US court indicts four Russians for cyberattacks against energy sector

Four Russians have been indicted in the United States for cyber attacks against him energy sector around the world, the Justice Department reported Thursday.

“Russian state-linked hackers pose a serious and ongoing threat to critical infrastructure in the United States and around the world,” Deputy Attorney General Lisa Monaco said in a statement.

Russian hackers attacked thousands of computers at hundreds of companies in 135 countries between 2012 and 2018, reported the Justice Department.

Although these indictments refer to past activities, “they clearly show that American companies must strengthen their defenses and remain vigilant,” he added, echoing statements by the president Joe Biden.

On Monday Biden stated that companies in his country have a “patriotic” duty to better protect themselves from the risk of computer attacks carried out by Russia in response to the sanctions imposed by Western countries for having invaded Ukraine.

But the two cases made public Thursday predate the war.

A first indictment, adopted in June 2021 by a Washington grand jury, points to Evgueni Gladkikh, a 36-year-old programmer linked to the Russian Defense Ministry. He is accused of having participated in the attack on a refinery in a country in 2017, with malware called Triton. The document does not specify where, but the security systems of a Saudi petrochemical plant were attacked with this software in 2017.

According to him Justice Departmentthe accused and his accomplices tried to carry out a similar attack against infrastructure in the United States, without success.

A second indictment, from August 2021 in Kansas, accuses Pavel Akulov, Mikhail Gavrilov and Marat Tyukov of being Russian Security Services (FSB) agents who carried out a wave of attacks against the global energy sector between 2012 and 2017.

In a first phase, called “Dragonfly“, they would have introduced malware in software updates, contaminating more than 17,000 devices.

And later, in a phase baptized “Dragonfly 2.0”, 3,300 phishing attempts would have been made in more than 500 entities, including against the United States Nuclear Regulatory Commission. Another target was a US nuclear plant located in Kansas.

None of the accused has been arrested.


Leave a Comment