The Justice Department announced Thursday that four Russian nationals working for the Russian government have been previously indicted for two separate incidents of attempted hacking into energy facilities in the U.S. and abroad between 2012 and 2018, targeting hundreds of companies and organizations in some 135 countries.
Justice Department officials said in a press release that one of the campaigns, if successful, would have given Russia the ability to disrupt energy sector computer systems “at a future time of its choosing,” resulting in “potentially catastrophic” damage to critical infrastructure.
A Justice Department official told reporters that these charges were unsealed because “they do a good job of highlighting the kind of thing that we are concerned about in the current environment.”
The official said “they’re very good examples of the dark art of the possible.”
The first incident involved the alleged hacking of a foreign refinery, where an employee of Russia’s state research center had installed malware known as “Triton” in an attempt to overtake the industrial control systems and operational technology.
The second, according to the Justice Department, was a supply chain hack and “spearphishing” campaign by three FSB hackers who were attempting to infiltrate organizations in the international energy sector, including oil and gas firms, nuclear power plants and utility and power transmission companies.
Hackers succeeded in gaining access to computers at Wolf Creek Nuclear Operating Plant in Burlington, Kansas, which operates a nuclear power plant. However, the hacked computers were not connected to the industrial control system itself.
None of the four defendants is in custody, according to Justice Department officials.
