████ # This file was generated bot-o-matically! Edit at your own risk. ████
U.S. charges 4 Russian government workers with hacking energy sector [washingtonpost.com]:
The U.S. Justice Department fired another legal salvo against Russia on Thursday, announcing indictments against four Russian government employees for an alleged hacking campaign targeting the energy sector that lasted for years and targeted computers in 135 countries.
An indictment in U.S. District Court for the District of Columbia charges that Evgeny Viktorovich Gladkikh, who worked at a Russian Ministry of Defense research institute, conspired with others to damage critical infrastructure outside the United States, causing emergency shutdowns at one foreign facility. Thosecharged in the indictment, under seal since June 2021, also allegedly tried to hack the computers of a U.S. firm that managed similar facilities in the United States.
A separate indictment filed in Kansas alleges that a hacking campaign launched by Russian’s federal security service, or FSB, targeted computers at hundreds of energy-related entities around the world. That indictment was also filed under seal last summer.
The hacking activity took place between 2012 and 2018, U.S. officials said. The decision to reveal the indictments underscores the concern U.S. and European officials have about Russia unleashing a wave of cyberattacks on the West in response to a new wave of sanctions over Russia’s invasion of Ukraine.
Deputy Attorney General Lisa O. Monaco said there is an “urgent ongoing need for American businesses to harden their defenses and remain vigilant.” She said Russian state-sponsored hackers “pose a serious and persistent threat to critical infrastructure both in the United States and around the world.”
U.S. officials said one of their concerns regarding possible Russian hacking is that in the past, some Russian malware has been poorly controlled, spreading wildly around the world far beyond the intended targets. The 2017 case dubbed NotPetya [washingtonpost.com], which targeted computers in Ukraine but also affected Denmark, India and the United States, is one example.
In a coordinated statement on Thursday, British officials also blamed the hacking on the Russian government.
“Russia’s targeting of critical national infrastructure is calculated and dangerous,” Foreign Secretary Liz Truss said. “We are sending a clear message to the Kremlin by sanctioning those who target people, businesses and infrastructure. We will not tolerate it.”
The Russian Embassy in Washington did not immediately respond to a request for comment on the indictments Thursday.
Russia does not extradite its citizens to the United States, so there is little chance that the four individuals charged will ever be brought to trial. U.S. officials sometimes make such indictments public in the hopes of deterring future, similar attacks.
John Hultquist, vice president of intelligence analysis at the cybersecurity firm Mandiant, said the indictments are an important gambit amid ongoing tensions between Russia and the West, and a “warning shot” for Russian government hackers. “These actions are personal and are meant to signal to anyone working for these programs that they won’t be able to leave Russia anytime soon,” he said.
Much of the hacking activity was previously reported, with U.S. security officials expressing alarm at the degree to which the hackers appeared to be deliberately trying to cause damage to sensitive chemical processes at energy plants that could result in serious harm or danger to people.
The indictment alleges that Gladkikh carried out the hacking as part of his job at the Central Scientific Research Institute of Chemistry and Mechanics in Moscow, launching an extremely dangerous form of malware called Triton, sometimes referred to as “Trisis” or “Hatman.”
Gladkikh allegedly conspired to hack a Saudi Arabian oil refiner’s sulfur recovery systems — which, depending on the severity of the malfunction, could have caused explosions or released toxic gases, officials said. Hackers also compromised computer systems tied to U.S. energy sites, according to the charging papers.
TheKansas indictment names Pavel Akulov, Mikhail Gavrilov and Marat Tyukov as members of the FSB’s Military Unit 71330, sometimes referred to as “Center 16,” where they allegedly carried out the attacks.
In one instance, the hackers were able to breach the business network for the Wolf Creek nuclear power plant outside Burlington, Kan., according to that indictment. The business network is separate from the plant’s operational system. Other U.S.-based victims included the Nuclear Regulatory Commission, Westar Energy and Kansas Electric Power Cooperative.
The Kansas indictment charges the FSB hackers placed malware on more than 17,000 different devices “to establish and maintain surreptitious, unauthorized access ... Such accesses enabled the Russian government to disrupt and damage such systems, if it wished.”
War in Ukraine: What you need to know
The latest: President Biden has landed in Europe for urgent talks starting Thursday with NATO, the Group of Seven and the European Council [washingtonpost.com]. As Russia’s invasion of Ukraine reached the one-month mark, President Zelensky called for a global protest, urging people everywhere to take to the streets and denounce Russian aggression [washingtonpost.com].
The fight: Russia — which has launched more than 1,000 missiles so far — is increasingly relying on “dumb” bombs to wear cities and civilians down [washingtonpost.com]. Russia’s assault on Ukraine has been extensive with strikes and attacks across the entire country [washingtonpost.com], and Russia has been accused of committing war crimes [washingtonpost.com].
The weapons: Ukraine is making use weapons like Javelin antitank missiles [washingtonpost.com] and Switchblade “kamikaze” drones [washingtonpost.com] from the United States and other allies to combat the superior numbers and heavier weaponry of the Russian military.
Oil prices: Sanctions on Russia are helping gas prices hit new highs. Here’s why — and how long the surge could last. [washingtonpost.com]
In Russia: Putin has locked down the flow of information within Russia, where the war isn’t even being called a war [washingtonpost.com]. “Information warriors” from around the world are working to penetrate Putin’s propaganda wall [washingtonpost.com].
How you can help: Here are ways those in the U.S. can help support the Ukrainian people [washingtonpost.com] as well as what people around the world have been donating [washingtonpost.com].
Read our full coverage of the Russia-Ukraine crisis [washingtonpost.com]. Are you on Telegram? Subscribe to our channel [t.me] for updates and exclusive video.
UNDERSTANDING THE RUSSIA-UKRAINE CONFLICTHAND CURATED
- What a Russia-Ukraine peace deal might look like [washingtonpost.com]
Analysis•
March 18, 2022
Analysis•
March 18, 2022
- What to know about the long-range cruise missile Russia says it fired [washingtonpost.com]
News•
March 24, 2022
News•
March 24, 2022
- Here’s where Russian oil flows [washingtonpost.com]
News•
March 8, 2022
News•
March 8, 2022
View 3 more stories