The US Department of Justice (DoJ) has indicted at least four Russian government employees over their connection to plans to launch cyberattacks against critical infrastructure in the US and beyond. The plans reportedly included attacking at least one nuclear power plant. The supply-chain attack design would have targeted the US energy sector and hundreds of computers located at hundreds of different organizations spanning a range of critical uses.
The campaign involved one of the most notorious malwares, Triton. Triton is one of the most dangerous variants ever encountered in operational technology and energy sectors. Triton was used to shut down an oil refinery in 2017 and another target located in the Middle East in 2019. The malware has been linked to Russia. Two related indictments were unsealed by the DoJ yesterday, pertaining to three officers in Military Unit 71330 and one employee of the Russian Ministry of Defense. Military Unit 71330 is the successor to Russia’s KGB.
Read More: DOJ Indicts Russian Gov’t Employees Over Targeting Power Sector