The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019.
In October 2019, a wave of cyber attacks hit 2,000 websites in Georgia, including the sites of the president, courts, and local media.
“The UK, Georgia and international partners have exposed the GRU’s – Russia’s military intelligence service – responsibility for a number of significant cyber-attacks against Georgia last year.” reads a press release published by Foreign & Commonwealth Office, National Cyber Security Centre, and The Rt Hon Dominic Raab MP.
“The National Cyber Security Centre (NCSC) assesses with the highest level of probability that on 28 October 2019 the GRU carried out large-scale, disruptive cyber-attacks. These were against a range of Georgian web hosting providers and resulted in websites being defaced, including sites belonging to the Georgian Government, courts, non-government
According to the statement, the cyber-attacks are part of Russia’s long-running campaign aimed at
The group operated under the control of the GRU’s Main Centre of Special Technologies (aka ‘GTsST’ or field post number 74455).
The APT28 group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.
According to a report published by Symantec in October 2018, the group was actively conducting cyber espionage campaigns against government and military organizations in Europe and South America.
Starting in 2017 and continuing into 2018, the APT28 group returned to covert intelligence gathering operations in Europe and South America.
The UK intelligence confirmed that the attacks also caused the interruption of the transmissions of Georgian TV stations.
“The GRU’s reckless and brazen campaign of cyber-attacks against Georgia, a sovereign and independent nation, is totally unacceptable. The Russian government has a clear choice: continue this aggressive pattern of
“The UK will continue to expose those who conduct reckless cyber-attacks and work with our allies to counter the GRU’s menacing
The GRU unit involved in the attack was also considered responsible for the following cyber attacks:
The UK Government
“This action contradicts Russia’s attempts to claim it is a responsible actor in cyberspace and demonstrates a continuing pattern of reckless Russian GRU cyber operations against a number of countries. These operations aim to sow division, create insecurity, and undermine democratic institutions.” foreign secretary Michael Pompeo said.