ბლუმბერგის სტატია, ახალ დოკუმენტებზე დაყრდნობით მიმოიხილავს რუსების ჰაკერულ აქტივობაზე საქართველოში, ის რასაც თვალყური უნდა ვადევნოთ განსაკუთრებით არჩევნების პერიოდში.
"როგორ დაჰაკეს რუსეთის აგენტებმა მთელი საქართველო"
https://archive.is/cfJz8https://www.bloomberg.com/news/articles/202...tion-of-georgiaWith an election this week, documents seen by Bloomberg expose the extent of Moscow’s infiltration of the former Soviet state.
The Foreign Ministry, Finance Ministry, central bank and key energy and telecommunications providers were penetrated, according to documents and technical reports seen by Bloomberg News. Russian intelligence accessed Georgian electricity companies, oil terminals, media platforms and government departments between 2017 and 2020. The breadth and severity of attacks outlined in the documents are previously unreported. They show how far Kremlin influence extended in the Caucasus state of nearly four million people
It also gave Moscow the capability to tamper with Georgia’s vital infrastructure services should it have chosen to, including power and communications networks, if the government in Tbilisi drifted in directions that were unwelcome, according to the documents reviewed by Bloomberg and European government ofიfiials familiar with the matter. They asked not to be identified discussing confidential issues.
................................................................................................................................................................................................................................................
The GRU hacked Georgia’s Central Election Commission, likely gaining access to some email accounts, and several media organizations including Imedi and Maestro, two of the most popular TV channels. It also gained access to multiple IT systems at Georgia’s national railway company for more than two years, according to the documents.
Hackers linked to the Federal Security Service, or FSB, carried out a months-long covert operation at Georgia’s Foreign Ministry to spy on top officials’ emails and scoop up data held by Georgian embassies around the world, one of the documents shows.
Georgian authorities were informed by western counterparts about some Russian hacking attacks. But it’s unclear if they took any action, the European government officials said.
By late 2019 and early into the following year, Russian hackers were reading emails of employees at Telasi, the electricity distribution company in Tbilisi, and watching them through internal cameras as they worked. Other hackers targeted a different, state-owned, energy grid company, gaining the ability to turn off electrical substations and cut power in some Georgian regions had they decided to, the documents show.
The GRU was behind the attacks, according to one of the documents. The state-owned energy firm was infiltrated using malicious software named GreyEnergy.
The Russian intelligence agency also probed for vulnerabilities in other critical infrastructure, finding some in the network of the Batumi Oil Terminal, according to one document. By October 2019, multiple systems including smart cameras were compromised.
At least two other unidentified refineries as well as several other companies and government entities were also targeted by the GRU, at times using X-Agent malware, which has been previously tied to the intelligence agency, according to the European officials.
Cyber-intruders, meanwhile, hacked a large number of email accounts at the National Bank of Georgia around 2019-2020, allowing them to read confidential correspondence.
Hackers also compromised telecommunications operator Skytel, where they likely gained access to administrator systems, network routers and other critical systems. The intruders were “possibly” in a position to shut down all the provider’s telecommunications as well as sub-providers on Skytel’s network, one of the documents said.
The surveillance operation at the Foreign Ministry was conducted by a hacking group known as Turla that US officials have previously said is attached to an FSB unit called Center 16. It works from a facility in Ryazan, about 130 miles southeast of Moscow. Active since around 2004, Turla has gained notoriety for sophisticated attacks in dozens of countries.
From April 2020 to January 2021, according to a report of network logs, the hackers focused on pilfering data from seven Georgian officials, including a current deputy foreign minister and its ambassadors to the US and the EU.
They also appeared repeatedly to target computers linked to specific Georgian consulates or embassies, including those in Cyprus, the Baltic countries, Russia, South Korea, Azerbaijan and Canada. Turla members carried out their snooping strictly during office hours from Monday to Friday.
During a single month from November to December 2020, Turla broke into the Foreign Ministry’s network and stole data 114 times, harvesting about 2.1 gigabytes in total.
Russia’s main interest “is to weaken Georgia’s pro-Western foreign policy,” said Seskuria, of the security studies institute. “And we have seen that these relationships have never been worse.”
არა რუსულ რეჟიმს, ვოლ. 14
