Russian Government Employees Charged in Hacking Campaign Targeting Energy Sector

Two separate indictments were unsealed charging four Russian government employees with attempting, supporting and conducting computer intrusions that targeted global energy sector between 2012 and 2018. The hacking campaigns targeted thousands of computers, at hundreds of companies and organizations in 135 countries according to the Department of Justice.

  • A June 2021 indictment returned in the District of Columbia, United States v. Evgeny Viktorovich Gladkikh, concerns the alleged efforts of an employee of a Russian Ministry of Defense research institute and his co-conspirators to damage critical infrastructure outside the United States, thereby causing two separate emergency shutdowns at a foreign targeted facility. The conspiracy subsequently attempted to hack the computers of a U.S. company that managed similar critical infrastructure entities in the United States.
  • An August 2021 indictment returned in the District of Kansas, United States v. Pavel Aleksandrovich Akulov, et al., details allegations about a separate, two-phased campaign undertaken by three officers of Russia’s Federal Security Service (FSB) and their co-conspirators to target and compromise the computers of hundreds of entities related to the energy sector worldwide. Access to such systems would have provided the Russian government the ability to, among other things, disrupt and damage such computer systems at a future time of its choosing.

The indictment alleges that Gladkikh carried out the hacking while being employed at the Central Scientific Research Institute of Chemistry and Mechanics in Moscow, launching an extremely dangerous form of malware called Triton, sometimes referred to as “Trisis” or “Hatman.” Additionally, Gladkikh allegedly plotted to hack a Saudi oil refiner’s sulfur recovery system which, according to officials, could have caused explosions or unleaded toxic fumes.

The Kansas indictment names Pavel Akulov, Mikhail Gavrilov and Marat Tyukov as members of the FSB’s Military Unit 71330, sometimes referred to as “Center 16,” where they allegedly carried out the attacks. The indictment details allegations about a two-phase campaign by three Russian intelligence officers to compromise the computers of hundreds of entities in the energy sector worldwide. Access to such systems would have provided the Russian government with the ability to disrupt and damage computer systems at a time of its choosing, prosecutors said. The three officers were members of Russia’s Federal Security Service, known as the FSB, court records say.

All four in the indictment are suspected of being in Russia at this time.

Contact ITMG to Develop Strategies and Protocols Designed to Help Your Company Mitigate Your Insider Risk

ITMG is an industry leader in helping organizations throughout the United States strengthen their insider risk management programs and secure sensitive data and intellectual property. Our team of bona fide experts has the real-world experience necessary to plan out and create holistic security solutions tailored to the needs and risks in your industry. Contact ITMG today to learn more about how we can help! You can also visit our Facebook, Twitter, and LinkedIn pages for more updates and insights into the world of insider risk management.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading