Tbilisi And Washington Blame Russia For October Cyberattack On Georgian Websites
By RFE/RL's Georgian Service February 20, 2020
Georgia and the United States have blamed Russia for a massive coordinated cyberattack that took thousands of Georgian websites offline in October.
Foreign Ministry spokesman Vladimer Konstantinidi told a news conference in Tbilisi on February 20 that the cyberattack was planned and carried out by Russia.
"The investigation conducted by the Georgian authorities, together with information gathered through cooperation with partners, concluded that this cyberattack was planned and carried out by the main division of the General Staff of the Armed Forces of the Russian Federation," Konstantinidi said.
Separately, U.S. Secretary of State Mike Pompeo said in a statement that the attack was carried out by a unit of Russia's GRU military intelligence agency known as Unit 74455 and Sandworm.
Sandworm is known as a single group of hackers within the GRU and security experts have linked it to such cyberbreaches as stealing 9 gigabytes of emails from the French presidential campaign of Emmanuel Macron, a similar campaign against the Democratic National Committee in the United States, as well as the malware that hit Ukraine's power grid in 2015 and spread globally.
"The United States calls on Russia to cease this behavior in Georgia and elsewhere," Pompeo said, adding that Washington would provide assistance to Georgia to help improve the country's ability to fend off such attacks.
"We also pledge our support to Georgia and its people in enhancing their cybersecurity and countering malicious cyber actors," Pompeo added.
Russia denied involvement in penetrating Georgian government websites.
"Russia did not plan and is not planning to interfere in Georgia's internal affairs in any way," Russian Deputy Foreign Minister Andrei Rudenko told Russian news agencies.
The Russian Defense Ministry did not immediately comment.
More than 2,000 state, private, and media websites as well as two private television stations -- Imedi and Maestro -- were knocked out on October 28.
The targeted websites included those of the president's office and local municipality offices.
In many cases, website home pages were replaced with an image of former President Mikheil Saakashvili, and the caption "I'll be back."
With reporting by Reuters
Copyright (c) 2020. RFE/RL, Inc. Reprinted with the permission of Radio Free Europe/Radio Liberty, 1201 Connecticut Ave., N.W. Washington DC 20036.
|Join the GlobalSecurity.org mailing list|