Security News > 2024 > July > Two Russians sanctioned over cyberattacks on US critical infrastructure
![Two Russians sanctioned over cyberattacks on US critical infrastructure](/static/build/img/news/two-russians-sanctioned-over-cyberattacks-on-us-critical-infrastructure-medium.jpg)
Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, named by the US government as CARR's leader and attacker-in-chief respectively, were designated for their alleged roles in attacks on US critical national infrastructure.
Despite much of CARR's work since its inception in 2022 revolving around what the US Department of the Treasury describes as "Low-impact, unsophisticated DDoS attacks in Ukraine," the group was blamed for various attacks on US and European water facilities earlier this year.
Back in January, CARR claimed responsibility for attacks on human-machine interfaces controlling OT systems in the US and Poland via its Telegram channel.
Water supply, hydroelectric, wastewater, and energy facilities were affected by the remote manipulation of controls, which also led to the overflowing of water storage tanks in Abernathy and Muleshoe, Texas.
"Despite CARR briefly gaining control of these industrial control systems, instances of major damage to victims have thus far been avoided due to CARR's lack of technical sophistication," the announcement reads.
Mandiant previously attributed these attacks to Sandworm - an offensive cyber unit inside Russia's military intelligence arm, GRU. A report from the infosec giant in April said CARR was just one of the many Telegram accounts Sandworm used to publicize its attacks, but the US hasn't explicitly made these links in announcing Pankratova and Degtyarenko's designation.
News URL
Related news
- CDK Global cyberattack impacts thousands of US car dealerships (source)
- CDK Global cyberattack cripples 15,000 US auto dealerships (source)
- US sanctions 12 Kaspersky Lab execs for working in Russian tech sector (source)
- Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed (source)
- Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool (source)
- TeamViewer links corporate cyberattack to Russian state hackers (source)
- US disrupts AI-powered bot farm pushing Russian propaganda on X (source)
- Ransomware continues to pile on costs for critical infrastructure victims (source)
- US sanctions Russian hacktivists who breached water facilities (source)
- New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure (source)