The Infamous Sandworm Hacking Unit of Russia Has a New Leader
Evgenii Serebriakov is the new commander of Sandworm, Russia’s infamous GRU hacking unit responsible for some of the worst cyberattacks in history.
Serebriakov was indicted, along with six other GRU agents, after being caught in the midst of a close-range cyberespionage operation in the Netherlands in 2018 that targeted the Organization for the Prohibition of Chemical Weapons in the Hague.
Despite being previously identified and indicted, Serebriakov now leads Sandworm, officially GRU Unit 74455 but also known by the nicknames Voodoo Bear and Iridium.
Since 2015, Sandworm has led the Russian government’s unprecedented campaign of cyberattacks on Ukraine, including causing the first- and second-ever blackouts triggered by hackers and releasing a piece of self-replicating code that inflicted a record $10 billion in damage worldwide.
Serebriakov’s rise to a command position within the GRU suggests that he must have significant value to the agency and is “apparently too good to dump,” according to Christo Grozev, the lead Russia-focused investigator for open source intelligence outlet Bellingcat.
Key Takeaway: Evgenii Serebriakov’s new leadership position within Sandworm underscores the GRU’s ongoing commitment to aggressive cyberattacks and highlights the value and potential of skilled hackers within the agency. The continued operations of Sandworm also pose a growing threat to global cybersecurity and highlight the need for increased international cooperation to address these challenges.