U.S. Law Enforcement Charges Russian Nationals In Global Energy Hacking Scheme

The Department of Justice unsealed charges brought against four Russian nationals who are accused of working for the Russian government while simultaneously attempting to hack into the online infrastructure of the global energy sector.

In two indictments, the defendants are accused of hacking thousands of computers across hundreds of companies and firms in 135 individual countries participating within the energy industry.

“Russian state-sponsored hackers pose a serious and persistent threat to critical infrastructure both in the United States and around the world,” said Deputy Attorney General Lisa O. Monaco. “Although the criminal charges unsealed today reflect past activity, they make crystal clear the urgent ongoing need for American businesses to harden their defenses and remain vigilant.”

The prosecutors allege that three officers of Russia’s Federal Security Service and other co-conspirators targeted software systems in the global energy sector to give the Russian government the ability to compromise the overall industry.

One indictment alleges that Pavel Aleksandrovich Akulov, 36, Mikhail Mikhailovich Gavrilov, 42, and Marat Valeryevich Tyukov, 39, of engaging in a two-part hacking attempt to further the Russian state agenda, targeting international oil and gas companies between 2012 and 2017. They allegedly targeted hardware and software devices that control power generation equipment. 

The hacking infected legitimate software updates with malware to provide a “backdoor” entrance for hackers to access infected networks. 

The second phase involved targeting individuals and engineers with spearphishing attacks—some of which were successful—and infecting sites commonly visited by energy sector engineers with malware.

The defendants are charged with conspiracy to cause damage to the property of an energy facility and commit computer fraud and abuse, and conspiracy to commit wire fraud. Akulov and Gavrilov are also charged with multiple counts of wire fraud and illegally obtaining information stored on computer networks. Akulov and Gavrilov also face three counts of aggravated identity theft.

In the second indictment, Evgeny Viktorovich Gladkikh, 36, is accused of orchestrating similar malware attacks on an oil refinery safety system created by Schneider Electric. Gladkikh is charged with one count of conspiracy to cause damage to an energy facility, one count of attempt to cause damage to an energy facility, and one count of conspiracy to commit computer fraud, which carries a maximum sentence of five years in prison.

“The potential of cyberattacks to disrupt, if not paralyze, the delivery of critical energy services to hospitals, homes, businesses and other locations essential to sustaining our communities is a reality in today’s world,” said U.S. Attorney Duston Slinkard for the District of Kansas. “We must acknowledge there are individuals actively seeking to wreak havoc on our nation’s vital infrastructure system, and we must remain vigilant in our effort to thwart such attacks.”

These charges come as Russia’s military invasion of Ukraine continues and threatens U.S. national security along with that of other countries belonging to the North Atlantic Treaty Organization. 

Several lawmakers have introduced new legislation into Congress as the White House warns private and public sector firms of potential cyber attacks related to Russia. 

“The FBI, along with our federal and international partners, is laser-focused on countering the significant cyber threat Russia poses to our critical infrastructure,” said FBI Deputy Director Paul Abbate.