Security News > 2024 > July > Two Russians sanctioned over cyberattacks on US critical infrastructure

Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, named by the US government as CARR's leader and attacker-in-chief respectively, were designated for their alleged roles in attacks on US critical national infrastructure.

Despite much of CARR's work since its inception in 2022 revolving around what the US Department of the Treasury describes as "Low-impact, unsophisticated DDoS attacks in Ukraine," the group was blamed for various attacks on US and European water facilities earlier this year.

Back in January, CARR claimed responsibility for attacks on human-machine interfaces controlling OT systems in the US and Poland via its Telegram channel.

Water supply, hydroelectric, wastewater, and energy facilities were affected by the remote manipulation of controls, which also led to the overflowing of water storage tanks in Abernathy and Muleshoe, Texas.

"Despite CARR briefly gaining control of these industrial control systems, instances of major damage to victims have thus far been avoided due to CARR's lack of technical sophistication," the announcement reads.

Mandiant previously attributed these attacks to Sandworm - an offensive cyber unit inside Russia's military intelligence arm, GRU. A report from the infosec giant in April said CARR was just one of the many Telegram accounts Sandworm used to publicize its attacks, but the US hasn't explicitly made these links in announcing Pankratova and Degtyarenko's designation.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/07/22/russians_sanctioned_over_cyberattacks/