The Washington PostDemocracy Dies in Darkness

U.S. joins other nations in accusing Russia of cyber attack in Republic of Georgia

A Russian flag flies in front of one of the Kremlin ruby stars in downtown Moscow in January. (Kirill Kudryavtsev/AFP via Getty Images)
Placeholder while article actions load

The United States joined several countries on Thursday in accusing Russia of a major cyberattack in the Republic of Georgia, pledging to hold the Kremlin accountable.

The Oct. 28 attack knocked thousands of government and private websites offline and interrupted television broadcasts.

Secretary of State Mike Pompeo and the Pentagon said in statements that the Russian military intelligence agency known as the GRU had carried out the attack. Pompeo’s statement specifically blamed a Russian hacking unit known as Sandworm, tying it for the first time to the GRU.

“This action contradicts Russia’s attempts to claim it is a responsible actor in cyberspace and demonstrates a continuing pattern of reckless Russian GRU cyber operations against a number of countries,” Pompeo said. “These operations aim to sow division, create insecurity, and undermine democratic institutions.”

Pompeo said the United States called on Russia to cease the behavior and pledged to help Georgia protect against future cyberattacks.

The Pentagon said the attack is “just one more example of how Russian malign behavior erodes transparency and predictability, undermines the rules-based international order, and violates the sovereignty of its neighbors."

“The U.S. Government position has been clear, we will defend our partners’ and allies’ core interests and hold the Russian Federation accountable for these destabilizing activities,” said the statement, by Air Force Lt. Col. Carla Gleason, a Pentagon spokeswoman.

Neither the State Department nor the Pentagon described how they would hold Russia accountable.

John Hultquist, the director of intelligence analysis at the cybersecurity firm FireEye, said it was significant that Pompeo had officially tied Sandworm hackers to GRU Unit 74455. The Justice Department has previously said that 74455 took part in the hacking of the Democratic National Committee and the Clinton campaign in 2016.

Britain said in a separate statement that its national cybersecurity center had assessed “with the highest level of probability” that the attack was carried out by Russia and called it “part of Russia’s long-running campaign of hostile and destabilising activity against Georgia.”

“The GRU’s reckless and brazen campaign of cyber attacks against Georgia, a sovereign and independent nation, is totally unacceptable,” said British Foreign Secretary Dominic Raab.

The Australian government also issued a statement condemning the “malicious cyber activity by Russia targeting the state of Georgia in October last year.”

Senior Georgian officials expressed thanks for the support.

“Last October, #Georgia suffered a reckless cyber attack affecting state, media & business entities,” Georgian Prime Minister Giorgi Gakharia said in a tweet. “This was an intolerable act attempting to undermine our sovereignty. We deeply appreciate the vocal support from our partners & allies around the world.”

The pointed statements come as senior American officials express concern about the vulnerability of U.S. elections to hacking.

In December, President Trump met with Russian Foreign Minister Sergei Lavrov in the Oval Office and said he warned Moscow not to interfere in U.S. elections.

Lavrov said later in the day that Pompeo had raised the issue separately with him in another meeting.