More from
Bloomberg
Technology
Photographer: Andrey Rudakov/Bloomberg
technology

Crime and Coverup: Russia Accused of Hacking Those Probing It

Crime and Coverup: Russia Accused of Hacking Those Probing It

  • U.S., Dutch accuse GRU agents of trying to disrupt inquiries
  • Seized laptop shows alleged agent looking into downing of MH17
Photographer: Andrey Rudakov/Bloomberg

Poisoning an ex-spy. Sports cheating. Downing a passenger jet over Ukraine with nearly 300 people aboard.

After fingering Russia for those acts in recent years, international officials just added another accusation: Russian agents tried to use hacking to disrupt and discredit investigations into those alleged misdeeds.

Seven Russian nationals

Source: FBI

U.S., U.K. and Dutch authorities on Thursday accused officers from Russia’s GRU military intelligence agency of attempting to breach organizations that were looking into allegations of Russian wrongdoing, including several anti-doping agencies and a United Nations chemical weapons body. Some of the Russians’ most strenuous efforts, according to the authorities, focused on British officials and others who have concluded that Russia was behind the poisoning of a former Soviet double agent in the U.K.

“This was the GRU trying to clean up Russia’s own mess,” the U.K.’s ambassador to the Netherlands, Peter Wilson, told a briefing in The Hague on Thursday.

Read More: Spy Bust Exposes Methods of Putin’s GRU Military Hackers
Read More: Russians Hacked to Disrupt Doping, Poison Probes, U.S. Says

The accused Russians aren’t all anonymous intelligence operatives. Three of the seven indicted in the U.S. have already been charged there: Ivan Yermakov, Dmitriy Badin and Artem Malyshev were accused in July of conspiring to steal and distribute Democratic officials’ emails before the 2016 U.S. elections.

The latest indictments, filed in Western Pennsylvania, didn’t have anything to do with election meddling, U.S. authorities said. But judging by the recurring names, international intelligence services have been keeping a close eye on certain Russian operatives. Thursday’s unmasking is an embarrassment to Russia, as is the fact that Dutch authorities who intercepted some of the officers in front of a UN building -- preparing to intercept WiFi signals, they said -- managed to confiscate a laptop that provided further insight into the Russians’ activities.

The men were caught “in flagrante,” according to British government officials, who said the U.K. had played a supporting role in the operation. “For the GRU to get caught in this way would be considered a pretty bad day,” one official said, asking not to be identified because the matter is sensitive.

‘Truly Transnational’

The international cooperation that led to Thursday’s announcements speaks to the “truly transnational” threat of Russian intelligence operations that jeopardize governments and businesses in countries across the world, said David Laufman, a former Justice Department official who oversaw criminal investigations of cyberattacks by nation states.

The U.S. indictments, he said, show both the “aggressiveness of Russian intelligence agencies to engage in cyber warfare in support of malign influence operations” as well as the prowess of U.S. law enforcement in determining who’s behind them.

Another former Justice Department lawyer, Adam Lurie, credited the FBI and the Justice Department with bringing the case at a time when they’ve been under political attack in the U.S. As for Russia, he said, “I would be surprised if they don’t take it as a message.”

Prosecutors in the U.S. accused the Russian GRU officers of fraud, identity theft and a conspiracy to launder money as they hacked into organizations that had publicly exposed state-sponsored doping by Russian athletes.

Read More: U.S. indictment of seven Russian nationals

Four of those Russians were also accused by Dutch authorities of trying to hack into the Organization for the Prohibition of Chemical Weapons, the UN body investigating the U.K. nerve-agent attack on the ex-spy, Sergei Skripal, as well Syria’s use of chemical weapons on its people. Dutch intelligence officers caught the men next to the OPCW’s Hague headquarters, with specialized interception gear hidden in the trunk of their car, in early April.

The Russians, who were traveling on diplomatic passports, were expelled from the Netherlands.

Dutch authorities recovered a backpack belonging to one of the Russians, which contained equipment to intercept WiFi signals. His equipment also contained an image placing him at the 2016 Summer Olympics in Rio, prosecutors said.

Dutch agents who examined the laptop found he’d used public WiFi services in Kuala Lumpur, Malaysia and Lausanne in Switzerland prior to the operation in The Hague. His internet search history showed he’d looked up the OPCW, while reconnaissance photos of the headquarters were found on the camera of another of the men.

Downed Flight

The laptop also showed that the alleged agent, Evgenii Serebriakov, had done Google searches related to Malaysia Airlines Flight 17. A joint investigation team in May said a BUK missile belonging to the Russian army was responsible for downing the jet over Ukraine in 2014, killing 298 people.

“One of the Russian intelligence officers involved in this operation in the Netherlands was also actively involved in a GRU operation focusing on Malaysia’s investigation of the crash of Malaysia Airlines flight MH17,” Dutch Defense Minister Ank Bijleveld said at a briefing in The Hague.

Russia’s embassy to the Netherlands dismissed the allegations as “disinformation,” according to the state-run Tass news agency.

“The Russians got caught with their equipment with people who were doing it and they have got to pay the piper,” U.S. Defense Secretary James Mattis told reporters at a NATO summit in Brussels. “They’re going to have to be held to account.”

— With assistance by Greg Farrell