Seven officers in the military intelligence agency of the Russian Federation Armed Forces have been indicted by a grand jury in the Western District of Pennsylvania for alleged cyber-intrusions of nuclear power company Westinghouse Electric Co.’s computer networks—and those of other U.S. corporations and international organizations and their employees— based on their “strategic interest” to the Russian government, the U.S. Department of Justice said Thursday.
The defendants are accused of computer hacking, wire fraud, identity theft and money laundering, among other felony charges. They are also accused of using social media in disinformation campaigns directed against anti-doping groups and athletes.
In a news release, the Justice Department said that starting in about December 2014 and continuing until at least May 2018, a group of officers in the Russian Main Intelligence Directorate of the General Staff (GRU), headquartered in Moscow, conducted repeated cyber-intrusions against individuals and organizations mainly as part of an “influence and disinformation campaign” intended to discredit the international anti-doping organizations and officials who exposed a Russian state-sponsored doping program before the Sochi Winter Olympics in 2014, according to the indictment.
In a statement, U.S. Attorney General Jeff Sessions said: “Today we are indicting seven GRU officers for multiple felonies each, including the use of hacking to spread the personal information of hundreds of anti-doping officials and athletes as part of an effort to distract from Russia’s state-sponsored doping program. The defendants in this case allegedly targeted multiple Americans and American entities for hacking, from our national anti-doping agency to the Westinghouse Electric Company near Pittsburgh. We are determined to achieve justice in these cases and we will continue to protect the American people from hackers and disinformation.”
Intrusions were directed against targets in Switzerland, the Netherlands, Rio de Janeiro and the United States, including a Swiss lab analyzing chemical agents for the Organisation for the Prohibition of Chemical Weapons, the indictment alleges.
In addition, the DOJ also alleges as part of the indictment that as early as November 2014 at least one conspirator tried to gain access to Westinghouse’s computer networks and personnel by creating a fake company domain and sending spear-phishing emails designed to capture the employees’ log-in credentials to their work and personal email accounts. The hack allegedly was aimed at gathering information from workers in nuclear power development. Westinghouse supplies nuclear fuel in Ukraine.
Westinghouse issued a statement saying it has found no evidence that the phishing campaigns against employees to breach Westinghouse’s systems were successful.
“The safety and security of our systems and information is a top priority and we maintain robust processes and procedures to protect against cybersecurity threats. We are cooperating with the Department of Justice regarding this matter, but are unable to comment regarding the specifics of the case as it is an ongoing investigation.”
According to an Associated Press report published Thursday night, Russian Deputy Foreign Minister Sergei Ryabkov said in a statement that the allegations were unfounded and that the United States is taking a “dangerous path” by “deliberately inciting tensions in relations between the nuclear powers.”
The defendants are all Russian nationals and residents, according to the Justice Department. They are: Aleksei Sergeyevich Morenets, 41; Evgenii Mikhaylovich Serebriakov, 37; Ivan Sergeyevich Yermakov, 32; Artem Andreyevich Malyshev, 30; and Dmitriy Sergeyevich Badin, 27, who were each assigned to Military Unit 26165; and Oleg Mikhaylovich Sotnikov, 46, and Alexey Valerevich Minin, 46, who were also GRU officers.
Defendants Yermakov, Malyshev and Badin were also charged in federal indictment number CR 18-215 in the District of Columbia. They are accused of conspiring to get illegal access to computers of U.S. entities and individuals in the 2016 U.S. presidential election, according to the DOJ news release.
Westinghouse also was targeted from 2006 to 2014 by hackers in China targeting U.S. nuclear and solar energy enterprises, according to a previous Department of Justice indictment in May 2014. In that instance, five Chinese military personnel were indicted by a grand jury also in the Western District of Pennsylvania on charges of hacking, economic espionage and other charges against targets that besides Westinghouse also included Alcoa aluminum, Solar World and U.S. Steel.
The Pittsburgh and Philadelphia field offices of the FBI conducted the investigation assisted by the Royal Canadian Mounted Police, who were conducting their own, independent investigation. The Criminal Division’s Office of International Affairs also provided assistance. The U.S. Attorney’s Office for the Western District of Pennsylvania is prosecuting with the National Security Division’s Counterintelligence and Export Control Section. Agencies in the Netherlands, the United Kingdom, Switzerland and other foreign authorities also participated in the probe, according to the DOJ.