What significant cyber attacks are attributed to the GRU?

• A. Breaching the Pentagon's network in 2015 and the Democratic National Convention's network in 2016
• B. Attacking the NHS in 2018 and the Bank of England in 2019
• C. Compromising the Tokyo Stock Exchange in 2017 and the UK Parliament in 2018
• D. Breaching the White House network in 2015 and the State Department in 2016

Answer: (A)

Attribution of cyberattacks to a specific actor relies on linking the tactics, techniques, and targets to known groups. The Democratic National Committee breach in 2016 is the clearest example tied to a GRU-linked operation (often called Fancy Bear or APT28), where spear-phishing and credential theft led to access and exfiltration of emails that were later released publicly, aligning with the pattern of Russian military intelligence activity aimed at political targets. The Pentagon’s network breach in 2015 fits with GRU-style operations as well, since Russian intelligence has been linked to intrusions into defense and government networks, showing a focus on high-value security targets. Other listed incidents, such as attacks on the NHS, the Bank of England, the Tokyo Stock Exchange, the UK Parliament, or the White House/State Department, do not have the same well-supported attribution to the GRU in credible assessments, making them less consistent with known GRU operations.