Security News > 2024 > July > Two Russians sanctioned over cyberattacks on US critical infrastructure
Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, named by the US government as CARR's leader and attacker-in-chief respectively, were designated for their alleged roles in attacks on US critical national infrastructure.
Despite much of CARR's work since its inception in 2022 revolving around what the US Department of the Treasury describes as "Low-impact, unsophisticated DDoS attacks in Ukraine," the group was blamed for various attacks on US and European water facilities earlier this year.
Back in January, CARR claimed responsibility for attacks on human-machine interfaces controlling OT systems in the US and Poland via its Telegram channel.
Water supply, hydroelectric, wastewater, and energy facilities were affected by the remote manipulation of controls, which also led to the overflowing of water storage tanks in Abernathy and Muleshoe, Texas.
"Despite CARR briefly gaining control of these industrial control systems, instances of major damage to victims have thus far been avoided due to CARR's lack of technical sophistication," the announcement reads.
Mandiant previously attributed these attacks to Sandworm - an offensive cyber unit inside Russia's military intelligence arm, GRU. A report from the infosec giant in April said CARR was just one of the many Telegram accounts Sandworm used to publicize its attacks, but the US hasn't explicitly made these links in announcing Pankratova and Degtyarenko's designation.
News URL
Related news
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- US warns of last-minute Iranian and Russian election influence ops (source)
- Russian suspected Phobos ransomware admin extradited to US over $16M extortion (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- T-Mobile US takes a victory lap after stopping cyberattacks: 'Other providers may be seeing different outcomes' (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- US charges Russian-Israeli as suspected LockBit ransomware coder (source)