Four Russian officials, including hackers from a government intelligence agency, have been charged with malicious hacking of critical infrastructure around the world, including the energy and aviation sectors in the United States between 2012 and 2018, the US Department of Justice and the UK Foreign Office announced.
Among the thousands of computers targeted in some 135 countries were machines at a nuclear power plant in Kansas – whose business network was compromised – and at a petrochemical plant in Saudi Arabia in 2017 where hackers bypassed security checks, officials said. responsible.
The State Department on Thursday announced rewards of up to $10 million for information leading to the “identification or location” of any of the four defendants.
Although the intrusions date back years, the indictments came to light as the FBI sounded the alarm over efforts by Russian hackers to scan the networks of US energy companies for vulnerabilities that could be exploited during Russia’s war against Ukraine.
The Foreign Office suggested in an announcement on its website that the timing – exposing “the global reach” of the hack by the spy agency that succeeded the KGB – was directly linked to the “unprovoked war”. and illegal in Ukraine” by Russian President Vladimir Putin.
Additionally, several U.S. federal agencies issued a joint advisory on the hacking campaign on Thursday, alerting energy executives to take steps to protect their systems from Russian agents.
“The DOJ is firing warning shots at the people leading Russia’s cyberattack capability,” tweeted threat intelligence analyst John Hultquist of cybersecurity firm Mandiant.
“Russian state-sponsored hackers pose a serious and persistent threat to critical infrastructure in the United States and around the world,” Deputy Attorney General Lisa Monaco said in a statement. “While the criminal charges unveiled today reflect past activity, they clearly demonstrate the urgent and ongoing need for corporate America to strengthen their defenses and remain vigilant.”
None of the four defendants are in custody, although a Justice Department official who briefed reporters said officials thought it best to make the inquest public rather than wait for the “remote possibility” of arrests.
The hackers are accused of installing malware in legitimate software updates on more than 17,000 devices in the United States and other countries. Their supply chain attacks between 2012 and 2014 targeted oil and gas companies, nuclear power plants and electric utility and transmission companies, prosecutors said.