Russia’s spy units hacked Georgia’s government and business


GRU and FSB were able to read the ministerial emails and shut down all power stations in the Caucasian nation.

Russia’s surveillance operations in the former Soviet nations are no secret to anyone but one particular country has been hacked deep to its roots.

Georgia, which holds a crucial parliamentary election on 26 October 2024 and whose government is loyal to Moscow, is nonetheless the victim of an unprecedented cyberwar unleashed by Russia’s Principal Military Intelligence Directorate (GRU) and the Federal Security Service (FSB), according to an investigation published by Bloomberg on 21 October.

GRU- and FSB-linked hackers have been monitoring Georgia’s government agencies and major companies for years, collecting information and interfering with the country’s vital infrastructure. The evidence regarding the previously-underreported large-scale espionage campaign and hacking attacks is based on documents and technical reports reviewed by Bloomberg, as well as statements by European officials who spoke on condition of anonymity.

According to the investigation, the spying campaign affected the Ministry of Foreign Affairs (MFA), the Ministry of Finance, other important government agencies, the National Bank of Georgia, energy and telecommunications companies, oil terminals, and television companies.

Tens of thousands of Georgians protest against Russia-inspired "foreign agents law" in Tbilisi in May 2024. Credit: CNN

Most of the attacks were carried out over several years before the 2020 parliamentary elections, but Bloomberg sources say Russia has also carried out similar operations more recently.

The FSB, for example, has been reading the emails of MFA employees for several months, including Georgian embassies in various countries. This operation involved hackers from the Turla group, which is part of the 16th FSB Center in the city of Ryazan, according to U.S. accounts.

Between April 2020 and January 2021, Russian hackers stole data from seven Georgian officials, including the current deputy foreign minister and Georgian ambassadors to the United States and E.U. countries. They also attacked the computers of Georgian consulates and embassies, including those in the Baltic states, Russia, South Korea, Azerbaijan, Cyprus and Canada.

More to read:
European Council halts Georgia’s E.U. membership process

As Bloomberg notes, Turla members "engaged in espionage strictly during working hours from Monday to Friday." In November-December 2020, members of this hacker group penetrated the MFA network 114 times, stealing a total of 2.1 gigabytes of data.

The GRU, on its side, hacked the servers of Georgia’s Central Election Commission and the National Bank of Georgia, gaining access to some email accounts and thus being able to read confidential correspondence. The Georgian Railway Company, and the television channels Imedi and Maestro were also hacked by the Russian military intelligence.

The documents seen by Bloomberg also prove that the Russian hacker units were able to interfere with the main energy and utility companies to the extent of shutting down the power or water supply across the entire country, should the government in Tbilisi moved in a way the Kremlin didn’t like. The investigators learned that the GRU hackers could in particular review the corporate emails of Telasi, the largest energy company, and watch what was going on inside this company via its internal video network.

More to read:
Moscow close to complete construction of navy base in Abkhazia, a breakaway enclave in Georgia

The Russian military hackers were able to find vulnerabilities in the Batumi Oil Terminal network and two oil refineries. In the case of the internet service provider Skytel, they were capable of disabling all its telecommunications systems.

Bloomberg investigators said both European and American officials warned Tbilisi about the Russian hacker attacks but it is unclear whether the Georgian authorities have taken any action to disrupt these operations or merely protest to Moscow.

Georgian security officials declined to comment on the findings or released peaceful statements that didn’t mention Russian espionage activities. Neither the GRU or the FSB responded to the spy allegations.

***
NewsCafe is an independent outlet that cares about big issues. Our sources of income amount to ads and donations from readers. You can support us via PayPal: office[at]rudeana.com or paypal.me/newscafeeu. We promise to reward this gesture with more captivating and important topics.



Do you think the ban on TikTok in the U.S. is justified?

View all
YES
NO