There is growing evidence that pro-Russian hackers and Internet activists are working with the country’s military intelligence, Google researchers say. From the report: Western officials and security experts are interested in the possible Kremlin ties because it would help explain Moscow’s intentions both inside Ukraine and beyond, despite recent military setbacks that prompted Russian President Vladimir Putin this week to announce the mobilization. Officials in the U.S. and Europe have warned throughout the war that Russian hackers could turn on Ukraine’s allies with cyberattacks on critical infrastructure and governments, but so far that has largely failed to materialize.
Over the past few months, Google’s cybersecurity team, Mandiant, has observed apparent coordination between pro-Russian hacking groups, ostensibly made up of patriotic citizen hackers, and Russian military intelligence (GRU) cyber hacks. In four cases, Mandiant says it observed hacking activity linked to the GRU in which “cleaner” malware was installed on the victim’s network. The original cleaner software crashed, destroying the entire organization’s computer systems. Then hacktivists entered the scene. After each of these breaches—within 24 hours of being removed—the hacking organizations published the data stolen from the same organizations.