Two Russian citizens have been charged for being involved in a campaign on behalf of the Russian government to breach computer networks in the US, the UK, other North Atlantic Treaty Organization member countries, and Ukraine.
The conspiracy allegedly targeted current and former employees of the Department of Defense, Department of State, defense contractors, and Department of Energy sites between at least
Furthermore, the indictment claims that the conspirators, who went by the name “Callisto Group,” targeted journalists, think tank researchers and staff, and military and government officials in the United States and abroad.
Furthermore, the indictment claims that the conspirators, who went by the name “Callisto Group,” targeted journalists, think tank researchers and staff, and military and government officials in the United States and abroad. They also allegedly leaked information from some of these targeted accounts to the Russian and British media ahead of the 2019 U.K. elections.
A Sophisticated Spear Phishing Campaign Was Carried Out
Court documents state that a sophisticated spear phishing campaign was executed by Ruslan Aleksandrovich Peretyatko, an officer in Russia’s Federal Security Service (FSB) Center 18, Andrey Stanislavovich Korinets, and other unindicted conspirators to obtain unauthorized, persistent access into victims’ computers and email accounts.
“The Russian government continues to target the critical networks of the United States and our partners, as highlighted by the indictment unsealed today,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division.
“Through this malign influence activity directed at the democratic processes of the United Kingdom, Russia again demonstrates its commitment to using weaponized campaigns of cyber espionage against such networks in unacceptable ways.”
The conspirators frequently utilized “spoofed” email accounts, which were made to appear to be the personal and work-related email accounts of the group’s targets.
According to reports, the conspirators also sent emails with a sophisticated appearance that seemed like they were from email providers, implying that users had violated the terms of service.
The purpose of these messages was to deceive recipients into responding to false login requests using their email account credentials. Following their illicit acquisition of the victim’s login credentials, the conspirators had unrestricted access to the victims’ email accounts.
The US Charges Two Russians
The Office of Foreign Assets Control (OFAC) of the Department of Treasury has also announced that it has sanctioned Peretyatko and Korinets for their roles in malicious cyber-enabled activities in addition to the indictment.
Further, the U.S. Department of State announced rewards of up to $10 million for information leading to the identification or location of Peretyatko and Korinets, as well as their conspirators. The United Kingdom has also imposed penalties of its own.
According to the Department of Justice, the defendants are each charged with conspiring to commit one count of conspiracy to commit computer fraud, an offense against the United States that carries a potential prison sentence of five years for PERETYATKO and up to ten years for KORINETS.
“The FBI will not stand idly by as Russia continues to perpetuate this type of targeted malicious activity,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division.
“Russian interference through malign foreign influence campaigns is deplorable, and we will not tolerate it in the United States or directed against our foreign partners. The FBI is dedicated to combating this pervasive threat and will tirelessly seek to prevent and disrupt these criminal acts carried out by Russia.”
