Russians charged with hacking energy companies inside and outside U.S. | #cybersecurity | #cyberattack

A separate indictment filed in Kansas charges a hacking campaign launched by Russian’s federal security service, or FSB, allegedly targeted computers at hundreds of energy-related entities around the world. That indictment was also filed under seal last summer.

The hacking activity took place between 2012 and 2018, U.S. officials said. The decision to reveal the indictments underscores the concern U.S. and European officials have about Russia unleashing a wave of cyber attacks on the West in response to a new wave of sanctions over Russia’s invasion of Ukraine.

Deputy Attorney General Lisa O. Monaco said there is an “urgent ongoing need for American businesses to harden their defenses and remain vigilant.” She said Russian state-sponsored hackers “pose a serious and persistent threat to critical infrastructure both in the United States and around the world.”

U.S. officials said one of their concerns regarding possible Russian hacking is that in the past, some Russian malware has been poorly controlled, spreading wildly around the world far beyond the intended targets. The 2017 case dubbed NotPetya, which targeted computers in Ukraine but also affected Denmark, India and the United States, is one example.

The Russian embassy in Washington did not immediately respond to a request for comment on the indictments Thursday.

Russia does not extradite its citizens to the U.S., so there is little chance that the four individuals charged will ever be brought to trial. U.S. officials sometimes make such indictments public in the hopes of deterring future, similar attacks.

John Hultquist, vice president of intelligence analysis at the cyber security firm Mandiant, said the indictments are an important gambit amid ongoing tensions between Russia and the West, and a “warning shot” for Russian government hackers. “These actions are personal and are meant to signal to anyone working for these programs that they won’t be able to leave Russia anytime soon,” he said.

Much of the hacking activity was previously reported, with U.S. security officials expressing alarm at the degree to which the hackers appeared to be deliberately trying to cause damage to sensitive chemical processes at energy plants that could result in serious harm or danger to people.

The indictment charges Gladkikh carried out the hacking as part of his job at the Central Scientific Research Institute of Chemistry and Mechanics in Moscow, launching an extremely dangerous form of malware called Triton but also sometimes reffered to as Trisis or Hatman.

Gladkikh allegedly conspired to hack a Saudi Arabian oil refiner’s sulfur recovery systems — which, depending on the severity of the malfunction, could have caused explosions or released toxic gases, officials said. Hackers also compromised computer systems tied to U.S. energy sites, according to the charging papers.

The Kansas indictment names Pavel Akulov, Mikhail Gavrilov, and Marat Tyukov as members of the FSB’s Military Unit 71330, sometimes referred to as “Center 16,” where they allegedly carried out the attacks.

In one instance, the hackers were able to breach the business network for the Wolf Creek nuclear power plant outside Burlington, Kansas, according to that indictment. The business network is separate from the plant’s operational system. Other U.S.-based victims included the Nuclear Regulatory Commission, Westar Energy, and Kansas Electric Power Cooperative.

The Kansas indictment charges the FSB hackers placed malware on more than 17,000 different devices “to establish and maintain surreptitious, unauthorized access… Such accesses enabled the Russian government to disrupt and damage such systems, if it wished.”

Original Source link

Leave a Reply

Your email address will not be published.

+ forty six = fifty two