Categories: CyberCrimeSecurity

US Sanctions Russian Hackers Over Infrastructure Attacks

The US Treasury has imposed sanctions on two members of a pro-Russia hacking group it said was responsible for attacks on US critical infrastructure.

The Treasury said Yuliya Vladimirovna Pankratova was the leader of hacktivist group Cyber Army of Russia Reborn (CARR), while Denis Olegovich Degtyarenko was the group’s primary hacker.

CARR has conducted cyber-attacks in Ukraine and countries and against countries and companies that support it amidst the ongoing conflict there.

Those attacks include incidents involving US critical infrastructure, as well as other attacks involving the industrial control systems of water supply, hydroelectric, wastewater, and energy facilities in the US and Europe.

Denis Degtyarenko and Yuliya Pankratova of Cyber Army of Russia Reborn. Image credit: US Treasury Department

Infrastructure attacks

“CARR and its members’ efforts to target our critical infrastructure represent an unacceptable threat to our citizens and our communities, with potentially dangerous consequences,” said undersecretary of the Treasury for terrorism and financial intelligence Brian E. Nelson.

The official designation means property or organisations belonging to the two are frozen and must be reported to the Treasury, while financial institutions that engage in transactions with the people may expose themselves to sanctions.

The official exposure of the identities of Pankratova and Degtyarenko also creates an inconvenience for them and could expose them to risks.

In January CARR claimed responsibility for the overflow of water storage tanks in Abernathy and Muleshoe, Texas, manipulating human-machine interfaces to cause the loss of tens of thousands of gallons of water.

The group also compromised the supervisory control and data acquisition (SCADA) system of a US energy company, giving them control of the alarms and pumps for tanks in that system.

‘Lack of technical sophistication’

“Despite CARR briefly gaining control of these industrial control systems, instances of major damage to victims have thus far been avoided due to CARR’s lack of technical sophistication,” the Treasury said.

In May the Treasury similarly sanctioned and exposed the identity of Dmitry Khoroshev, which it said was the leader of the LockBit ransomware gang.

Law enforcement agencies seized the group’s cyber-infrastructure in February, contributing to a major dip in ransomware incidents for the first quarter, security experts have said.

CARR is one of the pro-Russia hacktivist groups expected to pose a major cyber-threat to the Paris Olympic Games opening on Friday.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Tech Minister Admits UK Social Media Ban For Under-16s “On The Table”

Following Australia? Technology secretary Peter Kyle says possible ban on social media for under-16s in…

19 hours ago

Northvolt Appoints Restructuring Expert For Main Battery Plant

Restructuring expert appointed to oversea Northvolt's main facility in northern Sweden, amid financial worries

20 hours ago

CMA Halts Google Anthropic Investigation

British competition watchdog decides Alphabet's partnership with AI startup Anthropic does not qualify for investigation

21 hours ago