Movatterモバイル変換

[0]ホーム
URL:

Jump to content
WikipediaThe Free Encyclopedia
Search

Cyberwarfare by Russia

From Wikipedia, the free encyclopedia

"Russian interference" redirects here. For other uses, seeRussian involvement in regime change.
Cyberwarfare by Russia
Part ofinformation warfare

Pro-Russian bot farm in Ukraine, 2022
Date1990s–present
Location
Global
Belligerents
Russia

Various nations including:

Units involved
Part of a series on
War
(outline)

Cyberwarfare by Russia comprisesdenial-of-service campaigns,hacking operations,disinformation programs, and state-directed onlinerepression, includingparticipation of state-sponsored teams in political blogs, internetsurveillance usingSORM technology, and otheractive measures, executed by Russian security and intelligence agencies since the 1990s to advance Kremlin geopolitical objectives.[1][2]

Russian doctrine frames these operations within aninformatsionnoye protivoborstvo (IPb), or information confrontation, approach that fuses technical network actions with psychological measures.[3] Units of theGRU,FSB, andSVR oversee hacker collectives such asAPT28,APT29,Sandworm,Turla, and Star Blizzard that target governments, infrastructure, and civil society across Europe, North America, and Asia.[4][5][6][7][8][9][10][11][12][13][14]

Prominent operations include the 2007 distributed denial-of-service attacks on Estonia,[15] cyber strikes that accompanied the 2008 war with Georgia,[16] sustained intrusions into Ukrainian elections and power grids,[17][18] and the 2017NotPetya malware campaign that caused global financial losses, while the campaigns also targeted democratic contests in the United States, Germany, and across the European Union and sustained covert influence networks such asVoice of Europe.[8][9][19][20][21]

International responses range from sanctions and coordinated attribution statements to the creation ofNATO's Cooperative Cyber Defence Centre of Excellence in Tallinn[22] and joint action following theViasat attack during the2022 invasion of Ukraine.[23][24][8]

Background

[edit]

Russian military doctrine includes cyber operations and influence campaigns under the concept of "information confrontation" (Russian:информационное противоборство,romanizedinformatsionnoye protivoborstvo). According to a 2017 United States Defense Intelligence Agency assessment, this strategy has two main components:

  • Informational-technical operations, focused on computer network operations including defense, exploitation, and offensive attacks
  • Informational-psychological operations, aimed at influencing beliefs and behaviors to advance Russian state goals

Investigative journalists have revealed how this strategy builds on Soviet-era KGB structures, with Russian intelligence agencies playing central roles. The agencies employ surveillance tools like the SORM system to monitor and suppress online dissent.[3][25][26][27]

Russia formalized this approach in its 2016Information Security Doctrine, providing a national security framework linking internal control, external influence, and technological development.[28] The doctrine defines information security broadly, encompassing data, infrastructure, and human processes. It establishes goals to protect information sovereignty, secure critical systems and state secrets, safeguard constitutional rights and public order online, and promote domestic technology. The doctrine identifies foreign states, organizations, and individuals as potential threats, directing all government branches to coordinate responses.

Russian military discussions place information operations within broader debates about modern warfare. In 2013, Chief of the General StaffValery Gerasimov argued that non-military tools can be decisive when coordinated with limited force, advocating better integration of military and state resources. While his article is frequently cited in Western analysis, experts caution against viewing it as formal doctrine. Both Russian and Western analysts emphasize that it reflects long-standing Russian military thinking rather than a new approach.[29][30][31]

The implementation involves multiple security agencies with overlapping domestic and foreign responsibilities. TheFederal Security Service manages internal security, counterintelligence, and information security, including surveillance systems. Military intelligence conducts external operations including cyber intrusion and disruption. Civil agencies and state-aligned media support messaging campaigns domestically and internationally.[27][32]

Researchers at theCentre for Eastern Studies andKennan Institute emphasize how Russia combines legal, technical and narrative tools. Domestic internet controls enable censorship, surveillance, and pressure on intermediaries, supporting psychological operations. Foreign operations synchronize influence activities with espionage and disruptive attacks. While some label this hybrid or non-linear warfare, analysts caution that these terms can obscure the continuity in Russian strategy, which relies on coordinated state action rather than novel doctrine.[33][34]

Online presence

[edit]

US journalistPete Earley described his interviews with former seniorRussian intelligence officerSergei Tretyakov, who defected to theUnited States in 2000:

Sergei would send an officer to a branch of theNew York Public Library where he could get access to the Internet without anyone knowing his identity. The officer would post the propaganda on various websites and send it in emails to US publications and broadcasters. Some propaganda would be disguised as educational or scientific reports. ... The studies had been generated at theCenter by Russian experts. The reports would be 100% accurate[35]

Tretyakov did not specify the targeted web sites, but made clear they selected the sites which are most convenient for distributing the specific information. According to him, during his work inNew York City in the end of the 1990s, one of the most frequent subjects was theWar in Chechnya.[35]

According to a publication in Russian computer weeklyComputerra, "just because it became known that anonymous editors are editing articles inEnglish Wikipedia in the interests of UK and US intelligence and security services, it is also likely that Russian security services are involved in editingRussian Wikipedia, but this is not even interesting to prove it — because everyone knows that security bodies have a special place in the structure of our [Russian] state."[36]

Organization and attribution

[edit]

According toUS Department of Justice indictments, cybersecurity company reports, and investigative journalism, several recurring Russian state-linked hacking groups have been identified.APT28 (also known as Fancy Bear) is commonly linked toGRU Unit 26165 and conducts operations against parliaments, broadcasters and election campaigns in Europe.[4]APT29 (also known as Nobelium or Midnight Blizzard) is linked to Russia'sSVR and conducts long-running espionage campaigns targeting governments and technology firms.[5][6][7]Sandworm, assessed as GRU Unit 74455, has deployed destructive malware against Ukrainian targets and carried out global campaigns likeNotPetya.[8][9]Turla, tracked byMicrosoft as Secret Blizzard and associated withFSB infrastructure, continues espionage operations including 2025 activity targeting foreign embassies in Moscow.[10] The FSB-linked Star Blizzard group (also known as Callisto or ColdRiver) has faced sanctions, criminal charges and technical takedowns for spear-phishing campaigns targeting officials, academics and NGOs.[11][12][13][14]

While attribution remains contested in some incidents, multiple governments have issued formal statements attributing responsibility to Russian state entities based on classified intelligence and technical evidence.[23][24][8]

Cyberattacks

[edit]

It has been claimed that Russian security services organized a number ofdenial of service attacks as a part of theircyber-warfare against other countries, such as the2007 cyberattacks on Estonia and the2008 cyberattacks on Russia, South Ossetia, Georgia, and Azerbaijan.[37][38] One identified young Russian hacker said that he was paid byRussian state security services to lead hacking attacks onNATO computers. He was studyingcomputer sciences at the Department of the Defense of Information. His tuition was paid for by the FSB.[39]

The Russian invasion of Ukraine in February 2022 saw renewed interest in information warfare, with the widespread dissemination of propaganda and misinformation on social media, by way of a large-scale Russian propaganda campaign on social media,[40] especially in countries that abstained from voting on theUnited Nations Resolution ES-11/1 such as India, South Africa, and Pakistan. Bots played a disproportionate role in the dissemination of pro-Russian messages and amplified its proliferation in early-stage diffusion, especially on platforms like Twitter, where pro-Russian messages received ~251,000 retweets and thereby reached around 14.4 million users. Of these "spreaders", around 20.28% of the spreaders are classified as bots, most of which were created at the beginning of the invasion.[41]

Europe

[edit]
Main article:Russian interference in European politics

In 2023, authorities in theCzech Republic exposed a Kremlin-funded influence operation calledVoice of Europe based inPrague and led by pro-Russian figures, including Ukrainian politicianViktor Medvedchuk. The outlet was part of a covert network aiming to sway European politics by channeling funds tofar-right andEurosceptic politicians while amplifying pro-Kremlin narratives.[21] Investigations byCzech intelligence in 2024 revealed that this Russian-financed network attempted to bribeEuropean lawmakers and influence elections (including the2024 European Parliament election), using local intermediaries to promote Kremlin positions.[21] The exposure of theVoice of Europe operation highlighted a broader pattern of Russian cyber-enabled interference acrossEuropean Union member states, combining traditional hacking with financial subversion anddisinformation campaigns to undermine European unity.

Estonia

[edit]
Main article:2007 cyberattacks on Estonia

In April 2007, following a diplomatic row with Russia overa Soviet war memorial, Estonia was targeted by a series of cyberattacks on financial, media, and government websites which were taken down by an enormous volume of spam being transmitted bybotnets in what is called adistributed denial-of-service attack. Online banking was made inaccessible, government employees were suddenly unable to communicate via e-mail, and media outlets could not distribute news. The attacks reportedly came from RussianIP addresses, online instructions were in Russian, and Estonian officials traced the systems controlling the cyberattacks back to Russia.[42][43] However, some experts held doubts that the attacks were carried out by the Russian government itself.[44] A year after the attackNATO founded theCooperative Cyber Defence Centre of Excellence inTallinn as a direct consequence of the attacks.[45]

In response to the2022 Russian invasion of Ukraine, Estonia has removed a Soviet-era tank monument near Narva.[46] After its removal, Estonia was subject to "the most extensive cyberattack" since the 2007 cyberattacks.[47]

France

[edit]
Further information:2017 Macron e-mail leaks

In 2015, theParis-based French broadcasting serviceTV5Monde was attacked by hackers who used malicious software to attack and destroy the network's systems and take all twelve of its channels off the air. The attack was initially claimed by a group calling themselves the "Cyber Caliphate" however a more in-depth investigation by French authorities revealed the attack on the network had links toAPT28, aGRU-affiliated hacker group.[48][49] In May 2017, on the eve of the French presidential election, more than 20,000 e-mails belonging to the campaign ofEmmanuel Macron were dumped on an anonymous file-sharing website, shortly after the campaign announced they had been hacked. Word of the leak spread rapidly through the Internet, facilitated by bots and spam accounts. An analysis by Flashpoint, an American cybersecurity firm, determined with "moderate confidence" that APT28 was the group behind the hacking and subsequent leak.[50]

In February 2021 theAgence nationale de la sécurité des systèmes d'information said that "several French entities" were breached bySandworm between late 2017 and 2020 by hacking French software company Centreon to deploy malware. Similar to the2020 United States federal government data breach. The ANSSI said the breach "mostly affected information technology providers, especially web hosting providers". Russia has denied being behind the cyberattack. Centreon said in a statement that it "has taken note of the information" but disputed that the breach was linked to a vulnerability in their commercial software.[51][52][53]

Germany

[edit]
Main article:Russian sabotage operations in Europe

In 2015, a high-ranking security official stated that it was "highly plausible" that acybertheft of files from theGerman Parliamentary Committee investigating the NSA spying scandal, later published byWikiLeaks, was conducted by Russian hackers.[54][55] In late 2016,Bruno Kahl, president of theBundesnachrichtendienst warned of data breaches and misinformation-campaigns steered by Russia.[56] According to Kahl, there are insights that cyberattacks occur with no other purpose than to create political uncertainty.[57][58]Süddeutsche Zeitung reported in February 2017 that a year-long probe by German intelligence "found no concrete proof of [Russian] disinformation campaigns targeting the government".[59] By 2020 however German investigators had collected enough evidence to identify one suspect.[60]

Hans-Georg Maaßen, head of the country'sFederal Office for the Protection of the Constitution from 2012 until 2018, noted "growing evidence of attempts to influence the [next] federal election" in September 2017 and "increasingly aggressive cyber espionage" against political entities in Germany.[61]The New York Times reported on 21 September 2017, three days before theGerman federal election, that there was little to suggest any Russian interference in the election.[62] In 2021 the European Commission has accused Russia of trying to interfere in European democratic processes just days before the parliamentary election on September 26 in Germany.[63]

Poland

[edit]

A three-year pro-Russian disinformation campaign onFacebook with an audience of 4.5 million Poles was discovered in early 2019 byOKO.press andAvaaz. The campaign published fake news and supported three Polish politicians and their websites:Adam Andruszkiewicz, former leader of the ultra-nationalist and neo-fascistAll-Polish Youth and, as of 2019[update], Secretary of State in the Polish Ministry of Digitisation;Janusz Korwin-Mikke; andLeszek Miller, an active member of thePolish United Workers' Party during the communist epoch and a prime minister of Poland during the post-communist epoch. Facebook responded to the analysis by removing some of the web pages.[64]

Romania

[edit]
Main articles:2022 cyberattacks on Romania andAccusations of Russian interference in the 2024 Romanian presidential election

Between late April and early May 2022, in the midst of the2022 Russian invasion of Ukraine, multiple Romanian government, military, bank and mass media websites were taken down after a series of DDoS attacks, behind which was a pro-Kremlin hacking group,Killnet. The hacking group described the cyberattacks to be a response to a statement made by then-Senate president,Florin Cîțu thatRomania would provideUkraine with military equipment.[65][66][67]

Georgia

[edit]
Further information:Cyberattacks during the 2008 South Ossetia war

On 20 July 2008, the website of the Georgian president,Mikheil Saakashvili, was rendered inoperable for twenty-four hours by a series ofdenial of service attacks. Shortly after, the website of theNational Bank of Georgia and the parliament were attacked by hackers who plastered images of Mikheil Saakashvili and former Nazi leaderAdolf Hitler. During the war, many Georgian government servers were attacked and brought down, reportedly hindering communication and the dissemination of crucial information. According to technical experts, this is the first recorded instance in history of cyberattacks coinciding with an armed conflict.[68][69]

An independent US-based research instituteUS Cyber Consequences Unit report stated the attacks had "little or no direct involvement from the Russian government or military". According to the institute's conclusions, some several attacks originated from the PCs of multiple users located in Russia,Ukraine andLatvia. These users were willingly participating in cyberwarfare, being supporters of Russia during the2008 South Ossetia war, while some other attacks also used botnets.[70][71]

Kyrgyzstan

[edit]

Beginning in mid-January 2009, Kyrgyzstan's two mainISPs came under a large-scale DDoS attack, shutting down websites and e-mail within the country, effectively taking the nation offline. The attacks came at a time when the country's president,Kurmanbek Bakiyev, was being pressured by both domestic actors and Russia to close a U.S. air base in Kyrgyzstan.[72]The Wall Street Journal reported the attacks had been carried out by a Russian "cyber-militia".[73]

South Korea

[edit]

According to twoUnited States intelligence officials that talked toThe Washington Post, and also the findings of cybersecurity analyst Michael Matonis,Russia is likely behind the cyberattacks against the2018 Winter Olympics inSouth Korea.[74] The worm responsible for these cyberattacks is known as "Olympic Destroyer".

The worm targeted all Olympic IT infrastructure, and succeeded in taking down WiFi, feeds to jumbotrons, ticketing systems, and other Olympic systems. It was timed to go off at the start of the opening ceremonies. It was unique in that the hackers attempted to use many false signatures to blame other countries such asNorth Korea andChina.[74]

Ukraine

[edit]
Main article:Russo-Ukrainian cyberwarfare

In March 2014, a Russian cyber weapon called Snake or "Ouroboros" was reported to have created havoc on Ukrainian government systems.[75] The Snake tool kit began spreading into Ukrainian computer systems in 2010. It performed Computer Network Exploitation (CNE), as well as highly sophisticated Computer Network Attacks (CNA).[76]

From 2014 to 2016, according toCrowdStrike, the Russian APTFancy Bear used Androidmalware to target the Ukrainian Army'sRocket Forces and Artillery. They distributed an infected version of anAndroidapp whose original purpose was to control targeting data for theD-30 Howitzer artillery. The app, used by Ukrainian officers, was loaded with theX-Agent spyware and posted online on military forums. CrowdStrike claims the attack was successful, with more than 80% of Ukrainian D-30 Howitzers destroyed, the highest percentage loss of any artillery pieces in the army (a percentage that had never been previously reported and would mean the loss of nearly the entire arsenal of the biggest artillery piece of theUkrainian Armed Forces.[77]).[78] According to theUkrainian army, this number is incorrect and that losses in artillery weapons "were way below those reported" and that these losses "have nothing to do with the stated cause".[79]

The U.S. government concluded after a study that acyberattack caused a power outage in Ukraine which left more than 200,000 people temporarily without power. The Russian hacking group Sandworm or the Russian government were possibly behind the malware attack on the Ukrainian power grid as well as a mining company and a large railway operator in December 2015.[80][81][82][83][18][84] A similar attack occurred in December 2016.[85]

In February 2021 Ukraine accused Russia of attacking the System of Electronic Interaction of Executive Bodies a web portal used by the Ukrainian government to circulate documents by uploaded documents that containedmacroscripts which if downloaded and enabled would lead to the computer to secretly downloadmalware that would allow hackers to take over a computer.[86][87]

In January 2022, acyberattack on Ukraine took down the website of the Ministry of Foreign Affairs and other government agencies.[88]

In February 2022, before and after Russian troops entered eastern Ukraine amid an environment of escalating tensions between Ukraine and Russia, several major Ukrainian governmental and business websites were taken down by a series of cyberattacks. U.S. officials attributed the attacks to Russian attackers, although the Russian government denied involvement.[89]

2014 Ukrainian presidential election

[edit]

Pro-Russian hackers launched a series of cyberattacks over several days to disrupt the May 2014Ukrainian presidential election, releasing hacked emails, attempting to alter vote tallies, and delaying the final result withdistributed denial-of-service (DDOS) attacks.[17][90] Malware that would have displayed a graphic declaring far-right candidateDmytro Yarosh the electoral winner was removed from Ukraine'sCentral Election Commission less than an hour before polls closed. Despite this,Channel One Russia "reported that Mr. Yarosh had won and broadcast the fake graphic, citing the election commission's website, even though it had never appeared there."[17][91] According toPeter Ordeshook: "These faked results were geared for a specific audience in order to feed the Russian narrative that has claimed from the start that ultra-nationalists andNazis were behind therevolution in Ukraine."[17]

United Kingdom

[edit]
Main article:Russian interference in British politics

Brexit referendum

[edit]
Main article:Russian interference in the 2016 Brexit referendum

In the run up to the2016 referendum on the United Kingdom exiting theEuropean Union ("Brexit"), Prime MinisterDavid Cameron suggested that Russia "might be happy" with a positive Brexit vote, while the Remain campaign accused theKremlin of secretly backing a positive Brexit vote.[92] In December 2016,Ben Bradshaw MP claimed in Parliament that Russia had interfered in the Brexit referendum campaign.[93] In February 2017, Bradshaw called on the British intelligence service,Government Communications Headquarters, then underBoris Johnson as Foreign Secretary, to reveal the information it had on Russian interference.[94] In April 2017, theHouse of CommonsPublic Administration and Constitutional Affairs Select Committee issued a report stating, in regard to the June 2016 collapse of the government's voter registration website less than two hours prior to the originally scheduled registration deadline (which was then extended), that "the crash had indications of being a DDOS 'attack.'" The report also stated that there was "no direct evidence" supporting "these allegations about foreign interference". ACabinet Office spokeswoman responded to the report: "We have been very clear about the cause of the website outage in June 2016. It was due to a spike in users just before the registration deadline. There is no evidence to suggest malign intervention."[95][96]

In June 2017, it was reported byThe Guardian that "Leave" campaignerNigel Farage was a "person of interest" in the United StatesFederal Bureau of Investigation into Russian interference in the United States 2016 Presidential election.[97] In October 2017, Members of Parliament in theCulture, Media and Sport Committee demanded that Facebook, Twitter, Google and other social media corporations, to disclose all adverts and details of payments by Russia in the Brexit campaign.[98]

In December 2023 the UK and its allies have accused Russia of a sustained cyberattacks dating back at least from 2015 until 2023. These attacks have included targeting parliamentarians from various political parties as well as universities, journalists and NGOs. TheStar Blizzard group has been named as the group behind the attack is also thought to be subordinate to the Russian government.[99]

United States

[edit]
See also:Russian interference in the 2016 United States elections,Russian interference in the 2018 United States elections,Russian interference in the 2020 United States elections, andRussian interference in the 2024 United States elections
Putin's Asymmetric Assault on Democracy in Russia and Europe: Implications for U.S. National Security

Early Attacks (1996-2008)

[edit]

In 1999,Moonlight Maze was the US investigation of a 1996-1999 Russian cyberattack against NASA, the Pentagon, the US military, civilian academics and government agencies. The cyberattack was attributed to Russian-state-sponsored hackers.[100][101][102]

The2008 cyberattack on the United States was connected to Russian language threat actors.[103]

White House and State Department Attacks (2015)

[edit]

In April 2015,CNN reported that "Russian hackers" had "penetrated sensitive parts of the White House" computers in "recent months". It was said that the FBI, the Secret Service, and other U.S. intelligence agencies categorized the attacks as "among the most sophisticated attacks ever launched against U.S. government systems."[104]

In 2015, CNN reported that Russian hackers, likely working for the Russian government, are suspected in the State Department hack. Federal law enforcement, intelligence and congressional officials briefed on the investigation say the hack of the State Department email system is the "worst ever" cyberattack intrusion against a federal agency.[105]

2016 Election Interference

[edit]

In February 2016, seniorKremlin advisor and top Russian cyber official Andrey Krutskikh told the Russian national security conference in Moscow that Russia was working on new strategies for the "information arena" that was equivalent to testing anuclear bomb and would "allow us to talk to the Americans as equals".[106]

In 2016, the release of hacked emails belonging to theDemocratic National Committee,John Podesta, andColin Powell, among others, throughDCLeaks andWikiLeaks was said by private sector analysts[107] and US intelligence services[108] to have been of Russian origin.[109][110] Also, in December 2016, Republicans and Democrats on theSenate Committee on Armed Services called for "a special select committee to investigate Russian attempts to influence the presidential election".[111][112]

Infrastructure Attacks (2018-2021)

[edit]

In 2018, the United StatesComputer Emergency Response Team released an alert warning that the Russian government was executing "a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities' networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks." It further noted that "[a]fter obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems."[113] The hacks targeted at least a dozen U.S. power plants, in addition to water processing, aviation, and government facilities.[114]

In June 2019, theNew York Times reported that hackers from theUnited States Cyber Command planted malware potentially capable of disrupting theRussian electrical grid.[115] According toWired senior writerAndy Greenberg, "The Kremlin warned that the intrusions could escalate into a cyberwar between the two countries."[115]

Over several months in 2020, a group known as APT29 orCozy Bear, working for Russia'sForeign Intelligence Service, breached a top cybersecurity firm and multiple U.S. government agencies including the Treasury, Commerce, and Energy departments and the National Nuclear Security Administration.[116] The hacks occurred through a network management system called SolarWinds Orion. The U.S. government had an emergency meeting on 12 December 2020, and the press reported the hack the next day. When Russia's Foreign Intelligence Service performs such hacks, it is typically "for traditional espionage purposes, stealing information that might help the Kremlin understand the plans and motives of politicians and policymakers," according toThe Washington Post, and not for the purpose of leaking information to the public.[117]

Further information:2020 United States federal government data breach

In February 2021 a report by Dragos stated thatSandworm has been targeting US electric utilities, oil and gas, and other industrial firms since at least 2017 and were successful in breaching these firms a "handful" of times.[118][119]

In May 2021, theColonial Pipeline ransomware attack was perpetrated by Russian language hacking groupDarkSide.[120][121] It was the largest cyberattack on an energy infrastructure target in US history. Colonial Pipeline temporarily halted the operations of the pipeline due to the ransomware attack.[122] The Department of Justice recovered the bitcoin ransom from the hackers.[123]

Recent attacks (2023-2025)

[edit]

Revealed in 2023, British authorities believed thatStar Blizzard engaged in a cyberespionage campaign beginning in at least 2015 against U.K. lawmakers over several years. In December 2023, U.S. authorities charged two Russian men, who are believed to be located in Russia and were associated with the "Callisto Group," which is associated with "Cold River" and "Dancing Salome" and are managed by theFSB Information Security Center (18th Center) (CIB or TsIB FSB),[a] in connection withStar Blizzard's previous actions, which included targeting individuals and groups throughout the United States, Europe and in other NATO countries, many of which were supporting Ukraine during theRusso-Ukrainian War and allegedly attempting to provide foreign malign influence campaigns to influence the United Kingdom's 2019 elections in support of Russian government interests. In December 2023, United States authorities charged Andrey Korinets,[b] and the alleged FSB officer Ruslan Peretyatko,[c] who both are members of the "Callisto Group" and were associated with spear-phishing schemes, with conspiracy to commit computer fraud: both individuals were sanctioned by the governments of the United Kingdom and the United States with the United States State Department offering a reward of up to $10 million for information leading to their whereabouts and arrest, as well as the arrest of their accomplices.[124][125][126][127][128][129][130]

In 2024, two members of the Cyber Army Russia Reborn, Yuliya Vladimirovna Pankratova, also known as YUliYA, and Olegovich Degtyarenko were sanctioned, by the U.S. Department of the Treasury for hacking water facilities in both the US and Poland, as well as disrupt operations at a facility in France.[131] Also, the group hacked "the industrial control systems (ICSes) that control water storage tanks in Texas".[131] In early May 2024, Degtyarenko wrote training materials on how to compromise SCADA systems.[131]

In October 2024, the United States Justice Department and Microsoft seized more than a hundred internet domains some of which were associated with theFSB supported hackerStar Blizzard or "Callisto Group," which is also known as "Cold River" and "Dancing Salome" and are managed by theFSB Information Security Center (18th Center) (CIB or TsIB FSB) (Russian:Центр информационной безопасности ФСБ (18-й центр) (ЦИБ ФСБ)), and which were used as "criminal proxies" and usedspear-phishing schemes to target Russians living in the United States, nongovernmental organizations (NGOs), think tanks, and journalists according to Microsoft and United States State Department, Department of Energy, and Department of Defense officials, United States defense contractors, and former employees of the United States intelligence community according to the FBI. In some cases, the hackers were successful in obtaining information relating to nuclear energy-related research, United States foreign affairs and United States defense. According to Microsoft's Digital Crimes Unit from January 2023 to August 2024,Star Blizzard targeted more than 30 different groups and at least 82 Microsoft customers which is "a rate of approximately one attack per week." Both the NGO-Information Sharing and Analysis Center, which is a nonprofit tech organization, and Microsoft, which had been trackingStar Blizzard since 2017, provided support during the investigations ofStar Blizzard.[127][132][133][134][135][136][137][138][139][d]

False alarms

[edit]

On 30 December 2016,Burlington Electric Department, a Vermont utility company, announced that code associated with the Russian hacking operation dubbed Grizzly Steppe had been found in their computers. Officials from the Department of Homeland Security, FBI and the Office of the Director of National Intelligence warned executives of the financial, utility and transportation industries about the malware code.[140] The first report byThe Washington Post left the impression that the grid had been penetrated, but the hacked computer was not attached to the grid. A later version attached this disclaimer to the top of its report correcting that impression: "Editor's Note: An earlier version of this story incorrectly said that Russian hackers had penetrated the U.S. electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid."[141]

Venezuela

[edit]

After the news websiteRunrun.es published a report on extrajudicial killings by theBolivarian National Police, on 25 May 2019, the Venezuelan chapter of theInstituto de Prensa y Sociedad (IPYS), pointed out that the website was out of service due to an uncached request attack, denouncing that it originated from Russia.[142]

See also

[edit]

Notes

[edit]
  1. ^TheFSB Information Security Center (18th Center) (CIB or TsIB FSB) (Russian:Центр информационной безопасности ФСБ (18-й центр) (ЦИБ ФСБ)) is known in London as "Star Blizzard" and in Washington as the "Callisto Group" and is also associated with SEABORGIUM or COLDRIVER or Dancing Salome.[124]
  2. ^Andrey Stanislavovich Korinets (Russian:Андрей Станиславович Коринец; born 1988 or 1989), also known as Alexey Doguzhev or Alexei Doguzhiev (Russian:Алексей Догужев), is an IT worker and bodybuilder who resides inSyktyvkar and allegedly is a member of "Cold River" which is managed by theFSB Information Security Center (18th Center) (CIB or TsIB FSB) (Russian:Центр информационной безопасности ФСБ (18-й центр) (ЦИБ ФСБ)).[125]
  3. ^Ruslan Aleksandrovich Peretyatko (Russian:Руслан Александрович Перетятько) allegedly is an FSB officer.[126]
  4. ^During theRusso-Ukrainian War, many cyber attacks on Ukraine allegedly were conducted byGRU Unit 29155.[138]

References

[edit]
  1. ^Kantchev, Georgi; Strobel, Warren P. (2 January 2021)."How Russia's 'Info Warrior' Hackers Let Kremlin Play Geopolitics on the Cheap".Wall Street Journal.Archived from the original on 8 January 2021. Retrieved12 January 2021.
  2. ^State control over the internetArchived 22 August 2009 at theWayback Machine, a talk show byYevgenia Albats at theEcho of Moscow, 22 January 2006; interview withAndrei Soldatov and others
  3. ^abRussia Military Power: Building a Military to Support Great Power Aspirations(PDF) (Report). Defense Intelligence Agency. 2017. pp. 37–39. Retrieved10 October 2025.
  4. ^ab"UK enforces new sanctions against Russia for cyberattack on German parliament".UK Government. 22 October 2020.
  5. ^ab"Microsoft says Russian state-sponsored hackers accessed emails of senior leadership".Reuters. 19 January 2024.
  6. ^ab"Microsoft actions following attack by nation-state actor Midnight Blizzard".Microsoft Security Response Center. 19 January 2024.
  7. ^ab"Update on Microsoft actions following attack by Midnight Blizzard".Microsoft Security Response Center. 8 March 2024.
  8. ^abcde"Statement from the Press Secretary".whitehouse.gov. 15 February 2018.In June 2017, the Russian military launched the most destructive and costly cyber-attack in history.
  9. ^abc"Six Russian GRU Officers Charged in Connection with Worldwide Deployment of Destructive Malware and Other Disruptive Actions" (Press release). U.S. Department of Justice. 19 October 2020.
  10. ^ab"Russia's FSB targets foreign embassies in Moscow in cyber espionage campaign, Microsoft says".Reuters. 31 July 2025.
  11. ^ab"UK exposes attempted Russian cyber interference in politics and democratic processes".UK Government. 7 December 2023.
  12. ^ab"US and UK sanction members of Russia's FSB for cyber campaign".U.S. Department of the Treasury. 7 December 2023.
  13. ^ab"Justice Department Disrupts Russian Intelligence Spear-Phishing Efforts" (Press release). U.S. Department of Justice. 3 October 2024.
  14. ^ab"Protecting democratic institutions from cyber threats".Microsoft On the Issues. 3 October 2024.
  15. ^McGuinness, Damien (27 April 2017)."How a cyber attack transformed Estonia".BBC News.Archived from the original on 21 February 2018.
  16. ^Hart, Kim (14 August 2008)."Longtime Battle Lines Are Recast In Russia and Georgia's Cyberwar".The Washington Post.Archived from the original on 13 March 2018.
  17. ^abcdClayton, Mark (17 June 2014)."Ukraine election narrowly avoided 'wanton destruction' from hackers".The Christian Science Monitor.Archived from the original on 13 October 2020. Retrieved16 August 2017.
  18. ^ab"U.S. government concludes cyber attack caused Ukraine power outage".Reuters. 25 February 2016.Archived from the original on 21 April 2016. Retrieved1 August 2016.
  19. ^Ignatius, David (18 January 2017)."Russia's radical new strategy for information warfare".The Washington Post.Archived from the original on 23 March 2017. Retrieved22 March 2017.
  20. ^Vasco Cotovio (24 September 2021)."Russia accused of 'Ghostwriter' cyberattacks ahead of German election".CNN. Retrieved25 September 2021.
  21. ^abcBelton, Catherine; Mekhennet, Souad (3 June 2024). 'Russia co-opts far-right politicians in Europe with cash, officials say'.The Washington Post. Retrieved 3 June 2024.
  22. ^"NATO opens new centre of excellence on cyber defence".NATO. 14 May 2008.
  23. ^ab"Russian cyber operations against Ukraine: Declaration by the High Representative on behalf of the European Union".Council of the European Union. 10 May 2022.
  24. ^ab"US Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Actors".CISA. 10 May 2022.
  25. ^"State control over the internet".Echo of Moscow. 22 January 2006. Archived fromthe original on 22 August 2009.Interview with Andrei Soldatov and others on state control and FSB structures
  26. ^Kantchev, Georgi; Strobel, Warren P. (2 January 2021)."How Russia's 'Info Warrior' Hackers Let Kremlin Play Geopolitics on the Cheap".The Wall Street Journal.Archived from the original on 8 January 2021.
  27. ^abGiles, Keir (November 2016).Handbook of Russian Information Warfare(PDF). NDC Fellowship Monograph 9. Rome: NATO Defense College.ISBN 978-88-96898-16-1. Retrieved13 October 2025.
  28. ^"Doctrine of Information Security of the Russian Federation".Ministry of Foreign Affairs of the Russian Federation. 5 December 2016. Retrieved13 October 2025.
  29. ^Gerasimov, Valery (January–February 2016)."The Value of Science Is in the Foresight"(PDF).Military Review. Translated by Robert Coalson:23–29. Retrieved13 October 2025.Originally published inVoenno-Promyshlennyy Kurier, 27 February 2013
  30. ^Bartles, Charles K. (January–February 2016)."Getting Gerasimov Right"(PDF).Military Review:30–38. Retrieved13 October 2025.
  31. ^Galeotti, Mark (2019)."The mythical 'Gerasimov Doctrine' and the language of threat".Critical Studies on Security.7 (2):157–161.doi:10.1080/21624887.2018.1441623. Retrieved13 October 2025.
  32. ^Soldatov, Andrei; Borogan, Irina (2015).The Red Web: The Struggle Between Russias Digital Dictators and the New Online Revolutionaries. New York: PublicAffairs.ISBN 9781610395731. Retrieved13 October 2025.
  33. ^Darczewska, Jolanta (May 2014).The Anatomy of Russian Information Warfare: The Crimean Operation, a Case Study (Report). Point of View 42/2014. Centre for Eastern Studies. Retrieved13 October 2025.
  34. ^Kofman, Michael; Rojansky, Matthew (April 2015).A Closer Look at Russias Hybrid War(PDF) (Report). Kennan Cable No. 7.Kennan Institute,Wilson Center. Retrieved13 October 2025.
  35. ^abPete Earley, "Comrade J: The Untold Secrets of Russia's Master Spy in America After the End of the Cold War", Penguin Books, 2007,ISBN 978-0-399-15439-3, pages 194-195
  36. ^Is there only one truth?Archived 14 April 2009 at theWayback Machine by Kivy Bird,Computerra, 26 November 2008
  37. ^"www.axisglobe.com". Archived fromthe original on 17 August 2016. Retrieved1 August 2016.
  38. ^Cyberspace and the changing nature of warfareArchived 3 December 2008 at theWayback Machine. Strategists must be aware that part of every political and military conflict will take place on the internet, says Kenneth Geers.
  39. ^Andrew Meier,Black Earth.W. W. Norton & Company, 2003,ISBN 0-393-05178-1, pages 15-16.
  40. ^"Social Media as a Propaganda Tool in the Russia-Ukraine Conflict".The Cairo Review of Global Affairs. 12 March 2023. Retrieved1 February 2024.
  41. ^Geissler, Dominique; Bär, Dominik; Pröllochs, Nicolas; Feuerriegel, Stefan (December 2023)."Russian propaganda on social media during the 2022 invasion of Ukraine".EPJ Data Science.12 (1) 35:1–20.arXiv:2211.04154.doi:10.1140/epjds/s13688-023-00414-5.ISSN 2193-1127.
  42. ^McGuinness, Damien (27 April 2017)."How a cyber attack transformed Estonia".BBC News.Archived from the original on 21 February 2018. Retrieved24 February 2018.
  43. ^"10 Years After the Landmark Attack on Estonia, Is the World Better Prepared for Cyber Threats?".Foreign Policy. 27 April 2017.Archived from the original on 24 February 2018. Retrieved24 February 2018.
  44. ^"Experts doubt Russian government launched DDoS attacks".SearchSecurity. 23 February 2018.Archived from the original on 24 February 2018. Retrieved24 February 2018.
  45. ^"NATO launches cyber defence centre in Estonia".Military Space News, Nuclear Weapons, Missile Defense. 14 May 2008.Archived from the original on 11 August 2014. Retrieved24 February 2018.
  46. ^"Estonia Removes Soviet-era Monument, Citing Public Order". Associated Press. 16 August 2022. Retrieved18 August 2022.
  47. ^Pascale Davies (18 August 2022)."Estonia hit by 'most extensive' cyberattack since 2007 amid tensions with Russia over Ukraine war". Retrieved18 August 2022.
  48. ^Corera, Gordon (10 October 2016)."How France's TV5 was almost destroyed".BBC News.Archived from the original on 15 March 2018. Retrieved10 March 2018.
  49. ^"'Russian hackers' behind TV attack".BBC News. 9 June 2015.Archived from the original on 30 April 2018. Retrieved10 March 2018.
  50. ^"Researchers link Macron hack to APT28 with 'moderate confidence'".Cyberscoop. 11 May 2017.Archived from the original on 16 January 2018. Retrieved10 March 2018.
  51. ^Cimpanu, Catalin."France: Russian state hackers targeted Centreon servers in years-long campaign".ZDNet.Archived from the original on 17 February 2021. Retrieved18 February 2021.
  52. ^"France uncovers cybersecurity breaches linked to Russian hackers".France 24. 16 February 2021.Archived from the original on 17 February 2021. Retrieved18 February 2021.
  53. ^"France identifies Russia-linked hackers in large cyberattack".POLITICO. 15 February 2021.Archived from the original on 17 February 2021. Retrieved18 February 2021.
  54. ^"Russia behind hack on German parliament, paper reports". Deutsche Welle.Archived from the original on 2 February 2017. Retrieved30 January 2017.
  55. ^Wehner, Markus; Lohse, Eckart (11 December 2016)."Wikileaks: Sicherheitskreise: Russland hackte geheime Bundestagsakten".Faz.net. Frankfurter Allgemeine Zeitung.Archived from the original on 5 February 2017. Retrieved30 January 2017.
  56. ^"Vor Bundestagswahl: BND warnt vor russischen Hackerangriffen".Der Spiegel. SPIEGEL ONLINE. 29 November 2016.Archived from the original on 1 February 2017. Retrieved30 January 2017.
  57. ^"Was bedeuten die neuen Cyberangriffe für die Bundestagswahl?" (in German). 1 November 2016.Archived from the original on 2 February 2017. Retrieved30 January 2017.
  58. ^"BND-Präsident warnt vor Cyberangriffen aus Russland". 29 November 2016.Archived from the original on 2 February 2017. Retrieved30 January 2017.
  59. ^King, Esther (7 February 2017)."German intelligence finds no evidence of Russian meddling".Politico.Archived from the original on 21 October 2017. Retrieved21 October 2017.
  60. ^"German authorities charge Russian hacker for 2015 Bundestag hack | ZDNet".ZDNet.Archived from the original on 29 July 2020. Retrieved28 June 2020.
  61. ^"BfV: Russia is trying to destabilise Germany". AlJazeera.Archived from the original on 30 January 2017. Retrieved30 January 2017.
  62. ^Schwirtz, Michael (21 September 2017)."German Election Mystery: Why No Russian Meddling?".The New York Times.Archived from the original on 21 October 2017. Retrieved21 October 2017.
  63. ^Vasco Cotovio (24 September 2021)."Russia accused of 'Ghostwriter' cyberattacks ahead of German election".CNN. Retrieved25 September 2021.
  64. ^Flis, Daniel (24 April 2019)."Disinformation network on Facebook supported by Polish Deputy Minister of Digitization". vsquare.org.Archived from the original on 10 July 2019. Retrieved2 June 2019.
  65. ^"UPDATE Atacul cibernetic care a vizat site-uri guvernamentale, printre care al Executivului și al Armatei, revendicat de hackeri ruși".www.digi24.ro (in Romanian). 29 April 2022. Retrieved8 May 2022.
  66. ^"Site-urile marilor aeroporturi din România nu funcționează. Hackerii ruși de la Killnet revendică atacul".www.digi24.ro (in Romanian). 2 May 2022. Retrieved8 May 2022.
  67. ^"Ce spune Marcel Ciolacu, preşedintele Camerei Deputaţilor, despre motivele invocate de hackerii Killnet: E o greşeală acolo".ZF.ro (in Romanian). Retrieved8 May 2022.
  68. ^Hart, Kim (14 August 2008)."Longtime Battle Lines Are Recast In Russia and Georgia's Cyberwar".The Washington Post.Archived from the original on 13 March 2018. Retrieved12 March 2018.
  69. ^Markoff, John (13 August 2008)."Before the Gunfire, Cyberattacks".The New York Times.Archived from the original on 30 March 2019. Retrieved12 March 2018.
  70. ^Siobhan Gorman (18 August 2009)."Hackers Stole IDs for Attacks".WSJ.Archived from the original on 10 August 2017. Retrieved3 August 2017.
  71. ^"Georgian cyber attacks launched by Russian crime gangs".The Register.Archived from the original on 10 August 2017. Retrieved10 August 2017.
  72. ^Bradbury, Danny (5 February 2009)."Danny Bradbury investigates the cyberattack on Kyrgyzstan".The Guardian.Archived from the original on 13 March 2018. Retrieved12 March 2018.
  73. ^Rhoads, Christopher (28 January 2009)."Kyrgyzstan Knocked Offline".WSJ.Archived from the original on 13 March 2018. Retrieved12 March 2018.
  74. ^ab"Inside Olympic Destroyer, the Most Deceptive Hack in History".Wired.ISSN 1059-1028.Archived from the original on 18 September 2020. Retrieved26 August 2020.
  75. ^The Christian Science Monitor (12 March 2014)."Russia's cyber weapons hit Ukraine: How to declare war without declaring war".The Christian Science Monitor.Archived from the original on 14 March 2014. Retrieved14 March 2014.
  76. ^Mazanec, Brain M. (2015).The Evolution of Cyber War. USA: University of Nebraska Press. pp. 221–222.ISBN 9781612347639.
  77. ^Ukraine's military denies Russian hack attackArchived 7 January 2017 at theWayback Machine,Yahoo! News (6 January 2017)
  78. ^"Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units". CrowdStrike. 22 December 2016.Archived from the original on 1 January 2017. Retrieved2 January 2017.
  79. ^Defense ministry denies reports of alleged artillery losses because of Russian hackers' break into softwareArchived 7 January 2017 at theWayback Machine,Interfax-Ukraine (6 January 2017)
  80. ^"Malware Found Inside Downed Ukrainian Grid Management Points to Cyberattack".Motherboard. 4 January 2016.Archived from the original on 7 January 2016. Retrieved6 January 2016.
  81. ^"SANS Industrial Control Systems Security Blog - Potential Sample of Malware from the Ukrainian Cyber Attack Uncovered - SANS Institute".Archived from the original on 31 July 2016. Retrieved1 August 2016.
  82. ^"First known hacker-caused power outage signals troubling escalation".Ars Technica. 2016.Archived from the original on 16 June 2017. Retrieved14 June 2017.
  83. ^"Ukraine power grid attacks continue but BlackEnergy malware ruled out".Archived from the original on 6 January 2016. Retrieved6 January 2016.
  84. ^"BlackEnergy malware activity spiked in runup to Ukraine power grid takedown". The Register.Archived from the original on 27 December 2016. Retrieved26 December 2016.
  85. ^"Ukraine's power outage was a cyber attack: Ukrenergo".Reuters. 18 January 2017.Archived from the original on 26 February 2021. Retrieved25 February 2021.
  86. ^"Ukraine reports cyber-attack on government document management system".ZDNet.Archived from the original on 25 February 2021. Retrieved25 February 2021.
  87. ^"Ukraine says Russia hacked its document portal and planted malicious files". 24 February 2021.Archived from the original on 25 February 2021. Retrieved25 February 2021.
  88. ^Harding, Luke."Ukraine hit by 'massive' cyber-attack on government websites".The Guardian. Retrieved14 January 2022.
  89. ^Lauren Feiner (23 February 2022)."Cyberattack hits Ukrainian banks and government websites". CBNC. Archived fromthe original on 23 February 2022. Retrieved23 February 2022.
  90. ^Watkins, Ali (14 August 2017)."Obama team was warned in 2014 about Russian interference".Politico.Archived from the original on 6 October 2020. Retrieved16 August 2017.
  91. ^Kramer, Andrew E.; Higgins, Andrew (16 August 2017)."In Ukraine, a Malware Expert Who Could Blow the Whistle on Russian Hacking".The New York Times.Archived from the original on 25 October 2020. Retrieved16 August 2017.
  92. ^S Rosenberg, 'EU referendum: What does Russia gain from Brexit?' (26 June 2016)BBC NewsArchived 24 June 2018 at theWayback Machine
  93. ^Highly probable' that Russia interfered in Brexit referendum, Labour MP says' (13 December 2016)IndependentArchived 13 December 2016 at theWayback Machine
  94. ^J Kanter and A Bienkov, 'Labour MPs think the government is hiding info about Russia interfering with Brexit' (23 February 2016)Business Insider
  95. ^Syal, Rajeev (12 April 2017)."Brexit: foreign states may have interfered in vote, report says".The Guardian.Archived from the original on 1 October 2017. Retrieved21 October 2017.
  96. ^Teffer, Peter (12 April 2017)."MPs and media create Brexit hacking scare".EUobserver.Archived from the original on 21 October 2017. Retrieved21 October 2017.
  97. ^'Nigel Farage is 'person of interest' in FBI investigation into Trump and RussiaArchived 2 June 2017 at theWayback Machine' (2 June 2017) Guardian
  98. ^'MPs order Facebook to hand over evidence of Russian election meddling' (24 October 2017)TelegraphArchived 16 December 2017 at theWayback Machine
  99. ^"UK and allies expose Russian intelligence services for cyber campaign of attempted political interference".www.ncsc.gov.uk. Retrieved7 December 2023.
  100. ^Kaplan, Fred (20 March 2016)."How the United States Learned to Cyber Sleuth: The Untold Story".POLITICO Magazine. Retrieved16 August 2022.
  101. ^"New Evidence Links a 20-Year-Old Hack on the US Government to a Modern Attack Group".Vice.com. 4 April 2017. Retrieved16 August 2022.
  102. ^Loeb, Vernon (7 May 2001)."NSA Adviser Says Cyber-Assaults On Pentagon Persist With Few Clues".Washington Post.ISSN 0190-8286. Retrieved16 August 2022.
  103. ^III, William J. Lynn (16 October 2020)."Defending a New Domain".ISSN 0015-7120. Retrieved16 August 2022.
  104. ^Evan Perez;Shimon Prokupecz (8 April 2015)."How the U.S. thinks Russians hacked the White House".CNN.Archived from the original on 19 May 2019. Retrieved17 December 2016.Russian hackers behind the damaging cyber intrusion of the State Department in recent months used that perch to penetrate sensitive parts of the White House computer system, according to U.S. officials briefed on the investigation.
  105. ^Evan Perez and Shimon Prokupecz (10 March 2015)."Sources: State Dept Hack the 'worst ever'".CNN.Archived from the original on 1 February 2017. Retrieved5 February 2017.
  106. ^Ignatius, David (18 January 2017)."Russia's radical new strategy for information warfare". The Washington Post.Archived from the original on 23 March 2017. Retrieved22 March 2017.
  107. ^Thielman, Sam; Ackerman, Spencer (29 July 2016)."Cozy Bear and Fancy Bear: did Russians hack Democratic party and if so, why?".The Guardian.Archived from the original on 15 December 2016. Retrieved12 December 2016.
  108. ^Ackerman, Spencer; Thielman, Sam (8 October 2016)."US officially accuses Russia of hacking DNC and interfering with election".Archived from the original on 7 October 2016. Retrieved12 December 2016.
  109. ^Corera, Gordon (22 December 2016)."Can US election hack be traced to Russia?".BBC.Archived from the original on 22 December 2016. Retrieved23 December 2016.
  110. ^Gallagher, Sean (12 December 2016)."Did the Russians "hack" the election? A look at the established facts".arstechnica.Archived from the original on 1 January 2017. Retrieved23 December 2016.
  111. ^Savage, David (18 December 2016)."'How much and what damage?' Senators call for a special committee to investigate Russian hacking".Los Angeles Times.Archived from the original on 19 December 2016. Retrieved20 December 2016.
  112. ^Nakashima, Ellen (22 December 2016)."Cybersecurity firm finds evidence that Russian military unit was behind DNC hack".The Washington Post.Archived from the original on 9 September 2017. Retrieved22 December 2016.
  113. ^"Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors | CISA".us-cert.cisa.gov. 16 March 2018.Archived from the original on 21 October 2020. Retrieved23 October 2020.
  114. ^Dlouhy, Jennifer; Riley, Michael (15 March 2018)."Russian Hackers Attacking U.S. Power Grid and Aviation, FBI Warns".Bloomberg.Archived from the original on 23 July 2018. Retrieved23 July 2018.
  115. ^ab"How Not To Prevent a Cyberwar With Russia".Wired. 18 June 2019.Archived from the original on 23 June 2019. Retrieved4 January 2021.
  116. ^Bertrand, Natasha (17 December 2020)."Nuclear weapons agency breached amid massive cyber onslaught".POLITICO.Archived from the original on 17 December 2020. Retrieved18 December 2020.
  117. ^Nakashima, Ellen (13 December 2020)."Russian government spies are behind a broad hacking campaign that has breached U.S. agencies and a top cyber firm".The Washington Post.Archived from the original on 13 December 2020. Retrieved13 December 2020.
  118. ^"Hackers Tied to Russia's GRU Targeted the US Grid for Years".Wired.ISSN 1059-1028.Archived from the original on 2 March 2021. Retrieved2 March 2021.
  119. ^Palmer, Danny."These four new hacking groups are targeting critical infrastructure, warns security company".ZDNet.Archived from the original on 2 March 2021. Retrieved2 March 2021.
  120. ^"Colonial Pipeline hack explained: Everything you need to know". Retrieved16 August 2022.
  121. ^"FBI Statement on Compromise of Colonial Pipeline Networks".Federal Bureau of Investigation. Retrieved16 August 2022.
  122. ^Gonzalez, Gloria; Lefebvre, Ben; Geller, Eric (8 May 2021)."'Jugular' of the U.S. fuel pipeline system shuts down after cyberattack".Politico.Archived from the original on 9 May 2021.The infiltration of a major fuel pipeline is "the most significant, successful attack on energy infrastructure we know of".
  123. ^"Recovery of Colonial Pipeline ransom funds highlights traceability of cryptocurrency, experts say".Thomson Reuters Institute. 23 June 2021. Retrieved16 August 2022.
  124. ^ab"Лондон и Вашингтон обвинили Москву в попытках кибервмешательства в британскую политику: В четверг, 7 декабря, Великобритания и США заявили, что раскрыли попытки российского кибервмешательства в британскую политику, в частности, во время выборов 2019 года. В Лондоне вызвали посла России в министерство иностранных дел, а министерство юстиции США предъявило обвинения двум гражданам РФ, один из которых работает на ФСБ" [London and Washington accuse Moscow of trying to cyber interfere in British politics: On Thursday, December 7, the UK and the US said they had uncovered attempts by Russian cyber interference in British politics, in particular during the 2019 elections. In London, the Russian ambassador was summoned to the Ministry of Foreign Affairs, and the US Department of Justice brought charges against two citizens of the Russian Federation, one of whom works for the FSB].Radio France Internationale (rfi.fr) (in Russian). 8 December 2023. Archived fromthe original on 9 October 2024. Retrieved9 October 2024.
  125. ^abPearson, James; Bing, Christopher (6 January 2023)."Exclusive: Russian hackers targeted U.S. nuclear scientists".Reuters. Archived fromthe original on 6 January 2023. Retrieved9 October 2024.
  126. ^abPearson, James; Bing, Christopher; Satter, Raphael (7 December 2023)."Britain, US sanction Russian hackers over years-long FSB cyberespionage campaign".Reuters. Archived fromthe original on 7 December 2023. Retrieved9 October 2024.
  127. ^ab"Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns"(PDF).National Cyber Security Centre. 7 December 2023. Archived fromthe original(PDF) on 9 October 2024. Retrieved9 October 2024.
  128. ^Dilanian, Ken (7 December 2023)."2 Russian intel officers charged with hacking into U.S. and British government agencies: The suspects are accused of trying to influence British politics, including an election in 2019".NBC News. Archived fromthe original on 8 October 2024. Retrieved9 October 2024.
  129. ^"Великобритания ввела санкции в отношении двух россиян из-за кибератак: Посла РФ вызвали в британский МИД из-за «российского вмешательства»" [UK imposes sanctions on two Russians over cyber attacks: Russian Ambassador Summoned to UK Foreign Office Over 'Russian Interference'].«Коммерсантъ» (in Russian). 7 December 2023. Archived fromthe original on 9 October 2024. Retrieved9 October 2024.
  130. ^"США ввели санкции против двух россиян за связь с хакерской группой Callisto" [US imposes sanctions on two Russians for links to Callisto hacker group].«Коммерсантъ» (in Russian). 8 December 2023. Archived fromthe original on 9 October 2024. Retrieved9 October 2024.
  131. ^abc"Russian Hacktivists Sanctioned for Attacks on US Critical Infrastructure".www.darkreading.com. Retrieved24 July 2024.
  132. ^Kan, Michael (3 October 2024)."Microsoft, US Seize Domains Used by Russian State-Sponsored Hackers: Russians used 'seemingly legitimate email accounts to trick victims into revealing account credentials,' the DOJ says. Targets included Defense and State Department officials".PCMag (pcmag.com). Archived fromthe original on 8 October 2024. Retrieved9 October 2024.
  133. ^"Justice Department's court affidavit to seize property"(PDF).United States Department of Justice. 16 September 2024. Archived fromthe original(PDF) on 4 October 2024. Retrieved9 October 2024.
  134. ^KLEPPER, DAVID (3 October 2024)."The US and Microsoft disrupt a Russian hacking group targeting American officials and nonprofits".Associated Press. Archived fromthe original on 9 October 2024. Retrieved9 October 2024.
  135. ^Sganga, Nicole (3 October 2024)."U.S. and Microsoft seize dozens of domains tied to Russian hacking group".CBS News. Archived fromthe original on 9 October 2024. Retrieved9 October 2024.
  136. ^Lyngaas, Sean (3 October 2024)."Justice Department and Microsoft disrupt Russian hacking operations aimed at US officials and civil society".CNN. Archived fromthe original on 9 October 2024. Retrieved9 October 2024.
  137. ^Manson, Katrina (3 October 2024)."US Takes Down Websites Used by Hackers Linked to Russian Intelligence Agents".Bloomberg News. Archived fromthe original on 3 October 2024. Retrieved9 October 2024.
  138. ^abБовсуновская, Карина (Bovsunovskaya, Karina) (4 October 2024)."Российские хакеры пытались атаковать правительственные учреждения США" [Russian hackers tried to attack US government agencies].УНІАН (unian.net) (in Russian). Archived fromthe original on 9 October 2024. Retrieved9 October 2024.{{cite news}}: CS1 maint: multiple names: authors list (link)
  139. ^Ljunggren, David; Sanders, Chris (3 October 2024)."US says it disrupted Russian efforts to hack government agencies".Reuters. Archived fromthe original on 9 October 2024. Retrieved9 October 2024.
  140. ^Eilperen, Juliet &, Entous, Adam (30 December 2016)."Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say".The Washington Post.Archived from the original on 5 January 2017. Retrieved31 December 2016.{{cite news}}: CS1 maint: multiple names: authors list (link)
  141. ^Eilperin, Juliet; Entous, Adam (31 December 2016)."Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say".The Washington Post.Archived from the original on 7 January 2018. Retrieved16 January 2018.
  142. ^"Runrunes es víctima de ataques cibernéticos tras reportaje sobre las FAES" (in Spanish). Tal Cual. 27 May 2019.Archived from the original on 27 May 2019. Retrieved27 May 2019.

Further reading

[edit]
Events
Timelines
Post-election
events
Mueller special counsel investigation
Other United States elections
Related
Cyberwarfare by country
Core content
Mechanisms
Psychological
Computational
Economic
Media and Politics
Tactics
Related terms
Targets and campaigns
International Politics
Politics by country
Antisemitism
Environmental science
Medicine and Public health
Journalism and journalists
Countering disinformation
Fact-checking and research
Fact-checking
Research
WikiProjects
Retrieved from "https://en.wikipedia.org/w/index.php?title=Cyberwarfare_by_Russia&oldid=1332831921"
Categories:
Hidden categories:
[8]ページ先頭
©2009-2026 Movatter.jp