TBILISI — The United States and Britain have joined Georgia in blaming Russia for a massive coordinated cyberattack last year that took thousands of Georgian websites offline and even disrupted TV broadcasts.
Georgian Foreign Ministry spokesman Vladimer Konstantinidi told a news conference in Tbilisi on February 20 that the cyberattack was planned and carried out by Russia.
“The investigation conducted by the Georgian authorities, together with information gathered through cooperation with partners, concluded that this cyberattack was planned and carried out by the main division of the General Staff of the Armed Forces of the Russian Federation,” Konstantinidi said.
Sandworm is known as a single group of hackers within the GRU and security experts have linked it to such cyber breaches as the theft of 9 gigabytes of e-mails from the French presidential campaign of Emmanuel Macron, a similar campaign against the Democratic National Committee in the United States in 2016, as well as the malware that hit Ukraine’s power grid in 2015 and spread globally.
Britain has also linked the group to two attacks against Ukraine in 2017, including NotPetya and BadRabbit, which affected the nation’s financial and energy sectors as well as the Kyiv Metro and Odesa’s airport.
“The United States calls on Russia to cease this behavior in Georgia and elsewhere,” Secretary of State Mike Pompeo said, adding that Washington would provide assistance to Georgia to help improve the country’s ability to fend off such attacks.
“We also pledge our support to Georgia and its people in enhancing their cybersecurity and countering malicious cyber actors,” Pompeo added.
Russia denied involvement in penetrating Georgian government websites.
“Russia did not plan and is not planning to interfere in Georgia’s internal affairs in any way,” Russian Deputy Foreign Minister Andrei Rudenko told Russian news agencies.
The Russian Defense Ministry did not immediately comment.
More than 2,000 state, private, and media websites as well as two private television stations — Imedi and Maestro — were knocked out on October 28. The targeted websites included those of the president’s office and local municipality offices.
In many cases, website home pages were replaced with an image of former President Mikheil Saakashvili, and the caption “I’ll be back.”
With the rise of cyberattacks, Navy ships are now equipped with defense from hackers.
Russia has fraught relations with its southern neighbor, which is seeking to join Western organizations, including the European Union and NATO, moves that Moscow opposes.
Russia fought a five-day war with Georgia in 2008 after which Russia recognized the independence claim of two breakaway regions, Abkhazia and South Ossetia, which comprise 20 percent of its territory.
Russia is one of only a few countries that recognizes the two regions’ independence.