Late last week, unsealed indictments from the FBI confirmed what many experts had already predicted – American infrastructure is in immediate danger. The indictments show that four Russian government employees had been charged for their role in what was called two “Historical Hacking Campaigns” that targeted critical infrastructure worldwide.
Additionally, the indictments show that the defendant’s efforts included separate campaigns that targeted both software and hardware for infrastructure-related operational technology systems, and that the 4 men specifically were involved in an operation that was, “attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018.”
These indictments are not much of a shock to anyone paying attention to the ongoing global cyberwar, but certain details of the indictment were certainly eyebrow-raising.
For starters, in light of the recent enhanced cooperation agreement between America’s 2 greatest geopolitical foes, Russia and China, the fact that the indictment reveals that Russia had penetrated Chinese infrastructure should be enough to at least begin to call into question Beijing’s support of the Kremlin, as Putin’s Russia sought to set forth attacks on what seems to be every major global power.
The question of whether China can even trust Russia in light of what can be called at the very least a “startling revelation” is something that at the very least should be considered as the increasingly unhinged Putin continues to make strategic miscalculations while the Russian body count as a result of this war continues to be grossly understated, according to reports.
Recommended
Additionally, with the apparent effects of what is perhaps the most seriously devastating set of economic sanctions to ever be placed on Russia, their seriously weakened economy should serve notice to an obviously more economically strong China, that at the very least, an international rebuke of the “Red Dragon” should at least be something to seriously think about.
Not to mention that by supporting Russia during perhaps the most unpopular invasion since the United States invaded Iraq under questionable circumstances, the Chinese government, which boasts the world’s largest economy and arguably the planet’s largest Navy, doesn’t exactly have a need to pick a fight with the rest of the free world over Vladimir Putin’s feverish obsession to retake Ukraine for reasons seemingly related to his belief in the historical significance of the sovereign nation to the Russian Dictator’s beloved “Mother Russia.”
A deeper dive into the new indictments also reveals Russian-based attacks against both European Union (EU) and NATO countries, as American allies the United Kingdom and Ireland were also named as victims of Russian cybercrime, as was Saudi Arabia. The first indictment, The United States v. Evgeny Viktorovich Gladkikh, sees the defendant accused of installing backdoors in an effort to launch Triton malware, a strain of malicious code designed to compromise the safety of energy facilities by compromising the industrial control systems (ICS) of an energy refinery and causing it to begin to operate in an unsafe manner while appearing to be operating correctly. The indictment stated that this was in an effort to grant “the defendant and his co-conspirators the ability to cause damage to the refinery, injury to anyone nearby, and economic harm.”
The 2nd indictment was also related to the manipulation of ICS or Supervisory Control and Data Acquisition (SCADA) systems. This one, against Russian hackers Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov, targeted members of the Federal Security Service’s (FSB) Center 16, an operational unit known within the hacking community by names including “Dragonfly,” “Berzerk Bear,” “Energetic Bear,” and “Crouching Yeti.” The indictment claims that between 2012 and 2017, the three Russians, along with unnamed conspirators, initiated supply chain attacks in an effort to further the Russian government’s efforts to “maintain surreptitious, unauthorized and persistent access to the computer networks of companies and organizations in the international energy sector, including oil and gas firms, nuclear power plants, and utility and power transmission companies.”
These kinds of attacks would be separate from the ones that most Americans are more familiar with, the historic 2021 Colonial Pipeline and JBS Foods attacks that targeted the east coast of the US’s oil supply and the country’s food supply chains, respectively.
The latter attacks were achieved by state-sponsored Advanced Persistent Threat (APT) gangs that were affiliated with the Kremlin and used ransomware to demand millions from the victims. These attacks continue on a regular basis but were seeking to cause a temporary halt to operations, versus the widespread destruction that would be caused by attacks targeting SCADA or ICS systems.
With no immediate end to the Ukraine crisis in sight, a menacing Russia will seemingly continue to initiate attacks against the global community. With Biden’s latest commentary to the effect that Putin “cannot remain in power,” the United States, as well as the western nations in general, should be bracing for 2022 to see perhaps the most devasting cyber-attacks in human history.
Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by numerous websites and he is regularly seen on National and International news programming.