Those readers who were born before the Internet Age may remember seeing the Wanted Posters of criminals on the walls of US Post Offices. There were stated cash rewards for those who provided information that led to the wanted criminal’s arrest. Yes, you actually went into a federal building and mailed a letter with a postage stamp attached. What is a postage stamp? We will cover this subject in another article. The US authorities are offering a multimillion-dollar reward for anyone with information that could identify or locate six members of a notorious Russian state hacking group responsible for NotPetya.
See: https://redskyalliance.org/xindustry/all-s-quiet-on-the-russian-cyber-front
The Department of State’s Rewards for Justice (RFJ) program has pledged up to $10m for information on six officers of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). The six officers: Yuriy Sergeyevich Andrienko, Sergey Vladimirovich Detistov, Pavel Valeryevich Frolov, Anatoliy Sergeyevich Kovalev, Artem Valeryevich Ochichenko and Petr Nikolayevich Pliskin are said to have worked for GRU Unit 74455, also known as Sandworm. “These individuals were members of the criminal conspiracy responsible for June 27, 2017, destructive malware infection of computers in the United States and worldwide using malware known as NotPetya,” the State Department notice read.
“These cyber-intrusions damaged the computers of hospitals and other medical facilities in the Heritage Valley Health System (Heritage Valley) in western Pennsylvania, a large US pharmaceutical manufacturer, and other US private sector entities. The malicious cyber activities collectively cost these US entities nearly $1bn in losses.”
In October 2020, a federal grand jury indicted the six on counts of conspiracy to conduct computer fraud and abuse, conspiracy to commit wire fraud, wire fraud, damaging protected computers, and aggravated identity theft.
Sandworm has been linked to destructive attacks on a Ukrainian power grid in the past and during the current hostilities. It was also pegged for the prolific Cyclops Blink botnet and its predecessor, VPNFilter.
See: https://redskyalliance.org/xindustry/sandworm-russian-gru-agents-indicted
In 2021, the State Department offered a similarly sized reward for information leading to the identification and location of the leaders of the DarkSide ransomware group. It is unlikely any suspects will be brought to justice as long as they stay within Russia or other countries with no formal extradition treaty with the US and continue to pay a percentage of the profit to the Russian government.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs. com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
Comments