What are the allegations?
The accused are alleged to have installed backdoors and launched malicious software designed to compromise the safety of energy facilities.
The accused are alleged to have installed backdoors and launched malicious software designed to compromise the safety of energy facilities. Two separate groups are accused.
According to the indictment, between May and September 2017, one group is accused of hacking the systems of a petro-chemical plant in Saudi Arabia and installing malware, which cyber security researchers have referred to as “Triton” or “Trisis” on a safety system produced by Schneider Electric. This caused a fault that led the refinery’s electric safety systems to initiate two automatic emergency shutdowns of the refinery’s operation in Saudi Arabia. Between February and July 2018, the conspirators are said to have researched similar refineries in the US and unsuccessfully attempted to hack the company’s computer systems. The accused in this case is said to be an employee of the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics.
The UK said the malicious software was designed specifically to target the plant’s safety override for the Industrial Control System which ran its operations.
“The malware was designed to give the actors complete control of infected systems and had the capability to cause significant impact, possibly including the release of toxic gas or an explosion – either of which could have resulted in loss of life and physical damage to the facility,” the UK Foreign Office said in a statement.
Serious consequences of hacker attacks
- In 2015 Ukraine’s electricity grid was disrupted by a cyber-attack called BlackEnergy, which caused a short-term blackout for 80,000 customers of a utility company in western Ukraine.
- The WannaCry “worm” (a kind of virus) scrambled data on approximately 300,000 computers in 150 countries. The UK’s National Health Service was forced to cancel large numbers of medical appointments.
- NotPetya is thought to be the most costly cyber-attack in history and has been blamed on a group of Russian military hackers by the US, UK and EU authorities. The destructive software was hidden in an update of popular accounting software used in Ukraine, but spread worldwide destroying the computer systems of thousands of companies and causing approximately $10bn (£7.5bn) of damage.
- In May 2021, a state of emergency was declared in a number of US states after hackers caused a vital oil pipeline to shut down. Colonial Pipeline carries 45% of the east coast’s supply of diesel, petrol and jet fuel and the supply led to panic at the pumps. The pipeline company admitted to paying criminals $4.4m in hard-to-trace Bitcoin, in order to get computer systems back up and running
Here’s a video on what ransomware is and how does it work.
Reference:
- https://www.bbc.com/news/world-us-canada-60869580
- https://www.bbc.com/news/technology-60841924
- https://www.youtube.com/watch?v=Vkjekr6jacg
Very Interesting blog. Being able to access a country’s control systems through malicious software can be super threatening. The video got me very engaged I ended up learning more about ransomewares.
Interesting post. I’m shocked by the fact that Russians were able to gain access to a campaign on energy sector. It seems like launching malicious software is getting more and more common everyday. It’s also scary to know that this malware gives the Russians the ability to cause an explosion which will harm innocent people.
It’s crazy to see how large industries (both public and private) are effected in many different countries. It makes me think that ransomeware is such a large issue that it should be of national concern and that the government should be heavily involved in prevention. I can only imagine how devastating it would be for a blackout to occur or having one’s health systems be scrambled and losing appointments.I appreciate the included video as well, it was a nice touch to the post.
This is a fascinating piece of writing. It astounds me that Russians were able to gain access to a campaign aimed at the energy sector. Malicious software deployment looks to be becoming more widespread every day. It’s also frightening to consider that the Russians may use this malware to cause an explosion that would harm innocent people.
Typical Russia. With these attacks becoming more frequent and dangerous (creating scenarios that could harm human life), these kinds of cyberattacks will inevitably gain more attention from policymakers. However, it is interesting how these kinds of attacks have yet to become a top national security concern. In America’s case, this is the only threat that is able to reach the American mainland and cause considerable damage to critical infrastructure.
Cyberattacks seem to be the new kind of warfare, being able to do more damage than traditional attacks (think explosions and bombings). It is unfortunate that many of these hacks affect ordinary and average people just trying to live their lives.
Great post! Yet another example of cyber-warfare in my opinion. Cyber attacks are intentionally malicious attempts to undermine the safety and security of another country or organization’s information systems. However, many cyber-attacks are increasingly the result of personal and political agendas of those perpetrating them. Russia specifically, has found itself in hot-water many times in recent years for multiple cyber-attacks against Ukraine, the United States and other countries. Clearly, cyber attacks are becoming the preferred mode of attack for many countries, as they effectively circumvent the bloodshed on a battlefield. However, cyberattacks are clearly not less destructive. If anything, they can inflict the same, if not more, universal damage and destruction.
Hi, it was interesting to read about your article, as well as the video you have provided us. With cyberattack being so overused in the war today, it is really scary how what they can do to us and the goverment. With governments systems getting hacked like for example, terrorists getting nuclear weapons in their hand, I don’t want to imagine what will happen next. The cyberattacks are getting developed and scarier each day.
Interesting Post! with the recent increase in cyber attacks it’s really concerning to see that it’s that easy to access country’s data and is threatening because it includes every person’s personal and confidential information and if it ever came out it would cause huge problems for the country as well as people and can be misused in million ways and I wish there’s more secure ways to keep this information confidential and not allowed to be exposed in anyway
This is a fascinating article! Many cyber-attacks are increasingly the consequence of the committers’ personal and diplomatic intentions. It is shocking to see that Russians were able to acquire access to an energy-related campaign. Many countries are adopting cyber strikes as their preferred means of warfare since they successfully avoid bloodshed in a physical war.
With the potential scope of cyber attacks, and their many consequences, I do wonder about future international responses. I’ve read multiple stories now about the US charging foreign hackers with crimes (and threatening lots of jailtime for it), but I wonder how long it will be before some kind of standardized response is made. The worst thing about these attacks, in my opinion, is the consistent suspicions of government involvement or support, placing a lot of mistrust on foreign entities. While this mistrust may be well founded in certain scenarios, it does speak to the danger of cyberattacks when it comes to international relations. Never before has it seemed easier to cause tension between nations than to orchestrate cyberattacks and wait for blame to be cast around, which I don’t feel like is very healthy.
Obviously this isn’t to ignore the more concrete consequences cyberattacks can have. As everything becomes more automated, these kinds of vulnerabilities will become more prevalent; I don’t think we’re in the golden age of cyberattacks yet. It seems that with automation, security has lagged behind somewhat, and until that’s resolved the potential consequences will remain dire.
The quantity of massive cyberattacks is increasing day by day and we are not talking about cyberattack which can paralyze a company, we are talking about cyberattack which can affect whole countries. It’s so scary to imagine that some hackers can just mess with the computers in a plant and potentially explode it, causing humongous amount of damage to human life and property.
I believe governments get a bit lazy when it comes to defending against cyber attacks, especially developing governments as they just do not have enough resources to space.
This is an interesting post. The video was very helpful in showing the ropes and background information on ransomware attacks. Clearly, cyberwarfare is entering a new phase and getting extremely aggressive as time moves on. It is no longer just social media hacking, rather it is targeting the economic backbone of countries in hopes of immobilizing them at their weakest point. I think this was a very informative post and I learned a great deal of information from this post. Overall, good job!
Good post! Ransomware attacks are some of the most debilitating in my opinion expecially for companies that provide services. These types of attacks can essentially immobilize entire cities and possibly even countries. It seems that the attack in Saudi Arabia could have been prepatory for the ones in Ukraine. Causing an explosion at a power plant could devastate large regions and it does not surprise me that Russia would employ these types of methods.
I wonder if these hackers would get the same treatment as those from the REvil gang where Russia arrested them at the US’ request, although maybe not now maybe in the foreseeable future where Russia wants to negotiate on Ukraine, arresting these guys could be a sort of diplomatic leverage similar to extradition bills. Also I would think that the systems for oil refineries would be more strict if those systems could control the release of toxic gas or cause an explosion, it seems like there is a lack of cybersecurity on these rigs as well and if not address someone with malicious intent could cause a loss of life, money or both. In addition I also like how you included a video on ransomware just in case anyone reading was not familiar with the concept.
What I just read was very concerning. Russia has been widely involved in such attacks and their continuation of it should raise much concern. What really horrifies me the most is that this is not just some random group of hackers, but rather another nation-state. Attacking such facilities is a clear attempt at being intimidating and coercing foreign governments even. But at the end of the day, regular people get affected when the targets are electricity grids or the health institutions of other countries.
Even my home country has been a victim of such attacks. Back in 2016, Bangladesh bank, the national bank of Bangladesh, had been hacked and where the hackers stole 81 million dollars. It is speculated that this was conducted by North Korea. Cyberwarfare is really terrifying and I hope to see better measures in the future to hold countries accountable for their actions.
Interesting post! Just out of curiosity, did any of the articles or reading on this topic indicate how the US is planning on actually enforcing their charges against the Russian foreign Nationals? It’s one thing to charge them, but oftentimes its a whole other issue to actually successfully go after them and enforce judgments against them.
Very interesting post! We got to read quite a lot about Russian Cyber Attacks (or attacks considered to be affiliated with the Russian Government), so it is really interesting to read about the consequences of these actions.
Furthermore, I would really love to read more about attacks against Russians, how western countries are fighting back against these Russian attacks. But since we are living in a western country I think they will not report as much about those.
Russian state-sponsored hackers pose a serious and persistent threat to critical infrastructure both in the United States and around the world. They actually carry out disruptive attacks, just burrow into sensitive critical infrastructure for some future contingency.
Great article! Honestly I’m not surprised that Russia is attempting so many cyber attacks, as these kind of attacks have a very high risk/reward payoff. There is very little physical risk to the Russian actors as it is unlikely that the Russian government would extradite any of its citizens if they were to be charged, but there can be very real physical consequences for the victims, as the article demonstrates.
Good Post! You make a good point about how scary and damaging these types of cyberattacks can be. While a large portion of the damage these attacks have caused has been financial in nature, one thing that stood out to me regarding the Saudi Arabian refinery attack was that an explosion or toxic gas release could have occurred as a result of the attack (it may have even been the attacker’s intention). This is a rather terrifying scenario, the release of toxic gas into the atmosphere or an explosion could have a devastating effect and could result in a large loss of life. This highlights the critical importance of cyber-seurity regarding these types of refineries
Interesting post! The cyber warfare continues. I wonder whether these Russian hackers are related to the Russian government. It wouldn’t surprise me if there are teams of elite hackers who are being paid by the military powers of the world to attempt to disrupt their enemies or gather intelligence. This particular attack is much more vicious aiming at safety mechanisms and I hope that this isn’t a trend in the future.
Hackers gaining control of systems where they could release toxic gas or cause an explosion is quite a concern with how dangerous of an effect that could have. Having a title of most costly cyberattack in history is also quite a statement with NotPetya and the damages it caused all around the world it seems. I also find it interesting that the pipeline ended up paying the criminals $4.4m to get the computer systems back up in the attack on Colonial Pipeline in May of 2021.
At this point Russia really doesn’t fail o surprise me in the kind of different attacks they think up. I am surprised however that they were able to access the country’s data and effect so many individuals. When thought of like this the system overall does seem fairly fragile. Hopefully these attacks will show us how much more vigilant we must get with laws and overall national protection interns of security.
It is quite surprising that an accounting software that has a Russian stake at play would be utilized in mass in Ukraine, but then this was in 2015. I think that this puts into the spotlight the importance of trust when utilizing software since by doing so we enable many third parties with direct or indirect ability to access or control our data and devices.