The FINANCIAL — The US, UK, and Georgia accused the Russian military Thursday of being behind a major 2019 cyber attack on Georgia that disrupted “several thousand Georgian government and privately-run websites and interrupted the broadcast of at least two major television stations.”
“On October 28, 2019, the Russian General Staff Main Intelligence Directorate (GRU) Main Center for Special Technologies (GTsST, also known as Unit 74455 and Sandworm) carried out a widespread disruptive cyber attack against the country of Georgia,” Secretary of State Mike Pompeo said in a statement.
“A large scale cyber-attack was launched against the websites, servers and other operating systems of the Administration of the President of Georgia, the courts, various municipal assemblies, state bodies, private sector organisations and media outlets. As a result of the cyber-attack, the servers and operating systems of these organisations were significantly damaged, severely affecting their functionality”, Ministry of Foreign Affairs of Georgia said in official statement..
The cyber-attack was targeted at Georgia’s national security and was intended to harm Georgian citizens and government structures by disrupting and paralysing the functionality of various organisations, thereby causing anxiety among the general public, ministry said.
The investigation conducted by the Georgian authorities, together with information gathered through cooperation with partners, concluded that this cyber-attack was planned and carried out by the Main Division of the General Staff of the Armed Forces of the Russian Federation, MFA of Georgia stated.
“Russia did not plan and is not planning to interfere in Georgia’s internal affairs in any way,” RIA cited Deputy Foreign Minister Andrei Rudenko as saying.
Russia was blamed for massive cyber attack on Georgian infrastructure during 2008 brief war.
In August 2008 following websites were attacked: The websites of the President of Georgia, Government of Georgia, Ministry of Foreign Affairs of Georgia and the Parliament of Georgia as well as informational portals (apsny.ge, news.ge) and non-Georgian yet Georgia-friendly media websites and forums came under attack on August 8.
TBC Bank, which was the largest commercial bank in Georgia at that time, was attacked on August 9.
A new wave of cyber-attacks took place against the Parliament of Georgia and the President of Georgia on August 10.
Most of the governmental websites, excluding that of the President, were not functional on August 11. A defacement attack was undertaken on the President’s website on the same day, placing fascist symbols on it, as well as photos equating President Saakashvili with Hitler.
Current attack had the same signature. Hackers had placed photo of former President Saakashvili on broken websites.
At the end of 2019 Facebook blocked more than 300 pages associated with Russian backed groups discrediting western countries and governments.
“Today, we removed 39 Facebook accounts, 344 Pages, 13 Groups and 22 Instagram accounts as part of a domestic-focused network that originated in the country of Georgia,” Nathaniel Gleicher, Head of Security Policy of Facebook said on December 20..
“These Pages posed as news organizations and impersonated political parties, public figures, activist groups and media entities. The Page admins and account owners typically posted about domestic news and political issues such as elections, government policies, public officials, criticism of the opposition and local activist organizations,” Gleicher noted.
According to CNA, a not-for-profit research organization providing consultation to the giovernment leaders worldwide, Russia views cyber very differently than its western counterparts, from the way Russian theorists define cyberwarfare to how the Kremlin employs its cyber capabilities. The paper examines the Russian approach to cyber warfare, addressing both its theoretical and its practical underpinnings.