The ‘hackers’ targeted companies and organizations from about 135 countries, and among the victims was the owner of a nuclear power plant in the state of Kansas, revealed this Thursday the US Department of Justice.
The attacks took place years ago, but these allegations come as the US Department of Justice’s (FBI) police unit has warned of recent efforts by Russian hackers to gain access to the networks of US energy companies. Americans, looking for loopholes that could be exploited during the Russian invasion of Ukraine.
“Russian state-sponsored ‘hackers’ pose a serious and persistent threat to critical infrastructure, both in the United States and around the world,” Deputy Attorney General Lisa Monaco said in a statement.
“While the criminal charges revealed today [Thursday] reflect past activities, they make clear the urgent and ongoing need for US companies to strengthen their defenses and remain vigilant,” he added.
None of the four defendants are in detention, but a Justice Department source explained to journalists that it was decided to make the indictment public, rather than waiting for the “remote possibility” of future arrests.
Among the accused is an employee of a Russian military research institute, who allegedly worked with conspirators to access the systems of a foreign refinery and install ‘malware’ (malicious ‘software’) on that infrastructure’s security systems, causing an emergency shutdown. .
Evgeny Viktorovich Gladkikh also tried to break into the networks of an unnamed US company, according to an indictment filed in June 2021 and released this Thursday.
The other three accused are alleged ‘hackers’ of the Russian security services (FSB, the successor agency to the KGB) and the indictment states that they belong to a unit of ‘hackers’ known to cybersecurity researchers as Dragonfly.
Russian ‘hackers’ are accused of installing ‘malware’ via legitimate ‘software’ updates on over 17,000 devices in the US and other countries.
Attacks on supply chains have hit oil and gas companies, nuclear plants and utilities and power transmission companies, the indictment highlights.
A second phase of the attack involved ‘phishing’ actions against more than 500 US and international companies, as well as US government agencies, including the nuclear regulatory commission.
These ‘hackers’ also successfully compromised the Wolf Creek Nuclear Operating Corporation’s business network in Burlington, Kansas, which manages a nuclear power plant.