BREAKING NEWS Federal judge orders absentee, photo ID voting changes in Alabama Full Story

Netherlands officials say they caught Russian spies targeting chemical weapons body

Western governments mounted an unprecedented and coordinated fightback Thursday against "brazen" attempts by...

Posted: Oct 5, 2018 4:58 PM
Updated: Oct 5, 2018 4:58 PM

Western governments mounted an unprecedented and coordinated fightback Thursday against "brazen" attempts by Russia to meddle in international affairs, publicly unmasking alleged intelligence agents and blaming Moscow for a series of audacious cyberattacks.

The Dutch government accused Russia's military intelligence agency, the GRU, of targeting the world's chemical weapons watchdog, the Organisation for the Prohibition of Chemical Weapons (OPCW), through a foiled cyber operation.

Continents and regions

Eastern Europe

Europe

Government and public administration

Government bodies and offices

Government departments and authorities

Intelligence services

International relations and national security

National security

Northern Europe

Russia

United Kingdom

Diseases and disorders

Health and medical

Poisonings

2018 Russian spy poisoning

England

Espionage

Crime, law enforcement and corrections

Criminal offenses

Cyber attacks

Cyberterrorism

Digital crime

Digital security

Technology

Terrorism

Terrorism and counter-terrorism

Unrest, conflicts and war

Biological and chemical weapons

Government organizations - Intl

Military

Military operations

Military weapons

Organisation for the Prohibition of Chemical Weapons

Weapons and arms

Weapons of mass destruction

Netherlands

Western Europe

Accidents

Accidents, disasters and safety

Aircraft accidents

Investigations

Malaysia Airlines Flight 17

Ukraine

2016 Presidential election

Business and industry sectors

Business, economy and trade

Computer science and information technology

Elections (by type)

Elections and campaigns

Malware

Political candidates

Politics

Russia meddling investigation

Software and applications

US Federal elections

US Presidential elections

Moscow

North America

The Americas

United States

Drugs and society

Drugs in sports

Society

Sports and recreation

Criminal law

Indictments

Law and legal system

Hours earlier, Britain, backed by close intelligence allies Australia and New Zealand, pointed the finger at the GRU for carrying out a worldwide campaign of "malicious" cyberattacks, including the hacking of the US Democratic National Committee in 2016.

The US Justice Department, meanwhile, announced criminal charges against seven Russian intelligence officers, accusing them in a sprawling indictment of hacking, wire fraud, identity theft and money laundering as part of an effort to distract from Russia's state-sponsored sports doping program.

Four of the names given in the US indictment match those given by Dutch authorities in connection with the alleged plot against the OPCW.

The choreographed announcements by Western allies amounted to a significant escalation of tensions with Moscow.

"The GRU has interfered in free elections and pursued a hostile campaign of cyberattacks," said Peter Wilson, the British ambassador to the Netherlands. "It is an aggressive, well-funded body of the Russian state. It can no longer be allowed to act across the world... with apparent immunity."

Russia must know there is "a red line" and that "if they try to intervene in the democratic processes of other countries, they will be exposed and there will be consequences," UK Foreign Secretary Jeremy Hunt said.

NATO Secretary General Jens Stoltenberg said its members "stand in solidarity with the decision by the Dutch and British governments to call out Russia on its blatant attempts to undermine international law and institutions," and that the alliance would continue to strengthen its defenses against cyber threats.

The Dutch operation

Dutch officials gave unprecedented details as they outlined the alleged Russian operation at a joint Dutch-UK government news conference in The Hague.

Describing it as "very worrying," Bijleveld-Schouten said four Russian military intelligence officers were expelled on April 13, the same day the plot targeting the OPCW was detected.

They left belongings behind, she said, that also enabled the Dutch to discover that one of the agents' laptops had made connections to Brazil, Switzerland and Malaysia, trying to interfere with the investigation into the downing of Malaysia Airlines Flight 17 in eastern Ukraine in 2014.

The head of Dutch counterintelligence, Maj. Gen. Onno Eichelsheim, named the four alleged Russian officers as Aleksei Morenets and Evgenii Serebriakov -- who had consecutive passport numbers, he said -- Oleg Sotnikov and Alexey Minin.

The alleged agents were traveling on diplomatic passports, Eichelsheim said. One of them, Morenets, "had a taxi receipt on him ... from the location Nesvizkhskiy Pereulok to the airport in Moscow," he said. "That's the road that borders ... the GRU."

Russia's embassy in the UK dismissed Britain's claims that Moscow was behind a string of global cyberattacks as "crude disinformation" aimed at confusing public opinion.

"This statement is reckless. It has become a tradition for such claims to lack any evidence. It is yet another element of the anti-Russian campaign by the UK government," it said in a statement.

"By the way, it is hardly a coincidence that these accusations appear exactly at the time of NATO defense ministers meeting in Brussels and announcements of creating special cyber attack military units in several Western countries."

'Aware of security'

Addressing reporters, Eichelsheim, the Dutch counterintelligence head, gave a detailed description of what the four alleged GRU officers were doing when their operation was disrupted.

The four agents arrived in the Netherlands on April 10, rented a car the following day, and parked it in a hotel parking lot as close as possible to the OPCW headquarters in The Hague, Eichelsheim said.

"They were doing some exploration work for a close-access hack operation," he said.

"We know for sure they were not on holiday in the Netherlands. They had numerous telephones on them, different sizes, different makes. They had quite a few on them personally," he said. "Morenets tried to destroy the phone, or at least break the phone, when the operation was destroyed ... he did not succeed completely."

Sotnikov had a large amount of cash on him: 20,000 euros and $20,000, Eichelsheim said. "That is not an amount I carry on holiday," he said.

"They were very aware of security," the Dutch official said, adding that they took garbage out of their hotel rooms.

"In the boot of the Citron C3 (car they rented), we recognized high-value, high-grade equipment to hack Wi-Fi channels," he said. "The main element is of course the antenna ... that needs to access the network, in this case the network of the OPCW. The antenna aimed towards the OPCW."

A battery to boost the power of their equipment was bought on April 11. "This battery was active in the back of this car at the Marriott hotel," Eichelsheim said.

"That caused an immediate threat to the OPCW network," he said.

The four alleged agents planned to travel next to an OPCW-accredited Swiss laboratory in Spiez, Bern, that does research into chemical weapons, Eichelsheim said. They had bought train tickets for April 17 from the Dutch city of Utrecht to Switzerland, he said, but did not get there because their operation was disrupted.

Eichelsheim said his service's actions had prevented serious damage to the OPCW.

"We must not forget that at that time the OPCW was investigating the Skripals and the chemical attack in Douma," he added, referring to attacks in Salisbury, England, and Syria respectively.

Britain has blamed the GRU for the poisoning of Russian former double agent Sergei Skripal and his daughter Yulia with a military-grade nerve agent in Salisbury on March 4.

The Kremlin has consistently dismissed official British allegations.

Anti-doping agencies targeted

The US indictment named the seven defendants, all said to be Russian nationals and residents, as Aleksei Morenets, 41; Evgenii Serebriakov, 37; Ivan Yermakov, 32; Artem Malyshev, 30; Dmitriy Badin, 27; Oleg Sotnikov, 46; and Alexey Minin, 46.

US officials allege that Yermakov, Malyshev, Badin and others would often use spearphishing emails, proxy servers, malware and fictitious personas as they targeted their victims.

"When the conspirators' remote hacking efforts failed to capture log-in credentials, or if the accounts that were successfully compromised did not have the necessary access privileges for the sought-after information, teams of GRU technical intelligence officers, including Morenets, Serebriakov, Sotnikov, and Minin, traveled to locations around the world where targets were physically located," the indictment said.

If their hacking efforts -- made using "specialized equipment" -- were successful, the "close access teams" would then transfer access to conspirators in Russia for exploitation, it said.

The victims included anti-doping agencies and officials, sporting federations and nearly 250 athletes, the indictment said. The GRU also targeted others including the Westinghouse Electric Corporation, a nuclear energy company in Pennsylvania, it added.

GRU hackers blamed

In statements Thursday, British, Australian and New Zealand authorities attributed four high-profile cyberattacks to GRU-backed hackers. The attacks targeted four sectors that impact people's daily lives -- democracy, transport, media and sport. They were:

Bad Rabbit

The Bad Rabbit ransomware attack in 2017 spread through Russia and Ukraine around the world. Ransomware attacks involve threatening a user's files or computer access in exchange for a ransom.

In the case of Bad Rabbit, the hackers disguised the ransomware as an update to Adobe software before locking down computers and demanding money for people to get their files back.

Most victims were located in Russia, but several cybersecurity firms identified attacks linked to Bad Rabbit in Turkey, Germany, Bulgaria, Japan, South Korea and the United States.

World Anti-Doping Agency hack

The WADA attack involved the release of Therapeutic Use Exemptions (TUE) for sports stars including American four-time Olympic gold medalist Simone Biles as well as tennis sisters Venus and Serena Williams.

At the time, WADA President Craig Reedie said that the hacking was clearly a retaliatory attack after 118 of Russia's athletes were banned from competing at the Rio 2016 Olympic Games following revelations of "state-sponsored" doping.

DNC attack

All three countries said they had determined Russia hacked the Democratic National Convention ahead of the 2016 presidential election. That hack led to the release of a batch of private emails and notes, including many that belonged to Hillary Clinton's campaign manager, John Podesta.

In the months following the cyberattack, the US intelligence community concluded that Russia did in fact attempt to interfere in the 2016 presidential elections, and top national security officials said in August that Russia is continuing to pursue similar efforts.

TV station attack

The statements accused Russia of stealing content and illicitly accessing email accounts from a small UK-based TV station in July and August 2015. The station was not named.

Huntsville
Clear
65° wxIcon
Hi: 77° Lo: 52°
Feels Like: 65°
Florence
Clear
69° wxIcon
Hi: 78° Lo: 55°
Feels Like: 69°
Fayetteville
Clear
65° wxIcon
Hi: 77° Lo: 51°
Feels Like: 65°
Decatur
Clear
67° wxIcon
Hi: 78° Lo: 52°
Feels Like: 67°
Scottsboro
Few Clouds
64° wxIcon
Hi: 75° Lo: 53°
Feels Like: 64°
WAAY Radar
WAAY WAAY-TV Cam
WAAY Temperatures

Alabama Coronavirus Cases

Confirmed Cases: 137564

Reported Deaths: 2399
CountyConfirmedDeaths
Jefferson19938351
Mobile13507293
Montgomery8866185
Tuscaloosa8837118
Madison798179
Shelby607449
Lee597161
Baldwin560650
Marshall397543
Calhoun355644
Etowah354845
Morgan333428
Houston293921
Elmore271948
DeKalb244321
St. Clair235936
Walker235485
Talladega217830
Limestone214420
Cullman191920
Dallas179826
Franklin179130
Autauga178727
Russell17683
Lauderdale175133
Colbert167726
Blount162115
Escambia161624
Jackson159712
Chilton159530
Covington140727
Dale140344
Coffee13716
Pike121611
Chambers117542
Tallapoosa117185
Clarke110316
Marion97529
Butler91740
Barbour8867
Winston75013
Marengo72620
Pickens67014
Randolph66613
Lowndes65927
Bibb65810
Hale64928
Geneva6444
Lawrence63425
Cherokee61713
Bullock60714
Clay5918
Monroe5908
Washington56012
Crenshaw54332
Perry5426
Conecuh53911
Wilcox53211
Henry5105
Macon48318
Fayette4689
Sumter43719
Cleburne3945
Lamar3822
Choctaw35112
Greene30515
Coosa1743
Out of AL00
Unassigned00

Tennessee Coronavirus Cases

Confirmed Cases: 194611

Reported Deaths: 2420
CountyConfirmedDeaths
Shelby31097466
Davidson26797311
Hamilton963495
Knox960579
Rutherford945290
Williamson536636
Sumner489598
Wilson356247
Putnam336541
Montgomery313344
Unassigned30444
Madison299265
Out of TN297727
Bradley297217
Sevier266415
Blount256324
Maury242725
Washington235538
Robertson223939
Sullivan223133
Hamblen194828
Tipton184519
Gibson172624
Trousdale16697
Hardeman158426
Wayne15015
Dyer142017
Bedford137317
Dickson128015
Coffee127713
Fayette122719
Cumberland121919
Weakley121620
Anderson121013
Obion120211
Loudon11996
Henderson119125
Carter118028
Greene116946
McMinn116325
Jefferson114414
Lawrence108913
Warren10777
Macon106721
Monroe106618
Hardin105516
Lauderdale100316
Haywood99821
Franklin99410
Lake9252
McNairy92518
Carroll91320
Roane9126
Bledsoe8624
White85510
Rhea85413
Hawkins82720
Cheatham8199
Marshall7815
Overton7706
Cocke75310
Smith74011
Johnson7323
Chester65011
Giles64417
Lincoln6331
Henry6309
Hickman6008
DeKalb57414
Marion5518
Fentress5463
Crockett54419
Decatur5347
Campbell4614
Claiborne4455
Polk40710
Grainger3943
Union3762
Benton3418
Jackson3325
Morgan3213
Grundy3176
Cannon2950
Unicoi2911
Humphreys2673
Sequatchie2441
Clay2355
Houston2343
Meigs2323
Stewart2212
Scott2192
Lewis2081
Moore1831
Van Buren1660
Perry1530
Pickett1262
Hancock1073

Community Events