Russian spies indicted in worldwide hacks of energy industry, including Kansas nuclear plant
Three Russian spies spent five years targeting energy infrastructure in 135 countries in an effort to enable the Russian government to gain remote control of power plants, the U.S. Department of Justice alleged in an indictment unsealed on Thursday.
From 2012 to 2014, according to the indictment unsealed in a district court in Kansas, the three FSB officers — Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov — worked to hide malware in software updates used by systems that control the equipment in power plants. That tactic and others let the accused install malware on 17,000 devices around the world. The attacks had been previously disclosed in 2018.
From 2014 to 2017, Akulov, Gavrilov and Tyukov are accused of using spearphishing and other tactics to home in on more than 3,300 specific people working in the energy industry. Their targets worked at more than 500 different entities, including the U.S. Nuclear Regulatory Commission, according to the indictment. In one instance, they are alleged to have compromised the business network of Wolf Creek Nuclear Operating Corp. in Kansas, which runs a nuclear power plant, though a Justice Department official ,who was granted anonymity as a condition of letting reporters join a press conference, said Thursday that the control systems network was not accessed.