Sunday, November 17, 2024
Homecyber securityTwo Russian Nationals Charged for Cyber Attacks against U.S. Critical Infrastructure

Two Russian Nationals Charged for Cyber Attacks against U.S. Critical Infrastructure

Published on

The United States has designated Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR), for their roles in cyber operations targeting U.S. critical infrastructure.

Pankratova, the group’s leader, and Degtyarenko, a primary hacker, have been implicated in a series of cyber-attacks that severely threaten public safety and national security.

Targeting Critical Infrastructure

Since 2022, CARR has been known for conducting low-impact, unsophisticated DDoS attacks in Ukraine and against entities in countries supporting Ukraine.

- Advertisement - SIEM as a Service

However, the group’s activities escalated in late 2023 when they began targeting industrial control systems of critical infrastructure in the U.S. and Europe.

These attacks included manipulating equipment at water supply, hydroelectric, wastewater, and energy facilities.

One notable incident occurred in January 2024, when CARR claimed responsibility for overflowing water storage tanks in Abernathy and Muleshoe, Texas.

Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo

The group posted videos of their manipulation of human-machine interfaces at these facilities, resulting in the loss of tens of thousands of gallons of water.

Additionally, CARR compromised the SCADA system of a U.S. energy company, gaining control over alarms and pumps.

Despite these breaches, significant damage was avoided due to the group’s lack of technical sophistication.

Profiles of the Accused

Pankratova, also known as “YUliYA” online, is identified as the leader and spokesperson of CARR. She commands and controls the group’s operations, orchestrating various cyber-attacks.

Degtyarenko, known as “Dena” online, is a primary hacker within the group. He was responsible for compromising the SCADA system of a U.S. energy company and has developed training materials on how to breach such systems, potentially intending to distribute them to other malicious actors.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has designated Pankratova and Degtyarenko under Executive Order 13694, as amended.

This designation is for their involvement in cyber-enabled activities outside the United States that pose significant threats to national security, foreign policy, or economic stability.

Sanctions and Implications

As a result of this designation, all property and interests in property of the designated individuals within the U.S. or controlled by U.S. persons are blocked and must be reported to OFAC.

Furthermore, any entities owned 50 percent or more by these individuals are also blocked. U.S. persons are generally prohibited from engaging in transactions involving the property or interests of these designated individuals unless authorized by OFAC.

Financial institutions and other entities engaging in transactions with the sanctioned individuals may expose themselves to sanctions or enforcement actions. The prohibitions include providing or receiving funds, goods, or services to or from the designated persons.

OFAC emphasizes that the goal of sanctions is not punitive but to induce positive behavioral changes. The OFAC website provides detailed information and processes for those seeking removal from the sanctions list.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...