The United Kingdom, along with the United States and other allies, brought to light a historic malignant cyber activity of Russia's Federal Security Service (FSB), the successor agency of the KGB.
A month after the start of the Russian invasion in Ukraine, the global scope of the FSB Center 16 cyber campaign has been revealed.
The National Cybersecurity Center (NCSC) believes that it is almost certain that the FSB Center 16, also known by its pseudonyms hacker group “Energetic Bear”, “Berserk Bear” and “Crouching Yeti”, carried out a malicious cyber activity program, targeting critical computer systems and national infrastructures in Europe , America and Asia, according to the British government.
On Thursday they were accused by the FBI of attacking the systems that control the Wolf Creek nuclear power plant in Kansas, United States, in 2017, but they did not have any negative impact.
On the other hand, British Foreign Minister Liz Truss has used the UK cyber sanctions regime to link a subsidiary of the Russian Ministry of Defence, the Central Institute for Scientific Research of Chemistry and Mechanics (TsNIIKHM), over an incident related to the override controls of safety at a Saudi petrochemical plant in 2017.
“Russia's attack on critical national infrastructures is calculated and dangerous. It shows that Putin is willing to risk lives to sow division and confusion among the allies. We will continue to work with our allies to turn the tortilla around and deprive Putin's war machine of its funding and resources,” said Truss, in statements posted on the British government's website.
“The malware used against the petrochemical plant was specifically designed to attack the plant's override of security for the industrial control system and resulted in two emergency shutdowns of the plant,” the minister added.
“The malware was designed to give actors complete control of infected systems and had the ability to cause a significant impact, possibly including the release of toxic gas or an explosion — any of which could have resulted in loss of life and physical damage to the facility,” Truss concluded.
According to the British government, the FSB's list of malicious cyber activities includes attacks on UK energy companies, continuous and substantial scanning and polling of US aviation industry networks, and data exfiltration in aviation and other key US targets. They also claim that they impersonated the Russian Federal Tax Service to carry out spear-phishing attacks against Russian citizens and attempting to carry out spear-phishing attacks against the press secretary of Mikhail Khodorkovskiy, an old Kremlin critic.
KEEP READING: