New FBI indictments have Russia targeting US — and even China's — infrastructure

Last week, new unsealed indictments from the Federal Bureau of Investigation (FBI) disclosed what many leading experts had already known — that the United States' critical infrastructure is in danger.

Indictments handed down showed that four employees of the Russian government were charged for their roles in what was referred to as two "historical hacking campaigns" targeting critical infrastructure, not only in the U.S., but also worldwide.

In addition, the new indictments explained how the defendants targeted both the software and hardware that controls infrastructure-related operational technology systems, and that the men were running an operation that was "attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018."

The indictments should not come as much of a shock to those paying attention to global cyber-war, but there were details of these indictments that were eyebrow-raising.

To begin with, despite the recent enhanced cooperation between Russia and China, the indictment reveals that Russia had hacked Chinese infrastructure.  That alone should be enough to call into question Beijing's support of the Kremlin, as Putin's Russia set forth attacks on every major global power.

Whether or not China can trust Russia in light of this startling revelation is something that should be considered, as an unhinged Putin is seemingly continuing to make strategic miscalculations while the Russian body count continues to be understated.

And by supporting Russia during this unpopular invasion of Ukraine, the Chinese government may want to rethink possibly picking a fight with the rest of the world over Putin's obsession to retake Ukraine for seemingly selfish reasons related to his belief in the historical significance of the country to the dictator's beloved Russia.

The new indictments also reveal that Russia attacked a number of both European Union (E.U.) and NATO countries.  The first indictment, The U.S. v. Evgeny Viktorovich Gladkikh, states that the defendant installed backdoors in an effort to distribute Triton malware, a strain of malware designed to compromise the industrial control systems (ICS) of energy refineries and cause them to operate in an unsafe manner.  The indictment claims that this was to grant "the defendant and his co-conspirators the ability to cause damage to the refinery, injury to anyone nearby, and economic harm."

The other indictment also claims that an attempt was made to manipulate ICS or Supervisory Control and Data Acquisition (SCADA) systems.  In this indictment, Russian hackers Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov, members of the Federal Security Service (FSB)'s Center 16, coordinated supply chain attacks in the effort to further the Russian government's attempts to "maintain surreptitious, unauthorized and persistent access to the computer networks of companies and organizations in the international energy sector, including oil and gas firms, nuclear power plants, and utility and power transmission companies."

These attacks are different from the kind that Americans are more familiar with, including the 2021 Colonial Pipeline and JBS Foods attacks targeting the east coast of the U.S.'s fuel supply and the country's meat supply chains, respectively.

Those attacks were carried out by state-sponsored Advanced Persistent Threat (APT) gangs that are affiliated with the Kremlin.  These groups used ransomware to demand millions in payments from the victims.  These kinds of attacks continue regularly but were seeking merely to cause a temporary halt to operations, versus the widespread destruction that is possible when attacking SCADA or ICS systems.

There is seemingly no immediate end to the Ukraine war in sight, and a determined Russia will likely continue to initiate cyber-attacks against the West.

With Joe Biden's commentary that Putin "cannot remain in power," America, as well as the West in general, needs to brace for 2022 to be the most devastating year of hacking in human history.

Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist.  His writing, which is focused on cyber-security and politics, has been published by numerous websites, and he is regularly seen on national and international news programming.

Image: Pixabay, Pixabay License.

If you experience technical problems, please write to