An exclusive report by the Wall Street Journal reveals that Google researchers have significant evidence that pro-Russian hackers and online activists are working with Russia’s military intelligence agency.
Mandiant researchers, now a part of Google, has observed apparent coordination between pro-Russian hacking groups and Russia’s military intelligence agency, also known as GRU. Mandiant was able to confirm four instances where GRU deployed “wiper” malware on a victim’s network.
Once the targeted networks are attacked with the wiper malware, pro-Russian hacktivists penetrate the network for data exfiltration. The data is then later published online.
For months, there has been a growing fear that Russia’s cyber hacking teams would potentially breach and knock Ukrainian critical infrastructure offline. So far, that has failed to materialize.
According to Mandiant, three pro-Russian hacktivist groups have been identified: XakNet Team, Infoccentr, and CyberArmyofRussia_Reborn.
Russia has predictably denied any involvement in any of the hacking.
John Holtquist, Vice President of Intelligence Analysis at Mandiant, stresses that these hacker groups combined with Russia’s GRU must be taken seriously. “They are capable of turning out the lights.”
The pro-Russian hacktivist groups aren’t just targeting Ukraine, either.
XakNet and Killnet were identified last year by the Department of Homeland Security as two groups targeting US critical infrastructure.
For complete coverage of this story, check out the Wall Street Journal.
