U.S. Justice Department Takes Down GRU-Controlled Hacking Network
The U.S. Justice Department announced a significant cyber operation against a hacking network operated by Russian intelligence, marking a notable effort in the ongoing cyber conflict between the United States, its allies, and Russia.
On Thursday, U.S. Attorney General Merrick Garland revealed that the department has been intensifying actions to thwart the cyber campaigns orchestrated by the Russian government, particularly those targeting the United States and its allies, including Ukraine. “The Justice Department is accelerating our efforts to disrupt the Russian government’s cyber campaigns against the United States and our allies, including Ukraine,” Garland stated.
This operation, executed with the authorization of a court order, saw the FBI successfully neutralizing a “global cyber espionage platform” in January, engineered by Russia’s Main Intelligence Directorate, or GRU. The dismantling of this network is part of a broader strategy to counter Russian cyber threats, especially in the wake of Russia’s unprovoked invasion of Ukraine.
Assistant Attorney General Matthew Olsen highlighted the significance of this action, stating, “Notably, this represents the third time since Russia’s unjustified invasion of Ukraine that the department has stripped the Russian intelligence services of a key tool used to further the Kremlin’s acts of aggression.”
The network, known technically as a botnet, infiltrated and infected computer routers worldwide with malware, setting the stage for potential subsequent cyberattacks. Botnets are often utilized by hackers to mask their activities and amplify the impact of their malicious operations.
To disrupt the botnet, the FBI deployed specific pieces of computer code to the compromised routers, effectively modifying their firewalls to prevent any further unauthorized access. However, officials cautioned that this measure is only a temporary fix and urged router owners, particularly those in small or home offices where the routers are predominantly used, to update their software to permanently resolve the vulnerability.
Garland further noted that, in this instance, Russian intelligence services had enlisted criminal groups to develop the botnet program, underscoring the blurred lines between state-sponsored and criminal cyber activities.
This operation underscores the U.S. government’s commitment to defending its digital frontiers against foreign intelligence threats and serves as a warning to adversaries about the capability and resolve of U.S. cyber defense strategies.