The United States has indicted three Russian intelligence officers for their role in a yearslong, global hacking campaign that targeted some 500 energy companies both in the U.S. and across more than 130 countries, according to the Department of Justice.
According to one indictment, newly unsealed on Thursday, the alleged Russian FSB operatives — Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov — worked for years to hack energy firms in a bid to further Russia’s effort to “maintain surreptitious, unauthorized and persistent access” to energy industry networks.
Their targets spanned at least 500 entities, prosecutors said, and included the U.S. Nuclear Regulatory Commission and a nuclear plant in Kansas, where one official said they allegedly breached the company’s business network but stopped short of gaining access to its control systems.
Though the identities of the alleged FSB operatives have previously been disclosed, the DOJ chose to unseal the indictments as part of a broader effort to warn the public about the scope and severity of Russia’s malign cyberactivity.
DAILY ON ENERGY: RUSSIAN RECONNAISSANCE VERSUS WARFARE
“Russian state-sponsored hackers pose a serious and persistent threat to critical infrastructure both in the United States and around the world,” Deputy Attorney General Lisa Monaco said Thursday.
“Although the criminal charges unsealed today reflect past activity, they make crystal clear the urgent ongoing need for American businesses to harden their defenses and remain vigilant.”
It also comes as the Biden administration is warning with new urgency about the threat of a Russian attack on U.S. critical infrastructure. The FBI issued an advisory last week warning that Russian hackers have scanned at least five energy companies for vulnerabilities and told businesses to “examine current network traffic for these IP addresses and conduct follow-on investigations if observed.”
Puesh Kumar, director of the DOE’s Office of Cybersecurity, Energy Security and Emergency Response, urged the industry this week “to remain vigilant in light of Russia’s invasion of Ukraine.”
Days earlier, Energy Secretary Jennifer Granholm implored energy executives to “prepare to the highest possible level” for a Russian attack.
Asked on Monday whether Russian cyberattacks are already underway in the U.S., White House national security adviser Jake Sullivan sought to distinguish the administration’s view of “preparatory work” — in which hackers breach a system for purposes of intelligence collection, or as a precursor for a future attack — versus the actual “disruptive, destructive type of attack” seen in last year’s ransomware attacks on Colonial Pipeline and JBS foods.
“It’s really the latter thing that we have not yet seen, and which would likely trigger a more robust response from the U.S. and its allies,” Sullivan said.
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
“These charges show the dark art of the possible when it comes to critical infrastructure,” one DOJ official said.
