Four Russian agents have been indicted in the United States for hacking attacks targeting the energy sector around the world, including a US nuclear power operator and a Saudi petrochemical facility.

The Russian hackers targeted thousands of computers at hundreds of companies in 135 countries between 2012 and 2018, the Justice Department said Thursday.

"Russian state-sponsored hackers pose a serious and persistent threat to critical infrastructure both in the United States and around the world," Deputy Attorney General Lisa Monaco said in a statement.

"Alongside our partners here at home and abroad, the Department of Justice is committed to exposing and holding accountable state-sponsored hackers who threaten our critical infrastructure with cyber-attacks."

According to the Justice Department, the Russians were employed by a Russian Ministry of Defense research institute and Russia's Federal Security Service (FSB).

The unsealing of the indictments came three days after President Joe Biden warned of a growing Russian cyber threat against US businesses in response to Western sanctions on Russia for its invasion of Ukraine.

The four Russians were the subject of two separate indictments, both pre-dating the Russian invasion.

The first indictment, from June 2021, charges Evgeny Viktorovich Gladkikh, 36, a computer programmer with a Russian Ministry of Defense institute, and unnamed conspirators of seeking to hack industrial control systems at global energy facilities.

The hack of a foreign refinery was "designed to enable future physical damage with potentially catastrophic effects," the Justice Department said.

The malware used, called "Triton" or "Trisis," has been identified previously as being used to hack a Saudi petrochemical facility in 2017.

"The conspirators designed the Triton malware to prevent the refinery's safety systems from functioning," the Justice Department said.

"Between February and July 2018, the conspirators researched similar refineries in the United States, which were owned by a US company, and unsuccessfully attempted to hack the US company's computer systems," it added.

In London, British Foreign Secretary Liz Truss announced sanctions against the institute where Gladkikh worked, the Central Scientific Research Institute of Chemistry and Mechanics.

"Russia's targeting of critical national infrastructure is calculated and dangerous," Truss said. "We are sending a clear message to the Kremlin by sanctioning those who target people, businesses and infrastructure."

- $10 million reward -

The other indictment, from August 2021, charges FSB agents Pavel Aleksandrovich Akulov, 36, Mikhail Mikhailovich Gavrilov, 42, and Marat Valeryevich Tyukov, 39, with carrying out multiple energy sector hacking attacks between 2012 and 2017.

The hacks were aimed at gaining access to the computer networks of companies in the international energy sector, including oil and gas firms, nuclear power plants, and utility and power transmission companies, the Justice Department said.

"These officers were members of an FSB component known as Center 16 and worked at a specific operational group known as Military Unit 71330, known by cybersecurity researchers as 'Dragonfly,' 'Energetic Bear,' and 'Crouching Yeti," the department said.

It said they conducted a successful spearphishing attack on the business network of the Wolf Creek Nuclear Operating Corp. in Burlington, Kansas, which operates a nuclear power plant.

None of the Russians are in custody and the State Department offered a reward of up to $10 million for information leading to the arrest of the three FSB agents.

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Tweet

Thanks for being here; We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain. With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords. Our news coverage takes time and effort to publish 365 days a year. If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Contributor $5 Billed Once credit card or paypal		SpaceDaily Monthly Supporter $5 Billed Monthly paypal only

US bars Chinese-owned telecom over 'security risks'
Washington (AFP) March 17, 2022
US regulators on Wednesday stripped Chinese state-owned Pacific Networks of its telecommunications license, the latest blow in the simmering confrontation between Beijing and Washington. The United States had previously revoked the permits of China Telecom and China Unicom, and the Federal Communications Commission has now given 60 days to Pacific and its subsidiary ComNet to cut service. "The companies' ownership and control by the Chinese government raise significant national security and law ... read more