Justice Department Charges Russian Intel Officers with Major Cyberattacks, Including NotPetya

A poster showing six wanted Russian military intelligence officers is displayed as Justice Department officials brief on the press on new indictments Oct. 19.

A poster showing six wanted Russian military intelligence officers is displayed as Justice Department officials brief on the press on new indictments Oct. 19. Andrew Harnik/AP

U.S. officials said a new indictment describing a four-year global conspiracy belies the country’s recent offer to reset relations in cyberspace.

Six members of the Russian Main Intelligence Directorate known as the GRU were responsible for a number of high-profile attacks, including the 2017 NotPetya malware that damaged U.S. critical infrastructure, according to the Justice Department.

During a press conference Monday, officials described activities allegedly perpetrated by the individuals between November 2015 and October 2019. 

The result of the individuals’ activities, according to a Justice Department press release, includes causing widespread power outages in Ukraine; hack-and-leak efforts to influence the French election in 2017; damaging U.S. organizations to the tune of nearly $1 billion in identified losses; spear-phishing campaigns and computer intrusions into officials and systems of the 2018 winter Olympics following Russia’s doping scandal, and a United Kingdom investigation into the use the nerve agent Novichok; and defacement of the websites of companies and government entities in Georgia.   

“Their cyber attacks combine the emotional maturity of a petulant child with the resources of a nation state,” Assistant Attorney General John Demers said.       

Demers noted that in the last three months alone, the U.S. has taken legal action related to the activities of China, Iran and North Korea in an attempt to reinforce appropriate behavior in cyberspace and addressed a Sep. 25 statement from Russian President Vladimir Putin calling for the same from all “technologically sophisticated nations.”

“No country has weaponized its cyber capabilities as maliciously and irresponsibly as Russia, wantonly causing unprecedented collateral damage to pursue small tactical advantages and fits of spite,” Demers said. “This indictment lays bare Russia's use of its cyber capabilities to destabilize and interfere with the domestic political and economic systems of other countries, providing a cold reminder of why its proposal is nothing more than dishonest rhetoric, and cynical and cheap propaganda.”

Following the announcement, Rep. Jim Langevin, D-R.I., a member of the Cyberspace Solarium Commission, congratulated the Justice Department and FBI. 

“The world needs to understand that Russia is not interested in promoting stability in cyberspace, and countries must take that into consideration as Russia pretends to negotiate on norms in good faith,” he said

The indictment was returned by a federal grand jury in Pittsburgh on Oct. 15. Each of the six individuals was charged with conspiracy to conduct computer fraud and abuse, conspiracy to commit wire fraud, wire fraud, damaging protected computers, and aggravated identity theft.  

One of the six defendants—Anatoliy Sergeyevich Kovalev (Анатолий Сергеевич Ковалев), 29—was also previously charged with “conspiring to gain unauthorized access into the computers of U.S. persons and entities involved in the administration of the 2016 U.S. elections.”

Demers reiterated that the intelligence community has so far seen no such attempts to influence the upcoming U.S. elections.  

“Americans should be confident that a vote cast for their candidate will be counted for that candidate,” he said.