Sandworm: Who Controls the Bytes Controls the Universe
Sandworm: Who Controls the Bytes Controls the Universe
The Justice Department charged six hackers from Russia's GRU Unit 74455
On Monday, the US Justice Department charged six Russian military officers with seven counts each including conspiracy to commit computer fraud and abuse as well as wire fraud. The Russians were members of Unit 74455, the GRU’s Main Center for Special Technologies, best known for its role in releasing emails stolen from the Democratic National Committee by its sister GRU organization, Unit 26165.
One of the Russians charged was already wanted by the FBI for breaching state election systems during the 2016 election.
The hacking group, often called “Sandworm” due to Dune references embedded hidden within its campaign code, is thought to have been active since at least 2009, according to the cybersecurity firm iSight.
According to the indictment, Sandworm’s rap sheet ranges from spear-phishing attacks on French politicians during the 2017 elections and cyber attacks on critical infrastructure in Ukraine to a disruption of service during the 2018 Winter Olympics (which banned Russia from participating) and even a cyber attack on a chemical weapons watchdog investigating the poisoning of GRU defector Sergei Skripal.
Hours later, the UK followed suit, accusing Sandworm of cyber reconnaissance against officials and organizations involved in the now-postponed 2020 Olympics in Tokyo.
Sandworm is widely considered the world’s most destructive hacking organization, having caused over $10 billion in damage worldwide through a piece of malware known as NotPetya, which was built in no small part based on an exploit first discovered by the US National Security Agency, then stolen by Russian-linked hackers. Although initially aimed at Ukraine, the powerful malware spread rapidly. Within hours, it had infected everything from hospitals in Pennsylvania to a chocolate factory in Tasmania.
Andy Greenberg, a senior reporter for Wired Magazine who first deduced the identity of Sandworm in his recent book, Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers, said of the group in an interview, “[Sandworm is] doing destructive attacks on a massive scale. But they also just seem like they’re kind of making it up as they go along…Sometimes it just seems like the GRU wakes up and asks themselves, ‘What can we blow up today?’”
What am I drinking?
Not much of anything for the next three weeks. I’ll be at Fort Knox. Taking orders now for bars of gold.
Doesn’t it just make you wonder, due to the Frank Herbert references, if we should create a group here to counteract their attacks called Mua’dib? Or House Etreides?