THE US FEDERAL Bureau of Investigation (FBI) has issued arrest warrants for three alleged Russian Government hackers who they say hacked Irish cyber systems along with those in a host of other countries.
The FBI issued a wanted poster for three men, who they allege work for the FSB, the Russian Federal Security Service which is the agency that replaced the KGB following the fall of the USSR. Earlier today a wanted notice was issued for a fourth man.
The organisations they’re accused of hacking include “global oil and gas firms, utility and electrical grid companies, nuclear power plants, renewable energy companies, consulting and engineering groups, and advanced technology firms”.
In a wanted poster, issued last night, the FBI claimed that the men were members of a Russian state hacking team tasked with targeting countries across the globe between 2012 and 2018.
The FBI said they have been indicted by a grand jury in Kansas in August of last year “for their alleged involvement in computer intrusion, wire fraud, and aggravated identity theft offences”.
“These officers were members of Centre 16, an FSB component also known as Military Unit 71330, and were part of a team within Centre 16 known by cybersecurity researchers as Dragonfly, Energetic Bear, and Crouching Yeti.
“As alleged in the indictment, the three FSB officers, Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov, knowingly and intentionally conspired with each other, and with persons known and unknown, to obtain and maintain unauthorised persistent access (“hacking”) to victim computer networks belonging to companies and other entities in the global energy sector, including their power generation facilities, thereby enabling the Russian government to disrupt and damage such systems, if it wished,” the wanted poster states.
The FBI indictment alleges that the Russian team targeted hundreds of American and international energy sector companies.
They are also alleged to have targeted Ireland along with 135 other countries and 380 companies worldwide.
In a statement issued by the British Foreign Office last night, the UK’s National Cyber Security Centre claimed that the hackers almost certainly targeted a nuclear plant in the US.
“The National Cyber Security Centre (NCSC) assess it is almost certain that the FSB’s Centre 16 are also known by their hacker group pseudonyms of ‘Energetic Bear’, ‘Berserk Bear’ and ‘Crouching Yeti’, and conducted a malign programme of cyber activity, targeting critical IT systems and national infrastructure in Europe, the Americas and Asia.”
The British statement, which did not name the three men identified by the FBI, alleged they had attempted to target the systems controlling the Wolf Creek nuclear power plant in Kansas, US in 2017.
Earlier this month the Oireachtas Foreign Affairs and Defence Committee heard from Minister Simon Coveney, who said the Irish Government was taking precautions against potential cyber attacks.
His appearance came amid the backdrop of the ongoing war in Ukraine, with Ireland poised to potentially take in tens of thousands of refugees from the war-torn country.
Cyber attacks can paralyse public and private systems, causing widespread disruption to services. In April of 2017, Eirgrid suffered a cyber attack when hackers targeted the energy provider with malware. The US or British authorities have not officially linked the Eirgrid attack to the FSB Centre 16 hackers.
Russian hackers are chief suspects for the attack on the HSE’s computer systems last year – though this fell outside the timeframe contained in the FBI indictment.
Gardaí have said they have been investigating the hack and have identified the addresses of computers involved in the incident.
A spokesperson for the Irish National Cyber Security Centre (NCSC) said they were aware of the US charges.
“The Government is aware of the charges being brought in US courts against four Russian government employees in relation to malicious cyber activity, targeting a range of critical energy infrastructure across 135 countries, including Ireland, between 2012 and 2018.
“We will continue to engage with the United States, our fellow EU Member States and other international partners on the next steps in relation to this case,” he said.
A statement has been requested from An Garda Síochána.
A spokesperson for the Russian Embassy in Ireland said the statements by the FBI and the UK Government about alleged state-backed hacking did “not deserve any serious commentary”.
“No amount of stories concocted by the FBI and their UK brethren can alter the basic reality – Russia is and has always been in favour of enhancing international cybersecurity and fighting against cybercrime.”
To embed this post, copy the code below on your site
have your say