Anglo-Americans Claim Global Russian Cyber War Campaign Against Just About Everyone

July 2, 2021 (EIRNS)—Britain’s National Security Cyber Center (NSCC) issued a statement jointly with the U.S. National Security Agency, the FBI and other U.S. agencies yesterday which in effect claims that Russia is engaged in a cyber war against the whole world. The joint advisory “Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments,” these agencies issued “reveals the tactics, techniques and procedures (TTPs) used in this campaign which has targeted both private and public sector networks from at least mid-2019,” claims the NSCC in a statement. “Global targets include government and military, defense contractors, energy companies, higher education, logistics, law firms, media, political consultants or political parties and think tanks.” The advisory includes a list of steps network administrators can take to secure their networks against this alleged campaign.

The U.S.-U.K. joint statement claims that this operation is run by a unit of Russian military intelligence (the infamous GRU) called the 85th Main Special Service Center (GTsSS), military unit 26165, which they say is running “widespread, distributed, and anonymized brute force access attempts against hundreds of government and private sector targets worldwide,” they write in the Executive Summary. “The 85thGTsSS directed a significant amount of this activity at organizations using Microsoft Office 365® cloud services....

“This campaign has already targeted hundreds of U.S. and foreign organizations worldwide, including U.S. government and Department of Defense entities. While the sum of the targeting is global in nature, the capability has predominantly focused on entities in the U.S. and Europe.”

As usual, no evidence is presented that would validate their accusations, and in fact, despite implying they are making the Cybersecurity Advisory available, the Anglo-American intelligence agencies provide nothing more than an 8-page Executive Summary. Furthermore, according to Sputnik news agency, Russia has repeatedly asked for evidence of malicious cyber activities that have been attributed to Russia, such as the SolarWinds hack, from the U.S. and never received any. “Western officials have spent the better part of the last decade accusing Russia of a host of hacking activities, but have come up short in the evidence department,” Sputnik reports.

“While the country’s intelligence services almost certainly engage in secretive cyberactivities on a par with those of the U.S. or the U.K., the allegations against Russia have often gone beyond the pale of ordinary espionage, with U.S. officials going so far as to claim that Moscow ‘hacked’ the 2016 elections to get Donald Trump elected, or accusing Russia of planning to freeze Americans and their families to death in their homes.”

The Russian Embassy in Washington rejected the NSCC/NSA accusations. “We strictly deny the involvement of Russian government agencies in attacks ‘on government and private facilities in the United States and abroad.’ ” the Embassy said in a statement posted on its Facebook page. “We emphasize that fighting against cybercrime is an inherent priority for Russia and an integral part of its state policy to combat all forms of crime. A wide range of law enforcement instruments is used for its implementation. Given the global nature of cyber threats which recently have increasingly become a challenge to strategic stability, the most effective way to combat them is to ensure active interaction between relevant state agencies of the two countries.”

The Russian Embassy points out that cybersecurity was one of the issues discussed at the June 16 Geneva summit, and concludes with the hope

“the American side will abandon the practice of unfounded accusations and focus on professional work with Russian experts to strengthen international information security, and in this context, on joint efforts to combat cybercrime. Besides, it’s high time to put things in order on the American soil, from where constant attacks on critical infrastructure in Russia emerge.”

Sputnik’s July 1 report on the Anglo-American advisory points out that many governments’ cyber activities include the ability to spoof an attack coming from any country, and writing: “Last year, veteran cryptographer and NSA whistleblower Bill Binney told Sputnik that the United States has a cyber suite known as the Marble Framework which allows U.S. intelligence to spoof attacks to make them seem like they’re coming from China, Russia, Iran, North Korea, or a host of Arab countries.”