skip to Main Content

Cyber Warfare, UK: Russia is responsible for the cyber attacks against Georgia

Cyber Warfare, UK: Russia Is Responsible For The Cyber Attacks Against Georgia

UK, Georgia and international partners have exposed the GRU’s – Russia’s military intelligence service – responsibility for a number of significant cyber-attacks against Georgia last year

The UK, Georgia and international partners have exposed the GRU’s – Russia’s military intelligence service – responsibility for a number of significant cyber-attacks against Georgia last year. It has been announced officially by United Kingdom government in a statement. The National Cyber Security Centre (NCSC) assesses with the highest level of probability that on 28 October 2019 the GRU carried out large-scale, disruptive cyber-attacks. These were against a range of Georgian web hosting providers and resulted in websites being defaced, including sites belonging to the Georgian Government, courts, non-government organisations (NGOs), media and businesses, and also interrupted the service of several national broadcasters. These cyber-attacks are part of Russia’s long-running campaign of hostile and destabilising activity against Georgia. 

The GRU conducted these cyber-attacks in an attempt to undermine Georgia’s sovereignty, to sow discord and disrupt the lives of ordinary people

According to the statement, the UK is clear that the GRU conducted these cyber-attacks in an attempt to undermine Georgia’s sovereignty, to sow discord and disrupt the lives of ordinary Georgian people. The UK remains unwavering in its support for Georgia’s sovereignty and territorial integrity. “The GRU’s reckless and brazen campaign of cyber-attacks against Georgia, a sovereign and independent nation, is totally unacceptable.” The Foreign Secretary Dominic Raab said. “The Russian government has a clear choice: continue this aggressive pattern of behaviour against other countries, or become a responsible partner which respects international law. The UK will continue to expose those who conduct reckless cyber-attacks and work with our allies to counter the GRU’s menacing behaviour”.

The UK’s National Cyber Security Centre (NCSC). The cyber programme responsible for these disruptions is known in open source variously as the Sandworm team, BlackEnergy Group, Telebots, and VoodooBear. It is operated by the GRU’s Main Centre of Special Technologies, often referred to by the abbreviation “GTsST” or its field post number 74455

The UK’s National Cyber Security Centre (NCSC) assess that the GRU was almost certainly (95% +) responsible for defacing websites, cyber-attacks and interruption to TV channels in Georgia in October 2019. Given the NCSC’s assessment and the broader context, the UK government has made the judgement that the GRU was responsible. The cyber programme responsible for these disruptions is known in open source variously as the Sandworm team, BlackEnergy Group, Telebots, and VoodooBear. It is operated by the GRU’s Main Centre of Special Technologies, often referred to by the abbreviation “GTsST” or its field post number 74455. This is the first significant example of the GRU using cyber-attacks to disrupt or destroy since late 2017. 

Back To Top