Kansas Judge Phil Journey confirms there has been an “unauthorized incursion” into the brand-new statewide computer system and it will be down for at least two weeks, affecting all Kansas state courts …
Hackers in a military unit of a Russian spy agency are accused of cybercrimes targeting a nuclear power plant in Kansas five years ago.
Russian military officers Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov and Marat Valeryevich Tyukov are charged with a combined 20 counts alleging conspiracy, computer fraud, wire fraud and identity theft.
All three work for the Federal Security Service, also known as the FSB, which is a domestic intelligence agency with close ties to President Vladimir Putin. The FSB officers worked for a discrete operational unit within Center 16, which is also known as Military Unit 71330.
The 36-page grand jury indictment, filed Aug. 26, 2021 in U.S. District Court in Kansas City, Kan., was unsealed Thursday. The Federal Bureau of Investigation and federal prosecutors summarized the allegations in a news release.
“Russian state-sponsored hackers pose a serious and persistent threat to critical infrastructure both in the United States and around the world,” Deputy Attorney General Lisa Monaco said. “Although the criminal charges unsealed today reflect past activity, they make crystal clear the urgent ongoing need for American businesses to harden their defenses and remain vigilant.”
The goal of the hackers was to establish and maintain unauthorized access to computers and networks in the U.S. energy sector, enabling the Russian government to disrupt and damage the systems. They targeted hundreds of companies between 2012 and 2017.
The indictment alleges the three military officers were part of a team that specifically targeted the software and hardware that controls equipment in power generation facilities.
The list of victims includes the Nuclear Regulatory Commission; Wolf Creek Nuclear Operating Corporation in Burlington; Westar Energy, the Topeka-based predecessor to utility company Evergy; and the Kansas Electric Power Cooperative.
Wolf Creek, Evergy and the Kansas Electric Power Cooperative all “cooperated and provided invaluable assistance in the investigation,” the Department of…
Three young Russian spies, Pavel, Mikhail and Marat, working from computers in a 27-story skyscraper at 12 Prospekt Vernadskogo in Moscow, over five years targeted the Wolf Creek nuclear power plant in Burlington, Kansas.
They were on a sophisticated cyber reconnaissance mission to learn about the inner workings of the plant to prepare for a possible precision electronic assault by the Russians.
That is the story that broke March 24, when the U.S. Department of Justice suddenly and somewhat mysteriously unsealed an indictment against the hapless trio. The indictment was filed under seal on Aug. 26, 2021, in the U.S. District Court in Kansas City, Kansas, and lay gathering dust for seven months.
Context matters, and in this case it explains why the Sunflower State and its lone nuclear plant have been woven into a saga laced with John le Carré spy novel overtones.
The bloody context is the devastating war Russia launched weeks ago against Ukraine. It also includes the remarkably successful psychological warfare ops that the Biden administration and its Western European allies have thrown at Russian President Vladimir Putin and his war machine.
James Lewis, a nuclear cybersecurity expert, said that the DOJ indictment probably was unsealed in Kansas now because the Biden administration has fresh intelligence about the Russians and it wants those overseeing America’s critical infrastructure to be on heightened alert.
“Maybe the Russians are giving more consideration to a cyberattack than in the past. It is driven by what the Russians are up to,” said Lewis, director of the Strategic Technology Program of the Center for Strategic & International Studies in Washington.
Wolf Creek, completed in 1985, is located about 100 miles southwest of Kansas City. Evergy, formerly Kansas City Power & Light, owns 94% of Wolf Creek and the balance is owned by the Kansas Electric Power Cooperative.
U.S. Nuclear Regulatory Commission
/
Evergy declined to discuss the Russian cybersecurity attack on Wolf Creek. Their statement…
By Tim Carpenter Kansas Reflector
TOPEKA — Federal prosecutors unsealed indictments against four Russian government computer hackers who targeted global infrastructure in a campaign that included breach of the business network at Wolf Creek nuclear power plant in Kansas.
The U.S. Department of Justice said indictments made public Thursday charged Russian nationals with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted software and hardware systems linked to the global energy sector between 2012 and 2018.
Prosecutors alleged the hacking campaigns targeted thousands of computers at hundreds of companies and organizations in the United States and in more than 135 countries. The indictments allege wire and computer fraud and identity theft.
U.S. Attorney Duston Slinkard of Kansas said potential of cyberattacks to disrupt, if not paralyze, the delivery of critical energy services to hospitals, homes, businesses and other locations was a sobering reality.
“We must acknowledge there are individuals actively seeking to wreak havoc on our nation’s vital infrastructure system, and we must remain vigilant in our effort to thwart such attacks,” Slinkard said.
According to indictments, the energy sector campaign involved two phases. In the first phase, which took place between 2012 and 2014, conspirators engaged in a supply chain attack, compromising computer networks of system manufacturers and software providers and then hiding malware inside legitimate software updates for such systems.
After unsuspecting customers downloaded infected updates, the conspirators used malware to create backdoors into infected systems and scan victims’ networks. Through these and other efforts, prosecutors allege conspirators installed malware on more than 17,000 unique devices in the United States and abroad, including controllers used by power and energy companies.
In the second phase, which transpired between 2014 and 2017, the conspirators transitioned to more targeted specific energy sector entities and individuals and engineers. The indictments say conspirators attacked more than 3,300 users at more than 500…