The Justice Department announced Thursday that four Russian officials were indicted in cyberattacks against the United States’ energy industry and thousands more computers around the globe between 2012-2018.
Hackers targeted organizations and companies in around 135 countries. Officials said that among the victims was the Kansas nuclear power plant owner whose business network was compromised.
Despite the intrusions dating back many years, the indictments come because the FBI raised new alarms about Russian hackers’ attempts to scan the U.S. energy companies networks for vulnerabilities that could have been exploited during Russia’s war on Ukraine.
In a statement, Lisa Monaco, Deputy Attorney General, stated that Russian state-sponsored hackers are a persistent threat to critical infrastructure in America and all around the globe. Although the criminal charges against the hackers are from the past, they highlight the need for American businesses and individuals to strengthen their defenses while remaining vigilant.
Although none of the four defendants are currently in custody, a Justice Department official briefing reporters on the cases stated that the department decided it was better not to wait for the “distant possibility of arrests” in the future.
Russians have indicted a Russian employee of a military research institute. He is accused of conspiring with others to hack systems at foreign refineries and to install malware on safety systems. This led to an emergency shutdown. According to an indictment filed in June 2021, the employee, Evgeny VIktorovich Gladkikh tried to hack into the networks of an unknown U.S. firm. It was not sealed Thursday.
Three other defendants are alleged hackers belonging to Russia’s Federal Security Service (FSB), which conducts counterintelligence and domestic intelligence. The prosecution claims they are part of a hacking group known as Dragonfly to cybersecurity researchers.
They are accused of installing malware via legitimate software updates on more 17,000 devices in the U.S.A and other countries. Prosecutors said that the hackers targeted oil and gas companies, nuclear power plants, and utility and transmission companies in their supply chain.
Officials said that the second stage of the attack involved spear-phishing attacks against more than 500 U.S. companies and international organizations, as well U.S. government agencies including the Nuclear Regulatory Commission. The hacker also managed to compromise the Wolf Creek Nuclear Operating Corporation’s business network in Burlington (Kansas), which runs a nuclear power station.
