The US unveiled criminal charges against four Russian government officials on Thursday, saying that between 2012 and 2018 they engaged in two major hacking campaigns that targeted the global energy sector and impacted thousands of computers across 135 countries.
In one now-unsealed indictment from June 2021, the Justice Department accused Evgeny Viktorovich Gladkikh, a Russian Ministry of Defense research institute employee, of conspiring with others between May and September 2017 to hack the systems of a foreign refinery and install malware known as “Triton” on a safety system produced by Schneider Electric.
In a second unsealed indictment from August 2021, the Justice Department said three other alleged hackers from Russia’s Federal Security Service carried out cyber attacks on the computer networks of oil and gas firms, nuclear power plants, and utility and power transmission companies across the world.
The three accused Russians in that case are Pavel Aleksandrovich Akulov, 36, Mikhail Mikhailovich Gavrilov, 42, and Marat Valeryevich Tyukov, 39.
The 2017 attack stunned the cybersecurity community when it was made public by researchers later that year because - unlike typical digital intrusions aimed at stealing data or holding it for ransom - it appeared aimed at causing physical damage to the facility itself by disabling its safety system.
An FBI official told reporters on Thursday that these cases underscore the continued threat posed by Russian cyber operations and urged companies to "lock their cyber doors."
Among the victim companies that assisted with the Justice Department's investigation are Wolf Creek Nuclear Operating Corporation and the Kansas Electric Power Cooperative, the department said.