US Justice Dept accuses Russian hackers of intruding into energy industry systemstext_fields
Washington: If everything Russian has a Ukraine connection these days, this one probably didn't originate there, but may extend to it too.
In a story of cyber attacks pre-dating Russia's Ukraine invasion, four Russian officials have been accused of a malicious intrusion into computers in the United States, and also around the globe, mainly in the energy industry between 2012 and 201.
The hacking, according to the report, is alleged to have involved the role of a Russian government intelligence agency too. The revelation, as reported by Associated Press and carried by several western news media, was made by the US Justice Department on Thursday, in unsealing a pair of indictments.
The hacking attack was so widespread that companies and organisations in about 135 countries were targeted. Officials said that the victims included the owner of a nuclear power plant in Kansas and his business network was compromised.
Though it happened several years ago, the indictments were unsealed as the FBI has raised fresh alarms about efforts by Russian hackers to scan the networks of US energy firms for vulnerabilities that could be exploited during Russia's war against Ukraine. Multiple federal agencies on March 24, 2022, published a joint advisory on the hacking campaign, alerting energy executives to take defensive steps in their systems against Russian operatives.
"Russian state-sponsored hackers pose a serious and persistent threat to critical infrastructure both in the United States and around the world," Deputy Attorney General Lisa Monaco said in a statement. "Although the criminal charges unsealed today reflect past activity, they make crystal clear the urgent ongoing need for American businesses to harden their defenses and remain vigilant," the AP report quoted.
The accused Russian officials have not been taken into custody, though a Justice Department official who briefed reporters on the cases said the department determined that it was better to make the investigation public rather than wait for the "distant possibility" of arrests. The State Department on Thursday announced rewards of up to $10 million for information leading to the "identification or location" of any of the four defendants.
A malware, detected to have been used in the operation was designed with a goal of inflicting physical damage by disabling a safety shutdown function that would normally stop a refinery from "catastrophic failure," a Justice Department official said.
Another attack was found to have targeted an unidentified US company operating several oil refineries.
The hackers are accused of installing malware into legitimate software updates on more than 17,000 devices in the US and other countries. The goal, according to the indictment, was to "establish and maintain surreptitious unauthorized access to networks, computers, and devices of companies and other entities in the energy sector." That access would enable the Russian government to alter and damage systems if it wanted to, the indictment said.
A second phase of the attack, officials said, involved spear-phishing attacks targeting more than 500 US and international companies, as well as US government agencies including the Nuclear Regulatory Commission, the AP report said.