U.S. Accuses 4 Russians of Hacking Infrastructure, Including Nuclear Plant

Four Russian officials are accused by the Justice Department of carrying out cyberattacks against critical infrastructure in the United States, including a nuclear power plant in Kansas.

The Biden administration of Russia's ability to conduct such operations was highlighted in the announcement. President Biden told businesses that Moscow could retaliate against countries that have opposed the Russian invasion of Ukraine.

The criminal charges made clear the urgent need for American businesses to strengthen their defenses and remain vigilant.

The four officials, including three members of Russia's domestic intelligence agency, the F.S.B., are accused of breaching hundreds of energy companies around the world.

The indictments show that Russia was to blame for the intrusions. The Russian officials accused of the attacks have not been found.

Mr. Biden told private companies to strengthen their defenses. Companies should report any unusual activity to the F.B.I. and other agencies that can respond to potential breeches, according to national security experts.

The indictment states that a computer programmer for the Russian Ministry of Defense used a type of software to steal information from a foreign plant. The location of the plant was not identified in the indictment, but the details of the attack suggest it was in Saudi Arabia.

At the time, investigators believed that the intrusion was meant to cause an explosion, but a mistake in the code prevented one. Researchers discovered the code after the safety system detected the code.

The next year, Mr. Gladkikh and other hackers tried to hack into the computers of an American company that managed similar critical infrastructure facilities in the United States.

A maximum sentence of five years in prison is possible for Mr. Gladkikh, who was charged with one count of conspiracy to cause damage to an energy facility, one count of attempt to cause damage to an energy facility, and one count of conspiracy to commit computer fraud.

The software that was used to attack the Saudi Arabian power plant is used by many power plants around the world, which is why it is considered to be particularly dangerous. Russia was able to destroy critical infrastructure and cause a cyberattack that could have deadly consequences when it used it.

It was a new leap in what was possible and it was different than what we'd seen before.

Three Federal Security Service officers were accused of trying to compromise the computer systems of hundreds of energy.

The three men are all believed to be members of a unit in the security agency that carries out cybercrimes, and are known by various names.

The group has a decade of experience going after critical infrastructure in the U.S.

The three men are accused of hacking Wolf Creek Nuclear Operating Corporation, which runs a nuclear power plant near Burlington, Kan., as well as other businesses that operate critical infrastructure, such as oil and gas firms and utility companies.

The indictment said that the three men gained unauthorized access to the computer systems of oil and gas, energy, nuclear power plant and utilities companies.

The Russian government was able to disrupt and damage computer systems because they targeted the software and hardware that controls equipment in power generation facilities.

spearphishing attacks that targeted more than 3,300 users of more than 500 American and international companies were used to gain access to computer networks. They were successful in targeting the Nuclear Regulatory Commission.

Three Russian security agents were charged with conspiracy to cause damage to the property of an energy facility, and commit computer fraud and abuse, and they were also charged with conspiracy to commit wire fraud. The two men were charged with identity theft.

Russian hacking groups often study critical infrastructure, compromising it and then hiding in computer systems for months or years without taking action.

The process of gaining access but not necessarily pulling the Trigger is what it is. He said that it was the preparation for contingency.