Four Russian agents charged in two separate hacking campaigns targeting global critical infrastructure. According to the FBI, the Department of Justice “unsealed two indictments today charging four defendants, all Russian nationals who worked for the Russian government, with attempting, supporting, and conducting cyber intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018. In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.”
Critical infrastructure is a term used by government entities to describe assets that are essential for the functioning of a society and economy. While such assets are different for each country, most commonly associated with the term are facilities for:
- Shelter; Heating (e.g. natural gas, fuel oil, district heating);
- Agriculture, food production and distribution;
- Water supply (drinking water, waste water/sewage, stemming of surface water (e.g. dikes and sluices));
- Public health (hospitals, ambulances);
- Transportation systems (fuel supply, railway network, airports, harbours, inland shipping);
- Security services (police, military).
- Electricity generation, transmission and distribution; (e.g. natural gas, fuel oil, coal, nuclear power)
- Renewable energy, which are naturally replenished on a human timescale, such as sunlight, wind, rain, tides, waves, and geothermal heat.
- Telecommunication; coordination for successful operations
- Economic sector; Goods and services and financial services (banking, clearing);
In the USA, the Patriot Act of 2001 defined critical infrastructure as those “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.” In 2014 the NIST Cybersecurity Framework was published, and quickly became a popular set of guidelines, despite the significant costs of full compliance.
A June 2021 indictment in the District of Columbia, United States v. Evgeny Viktorovich Gladkikh, concerns the alleged efforts of an employee of a Russian Ministry of Defense research institute and his co-conspirators to damage another country’s critical infrastructure, thereby causing two separate emergency shutdowns at the targeted facility. The conspiracy subsequently attempted to hack the computers of a U.S. company that managed similar critical infrastructure entities in the United States.
Similarly, an August 2021 indictment from the District of Kansas, United States v. Pavel Aleksandrovich Akulov, et al., details allegations about a two-phased campaign undertaken by three officers of Russia’s Federal Security Service (FSB) and their co-conspirators to target and compromise the computers of hundreds of energy sector-related companies and entities worldwide. Access to such systems would have provided the Russian government the ability to, among other things, disrupt and damage such computer systems at a future date of its choosing.
Content created by Conservative Daily News and some content syndicated through CDN is available for re-publication without charge under the Creative Commons license. Visit our syndication page for details and requirements.