Interview With the Russian-Military-Linked Hackers Targeting US Water Utilities
When the activities of Russian hacker groups are exposed in a major public report and tied to a government agency—such as the Russian military's Sandworm unit, which has targeted Ukrainian electrical utilities to trigger three blackouts over the past decade, or the Russian foreign intelligence service's APT29, which is believed to have carried out the notorious SolarWinds supply chain attack—they tend to slink into the shadows and lay low until their next operation.
When the cybersecurity firm Mandiant last month highlighted the Cyber Army of Russia, by contrast, noting its haphazard attacks on Western critical infrastructure and the group's loose ties to the Russian military, the hackers took a very different approach. “Comrades, today the collective rotten West recognized us as the most reckless hacker group 🏆, on which I actually congratulate all of us 🎉," the group posted in Russian to its Telegram channel, along with a screenshot of WIRED's article about the hackers, in which we had described them with that “most reckless” superlative. “As long as they are afraid of us, let them hate us as much as they want.”
After that initial, less-than-friendly exchange of ideas, WIRED reached out to Cyber Army of Russia's Telegram account to continue the conversation. So began a strange, two-week-long interview with the group's spokesperson, “Julia," represented by an apparently AI-generated image of a woman standing in front of Red Square's St. Basil's Cathedral. Over days of intermittent Telegram messages, often interspersed with unsolicited Russian nationalist political talking points, Julia answered WIRED's questions—or at least some of them—laid out the group's ethos and motivations, and explained the rationale for the hackers' months-long cyber sabotage rampage, which initially focused on Ukrainian networks but has more recently included an unprecedented string of attacks hitting US and European water and wastewater systems.