Prime Minister Scott Morrison said in a statement on Thursday that while Australia did not suffer any significant impact from these attacks, they "caused significant, indiscriminate harm to civilian infrastructure and resulted in millions of dollars in economic damage, including in Russia".
In a similar statement, the British National Cyber Security Centre said it had identified a number of attacks as being by the GRU.
"These attacks have been conducted in flagrant violation of international law, have affected citizens in a large number of countries, including Russia, and have cost national economies millions of pounds," the NCSC said.
Morrison claimed four specific attacks had been carried out by the GRU:
- "In October 2017, BadRabbit ransomware infected victims in Ukraine and Russia interrupting businesses and critical national infrastructure, including energy and transport sectors;
- "In August 2016, the Russian military released confidential medical files relating to a number of international athletes. The World Anti-Doping Agency has stated publicly that this data came from a hack of its Anti-Doping Administration and management system;
- In 2016, the US Democratic National Committee was hacked by the Russian Military and documents were subsequently published online; and
- "Between July and August 2015, multiple email accounts belonging to a small UK-based TV station were accessed by the Russian military and content stolen."