Two indictments were unsealed today by the Department of Justice, accusing four defendants belonging to Russian nationals who operated for the Russian government. They were charged for attempting, supporting, and carrying out computer intrusions that specifically aimed at the global energy sector in two separate conspiracies between 2012 and 2018. In total, thousands of computers in hundreds of firms and organizations in approximately 135 countries were targeted in these hacking efforts.
United States v. Evgeny Viktorovich Gladkikh, a June 2021 indictment returned in the District of Columbia, concerns the alleged efforts of a Russian Ministry of Defense research institute employee and his co-conspirators to harm critical infrastructure outside the United States, leading to two separate emergency shutdowns at a foreign targeted facility. Following that, the conspiracy attempted to get into the systems of a US corporation that managed identical national infrastructure entities in the US.
United States v. Pavel Aleksandrovich Akulov, et al., an indictment returned in August 2021 in the District of Kansas, details allegations about a separate, two-phased campaign carried out by three officers of Russia’s Federal Security Service (FSB) and their co-conspirators to target and compromise the computers of hundreds of entities related to the energy sector around the world.
Access to such systems would have given the Russian government the capacity to disrupt and destroy computer systems at any moment in the future.
“We face no greater cyber threat than actors seeking to compromise critical infrastructure, offenses which could harm those working at affected plants as well as the citizens who depend on them,” said U.S. Attorney Matthew M. Graves for the District of Columbia. “The department and my office will ensure that those attacking operational technology will be identified and prosecuted.”
The U.S. Attorney Duston Slinkard for the District of Kansas said, “The potential of cyberattacks to disrupt, if not paralyze, the delivery of critical energy services to hospitals, homes, businesses and other locations essential to sustaining our communities is a reality in today’s world”
A federal grand jury in the District of Columbia indicted Evgeny Viktorovich Gladkikh, 36, in June 2021. Viktorovich was a computer programmer employed by a Russian Ministry of Defense-affiliated institute, for his role in a plot to hack global energy facilities’ industrial control systems (ICS) and operational technology (OT) using tactics designed to permit subsequent physical harm with potentially devastating effects.
As per the indictment, from May to September 2017, the offender and co-conspirators attacked an overseas refinery’s systems and deployed malware on a Schneider Electric safety system known as “Triton” or “Trisis”. The malware disabled the refinery’s safety mechanisms, offering the ability to disrupt the refinery, hurt others nearby, and cause economic costs.
The Triton malware provoked a malfunction, resulting in two different automated emergency shutdowns of the refinery’s operations by Schneider Electric safety systems. During February and July 2018, the suspects performed studies on various refineries in the United States that were controlled by a U.S. firm and attempted to penetrate the computer systems of the U.S. company and failed.
A Complete report on the indictment between the hacks has been published by the Department of Justice of the United States.