{"id":4574,"date":"2024-07-22T12:06:02","date_gmt":"2024-07-22T17:06:02","guid":{"rendered":"https:\/\/www.darkreading.com\/ics-ot-security\/russian-hacktivists-sanctioned-attacks-us-critical-infrastructure"},"modified":"2024-07-22T12:06:02","modified_gmt":"2024-07-22T17:06:02","slug":"russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/07\/22\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks\/","title":{"rendered":"Russian Hacktivists Sanctioned for US Critical Infrastructure Attacks"},"content":{"rendered":"<div class=\"media_block\"><a href=\"https:\/\/i0.wp.com\/eu-images.contentstack.com\/v3\/assets\/blt6d90778a997de1cd\/blt6ad757766f7d315f\/669e8c131d74bacdf7e2cf3e\/USTreasury_wendy_connett_alamy.jpg?ssl=1\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks.jpg?w=640&#038;ssl=1\" class=\"media_thumbnail\"><\/a><\/div>\n<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks.jpg?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Two members of <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/killnet-wants-to-consolidate-russian-hacktivist-groups\" rel=\"noopener\">Cyber Army Russia Reborn (CARR)<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">, a Russian hacktivist group, have been sanctioned by the US Department of Treasury for their involvement in cyberattacks against <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/cybersecurity-operations\/dhs-releases-unpublished-circia-document-proposing-new-rule\" rel=\"noopener\">US critical infrastructure<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Yuliya Vladimirovna Pankratova, also known as YUliYA, is the leader of the group, controls the group&#8217;s operations, and acts as its spokesperson. Denis Olegovich Degtyarenko is the primary hacker of the gang, which began its campaign against Ukraine and its supporters in 2022.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">CARR was able to interfere with human-machine interfaces at water facilities in both the US and Poland, as well as disrupt operations at a facility in France. The group&#8217;s ability to compromise the industrial control systems (ICSes) that <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/ics-ot-security\/new-us-warning-highlights-vulnerability-of-us-water-systems-to-cyberattacks\" rel=\"noopener\">control water storage tanks<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> in Texas also led to a loss of tens of thousands of gallons of water, according to the US Treasury.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&#8220;Additionally, CARR compromised the supervisory control and data acquisition (SCADA) system of a US energy company, giving them control over the alarms and pumps for tanks in that system,&#8221; <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/home.treasury.gov\/news\/press-releases\/jy2473\" rel=\"noopener\">the US Treasury press release stated<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">. &#8220;In early May 2024, Degtyarenko developed training materials on how to compromise SCADA systems and was possibly looking to distribute the materials to external groups.&#8221;<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Though the hacktivists managed to gain control of the operational technology (OT) side of things, there&#8217;s been no major damage to victims due to the group&#8217;s &#8220;lack of technical sophistication,&#8221; according to the feds.<\/span><\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/ics-ot-security\/russian-hacktivists-sanctioned-attacks-us-critical-infrastructure\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Two members of Cyber Army Russia Reborn (CARR), a Russian<\/p>\n","protected":false},"author":12,"featured_media":4575,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-4574","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?fit=2560%2C1394&ssl=1",2560,1394,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?fit=300%2C163&ssl=1",300,163,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?fit=640%2C348&ssl=1",640,348,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?fit=640%2C349&ssl=1",640,349,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?fit=1536%2C836&ssl=1",1536,836,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?fit=2048%2C1115&ssl=1",2048,1115,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?fit=1024%2C558&ssl=1",1024,558,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/russian-hacktivists-sanctioned-for-us-critical-infrastructure-attacks-scaled.jpg?fit=2560%2C1394&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4574","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=4574"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4574\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/4575"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=4574"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=4574"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=4574"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}