The United States and its nine allies issued a joint statement condemning Russia for its malicious cyberattacks on Ukraine and several NATO countries.
America’s Federal Bureau of Investigation (FBI), the US Treasury Department, the Department of State, US Cyber Command’s Cyber National Mission Force (CNMF), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) joined forces with 12 agencies and departments from Australia, Germany, Ukraine, the Netherlands, Latvia, the Czech Republic, the United Kingdom, Canada, and Estonia to issue the statement against Russia.
According to the statement, the Russian military intelligence group GRU Unit 29155, which is also known for carrying out assassinations in foreign countries, is primarily responsible for orchestrating these cyberattacks. This wave of Russian cyberattacks started in 2020 in Ukraine and later spread to many US NATO allies, impacting critical government, health, transportation, financial, and other infrastructure.
The Russian hackers were also involved in dismantling Ukraine’s critical government and private infrastructure almost a month before Russia invaded Ukraine in 2022.
This joint statement was issued just one day after the US Justice Department seized at least 30 Russian web domains involved in propagating misinformation and manipulating narratives in America before the 2024 presidential elections.
The Justice Department also charged five GRU hackers and one Russian civilian for their involvement in hacking important government infrastructure in Ukraine. The US government has now announced a $10 million reward per person to anyone who can reveal the location of any of these six indicted individuals.
The FBI noted that this wave of Russian cyberattacks affected more than 14,000 networks in 20 different NATO countries and other European nations, as well as the critical infrastructure of Asian and Central American countries.
Some of the most common hacking activities involved vandalizing websites, infrastructure scanning, publishing stolen data, and data exfiltration. However, the Justice Department did not provide specifics about most cyberattacks, primarily due to security concerns.
Meanwhile, the Estonian ambassador-at-large for cyber diplomacy, Tanel Sepp, stated that they delayed releasing the joint statement to gather sufficient proof of the cyberattacks. He suggested that this is the first time his country has blamed any foreign country for cyberattacks on its government machinery, which impacted at least three ministries, including the Estonian Foreign Ministry.
Hackers backed by the Russian government have repeatedly tried to target American infrastructure. Sandworm, a hacker group associated with Russian Military Unit 74455, is the most notorious Russia-backed cybercrime entity. It has previously taken responsibility for hacking the software running the drinking water facilities in the US and Poland. Another Russian hacker group, Killnet, hacked the websites of major US airports in 23 states in October 2022.