In the sci-fi universe of Dune, sandworms are colossal, apex-predatory monsters that burrow underground on the world Arrakis. True-life sandworms are marginally a lot less terrifying, but similarly fantastic at evading seize.
No, these aren’t precise worms. “Sandworm” is the codename that cybersecurity researchers bestowed on a notably brazen Russian navy intelligence unit recognized for egregious digital aggression. (This tale’s aspect picture is chosen with apologies to Andy Greenberg, the hacking device’s unofficial biographer.)
A codename is necessary no for a longer period. On Monday, the U.S. Justice Division indicted 6 men and women it alleges to be customers of the marauding crew. You can study the whole document—which John Hultquist, a threat-tracker in the Mandiant device of the cybersecurity organization FireEye, phone calls “a laundry listing of many of the most vital cyberattack incidents we have ever witnessed”—here.
Sandworm is, without a doubt, guiding a slew of big, poor hacks. You could bear in mind 2017’s damaging NotPetya cyberattack, the repeated shutdowns of portions of the Ukrainian electricity grid, or the web server-crippling assault on the 2018 Winter season Olympics in Pyeongchang. Or most likely you’ll remember Sandworm interfered in the 2016 U.S. election and in the 2017 French elections.
It’s an open up query as to what surprises Sandworm could possibly have been—or, indeed, may however be—planning for the 2020 U.S. presidential election. If almost nothing else, British officials stated Monday the hackers had been plotting hijinks for the 2021 Tokyo Olympics.
But the U.S.’s indictment, perfectly-that means while it is, is unlikely to provide any one to justice. Considering that these hackers function in a jurisdiction outdoors of Uncle Sam’s reach—specifically, the tower at 22 Kirova Street in the Moscow suburb of Khimki—they will be equipped to carry on their cyberwarmongering unimpeded.
Some folks anxiety the formal accusation could even inspire extra flagrant bellicosity. “These indictments may possibly prove to embolden them somewhat than control their actions,” warns Chester Wisniewski, principal study scientist at the British cybersecurity organization Sophos.
Other authorities, like Sam Curry, chief protection officer at the cybersecurity agency Cybereason, are more hopeful. “It’s challenging to imagine that this actions will lead to meaningful improvements in Russian foreign coverage,” he claims. “But the target isn’t just bringing the perpetrators to justice. The intention is to lay the building blocks for future operate and a much more peaceful, democratic, collaborative physical and cyber entire world just one working day.”
It’s an admirable, if quixotic goal in the meantime, the globe ought to prepare for the worst. “We’re no safer than we ended up yesterday,” Wisniewski says. Ended up the Sandworm hackers “to be arrested, their replacements are previously in training, and the relentless thirst of country-states to compromise and interfere with their adversaries goes undeterred.”
A Dunish sandworm will endure even if slice aside. With this indictment, Russia’s Sandworm is hardly knicked.