and infect the Organization for the Prohibition of Chemical Weapons’ Wi-Fi network in what’s known as a close access hack operation. Dutch authorities showed photos including one of a gray rented Citroen with its trunk full of hacking equipment. The men were caught and expelled from the Netherlands.

In May, GRU hackers allegedly sent phishing emails impersonating Swiss federal authorities to target OPCW employees directly.

The chemical weapons watchdog had confirmed that Skripal was poisoned by the Soviet-produced nerve agent known as Novichok. Britain says the attack was carried out by GRU officers and almost certainly approved “at a senior level of the Russian state.”

AP RADIO
Update hourly