Four Russian officials charged in two “historical” hacking campaigns targeting critical infrastructure in 135 countries: DOJ

On March 24, four Russian officials were indicted in two hacking campaigns targeting critical infrastructure in 135 countries around the world, announced by the US Department of Justice and the UK Foreign Ministry.

Officials said Russians working for the Russian government were charged with attempting, supporting and conducting cyberattacks targeting the global energy sector between 2012 and 2018.

These hacking campaigns targeted thousands of computers from hundreds of companies and organizations, including the Wolf Creek Generating Station in Kansas and the Saudi Petrochemical Plant in 2017, where business networks were compromised.

Some individuals have been linked to the Federal Security Service (FSB) of Russia by US indictment.

Two separate groups have been charged with indictment.

In the first case, a petrochemical refinery in Saudi Arabia was allegedly hacked in 2017, when employees of the Russian Department of Defense research institute Evgeny Gladkikh and their collaborators overridden the safety of industrial control system plants. Allegedly used malware targeting. .. This caused the plant to shut down twice, officials said.

Later, Gradkiv and his collaborators allegedly attempted to hack a computer from a US company that manages a similar critical infrastructure entity in the United States.

In a second indictment opened in the District Court of Kansas in August 2021, prosecutors brought three FSB officers, the KGB’s successor, and their conspirators to hundreds of energy sector-related. He accused him of targeting and infringing the business entity’s computer. Worldwide, including nuclear power plants, oil and gas companies, utilities and transmission companies.

“Access to such a system would have provided the Russian government, among other things, the ability to destroy and damage such computer systems in the future of its choice,” officials said.

According to the indictment, some of the charges filed against the suspect could be sentenced to up to 20 years in prison if convicted.

None of the four defendants were detained, and the State Department issued up to $ 10 million in bounties for information that could lead to the arrest of the defendants or the identification of other conspirators.

The indictment arises amid continued invasion of Ukraine by Russian President Vladimir Putin and concerns from the FBI that Russia is exploring options for cyberattacks targeting the United States.

Earlier this week, President Biden warned that Russia’s cyberattacks on US infrastructure would increase in response to US sanctions against Moscow, pointing out “evolving intelligence.”

“I warned that Russia could engage in malicious cyber activities with its allies and partners at the cost of the world.” Biden said At the CEO Quarterly Meeting of the Business Roundtable. “But today, my administration has issued a new warning that Russia may be planning a cyberattack against us, based on evolving intelligence. And, as I said, The magnitude of Russia’s cyber capabilities is quite important and it is coming. “

Several US federal agencies, including the Cyber ​​Security and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Energy (DOE), announced Thursday. Joint advisory Warn energy executives about hacking campaigns about the historical tactics, techniques, procedures, and what they can do to enhance the security used by Russian agents.

“Russian state hackers pose a serious and lasting threat to critical infrastructure in the United States and around the world,” Deputy Justice Secretary Lisa O. Monaco announced Thursday.

“While unsealed criminal accusations today reflect past activity, the Justice Department underscores the urgent and ongoing need for US companies to strengthen their defenses and stay vigilant. Alongside our domestic and international partners, we are committed to exposing and retaining state-sponsored responsible hackers that threaten critical infrastructure in cyberattacks. “

Catabella Roberts


Katabella Roberts is a reporter currently based in Turkey. She focuses primarily on the United States and covers the news and business of The Epoch Times.