US indicts seven Russian spies in cyber-attacks as US, UK and Netherlands allege Russian agents involved in global cyber-hacking plots
John Demers, US Assistant Attorney General for National Security said attacks were how Russia retaliated for bans on its athletes following evidence it was systematically using drugs to enhance their performance
Russian agents busted in the Netherlands, had their vehicle adapted to a virtual electronic spy station, bristling with specialist hacking equipment in their vehicle
Thursday the Dutch Military Intelligence and Security Service revealed the identities of four undercover GRU officers, at a news conference at
Four of the seven indicted persons were the men expelled from the Netherlands, while the other three were among those charged in July with hacking Democratic officials during the 2016 US elections
Dutch security released the names of Aleksei Morenets, Evgenii Serebriakov, Oleg Sotnikov and Alexey Minin entered the Netherlands on diplomatic passports
Hackers Aleksei Morenets and Evgenii Serebriakov, allegedly from the from the GRU’s Unit 26165, were accompanied on their Dutch trip by IT support agents Oleg Sotnikov and Alexey Minin
They were recorded arriving at Schipol airport on April 10, but later expelled after they were caught red handed in a vehicle bristling with spyware designed for cyber-attacks
They were also charged with wire fraud, identity theft and money laundering
Russian spies have been accused of involvement in a series of cyber-plots across the globe, leading the US to level charges against seven agents – While Dutch security released the names of Aleksei Morenets, Evgenii Serebriakov, Oleg Sotnikov and Alexey Minin entered the Netherlands on diplomatic passports
Russian spies have been accused of involvement in a series of cyber-plots across the globe, leading the US to level charges against seven agents.
The US justice department said targets included the global chemical weapons watchdog, anti-doping agencies and a US nuclear company.
The allegations are part of an organised push-back against alleged Russian cyber-attacks around the world.
Russia earlier dismissed the allegations as “Western spy mania”.
The Netherlands has accused four Russians of plotting to hack the Organisation for the Prohibition of Chemical Weapons (OPCW), which had been probing the chemical attack on a Russian ex-spy in the UK.
The Dutch Military Intelligence and Security Service has revealed the identities of four undercover GRU officers, at a news conference at The Hague, Netherlands.
The UK government accused the GRU of being behind four high-profile cyber-attacks, whose targets included firms in Russia and Ukraine; the US Democratic Party; and a small TV network in the UK
The US said its anti-doping agency, football’s governing body FIFA and the US nuclear energy company Westinghouse were targeted by Russian intelligence
Canada said “with high confidence” that breaches at its centre for ethics in sports and at the Montreal-based World Anti-Doping Agency were carried out by Russian intelligence
Russian agents busted in the Netherlands, allegedly The Dutch Military Intelligence and Security Service has revealed the identities of four undercover GRU officers, at a news conference at The Hague, Netherlands
Added to this, the Dutch authorities have said a laptop seized from the four suspects in April was found to have been used in Brazil, Switzerland and Malaysia.
In Malaysia, the Netherlands said, it was used to target the investigation into the downing of Malaysia Airlines flight MH17 in 2014 over territory held by Russian-backed rebels in eastern Ukraine. All 298 people on board were killed.
The revelations about how the British and Dutch security agencies disrupted the operations of the GRU are astonishing in their detail and their openness.
This is not what secretive intelligence agencies normally do.
IT support agents
But the willingness of both countries to be so candid illustrates how determined both they and some other Western governments are to try to push back against what they see as a concerted pattern of Russian aggression.
“I imagine Mr Putin is shouting at one or two people right now,” a cheerful British official told me.
Russia’s foreign ministry – which had earlier dismissed the allegations from the UK and the Netherlands as “Western spy mania” – released an official statement late on Thursday, saying it was the victim of “yet another stage-managed propaganda campaign”.
Alleged targets of Russian cyber-hack campaign
Reconnaissance photos of the OPCW and its surroundings, at the Hague taken on the April 11th, found on the phone of Alexey Minin one of the GRU officers busted attempting a cyber-hack attack at the Hague
“It’s unclear who is supposed to believe these statements accusing Russian citizens of attempting to mount cyber-attacks against the OPCW and trying to obtain data related to the Malaysian flight MH17, as if it is necessary to be near the target of your attack,” it said.
“Any Russian citizen carrying a mobile device is seen as a spy,” the statement added.
John Demers, US Assistant Attorney General for National Security, told a press conference in Washington that many of the attacks were aimed at delegitimizing sports bodies and “altering perceptions of the truth”.
He said the attacks were how Russia retaliated for bans on its athletes following evidence it was systematically using drugs to enhance their performance.
As a result of the findings, the FBI has indicted seven Russian GRU officers, four of whom were the men expelled from the Netherlands, while the other three were among those charged in July with hacking Democratic officials during the 2016 US elections.
Cast of alleged global GRU hackers: Feds released this “wanted” poster, naming and picturing the seven Russian agents indicted in alleged cyber-attacks
They were also charged with wire fraud, identity theft and money laundering.
All seven men are thought to be in Russia, which does not have an extradition treaty with the US.
A joint statement from British Prime Minister Theresa May and her Dutch counterpart Mark Rutte said the alleged plot against the OPCW demonstrated “the GRU’s disregard for global values and rules that keep us all safe”.
Meanwhile, British Foreign Secretary Jeremy Hunt said the UK was discussing further sanctions against Russia with its allies.
The EU has also denounced the alleged cyber-plots.
The four suspects identified by Dutch officials had diplomatic passports – which meant the Netherlands could not arrest them as diplomats are in theory immune from prosecution in their host country – and included two IT experts and two support agents, officials said.
The cache of mobile phones and cameras recovered from the Russian agents busted launching a cyber-attack at the Hague in the Netherlands
The four hired a car and parked it in the car park of the Marriot hotel in The Hague, which is next to the OPCW office, to hack into the OPCW’s wifi network, Major General Onno Eichelsheim from the Dutch MIVD intelligence service said.
Equipment in the car boot was pointed at the OPCW and was being used to intercept login details, he said, adding that the antenna for the operation lay under a jacket on the car’s rear shelf.
When the men were intercepted they tried to destroy one of the mobile phones they were carrying, Maj Gen Eichelsheim said.
He said one of their mobile phones was found to have been activated near the GRU building in Moscow, while another carried a receipt for a taxi journey from a street near the GRU to the airport.
Maj Gen Eichelsheim said the group were planning to travel to Switzerland, to a laboratory in Spiez where the OPCW analysed samples.
They never made it. Instead, the four were immediately escorted out of the country, he added.
Hackers Aleksei Morenets and Evgenii Serebriakov, allegedly from the from the GRU’s Unit 26165, were accompanied on their Dutch trip by IT support agents Oleg Sotnikov and Alexey Minin. They were caught on camera at arriving at Schipol airport on April 10. They have since been expelled
They were named by the MIVD as hackers Aleksei Morenets and Evgenii Serebriakov, and support agents Oleg Sotnikov and Alexey Minin. The four suspects allegedly
He said the hackers were planning to travel on to the OPCW-certified laboratory in Spiez near Berne in Switzerland, where the Novichok nerve agent used in March’s attack on Sergei Skripal and his daughter in the British city of Salisbury was identified.
GRU officers Alexander Borisov and Rusian Borishov, UK govt alleges were involved in the poisoning of ex-Russian spy and his daughter in the UK
At the time the Russian operation was disrupted, the OPCW was investigating the Skripal case as well as an alleged chemical attack in April on the Syrian town of Douma near Damascus by Russian-backed government forces, the MIVD said.
“With its aggressive cyber-campaigns, we see the GRU trying to clean up Russia’s own mess – be it the doping uncovered by Wada [the World Anti-Doping Agency] or the nerve agent identified by the OPCW,” Mr Wilson said.
A laptop seized from the suspects was found to have been used in Brazil, Switzerland and Malaysia, the Dutch officials said.
The cyber-operation in Malaysia targeted the attorney general’s office and Malaysian police as well as the investigation into MH17’s shooting down, Ambassador Wilson said.
Earlier this year Dutch-led international investigators concluded that a missile that brought down MH17 belonged to a Russian brigade. Russia has denied any involvement in the plane’s destruction, which led to the deaths of many Dutch citizens.
Data from the laptop showed it was also present in the Swiss city of Lausanne where it was linked to the hacking of a laptop belonging to Wada, which has exposed doping by Russian athletes.