Gas, Nuclear, O&M

Russian Companies Sanctioned for Cyber Activities Against U.S. Grid

The U.S. Treasury Department has sanctioned five Russian companies and three Russian nationals for “malign and destabilizing cyber activities,” including 2017’s NotPetya cyberattack and cyber intrusions that could be used to disrupt the nation’s electricity grid in the future.

The agency deemed the cyber activities as “significant” and “malicious,” alleging the Russian companies and individuals provided materials and technological support to Russia’s domestic intelligence agency, the Federal Security Service (FSB).

The U.S. agency specifically identified Russia’s underwater capabilities. “Russia has been active in tracking undersea communication cables, which carry the bulk of the world’s telecommunications data,” treasury officials said in a press release.

The sanctions mean all property and interests in property of the companies and individuals subject to U.S. jurisdiction are blocked. In addition, U.S. citizens are prohibited from engaging in transactions with them.

The companies targeted by the sanctions “have directly contributed to improving Russia’s cyber and underwater capabilities through their work with the FSB and therefore jeopardize the safety and security of the United States and our allies,” said Treasury Secretary Steven Mnuchin.   

The five companies and three individuals are:

·         Digital Security – for providing material and technological support to the FSB.  As of 2015, Digital Security worked on a project that would increase Russia’s offensive cyber capabilities for the Russian Intelligence Services.

·         ERPScan – for being owned or controlled by Digital Security. 

·         Embedi – As of May 2017, Embedi was owned or controlled by Digital Security.

·         Kvant Scientific Research Institute – for being owned or controlled by the FSB.  In August 2010, the Russian government issued a decree that identified Kvant as a federal state unitary enterprise that would be supervised by the FSB.

·         Divetechnoservices – for providing material and technological support to the FSB.  Since 2007, Divetechnoservices has procured a variety of underwater equipment and diving systems for Russian government agencies.

·         Aleksandr Lvovich Tribun – for acting for or on behalf of Divetechnoservices.  As of December 2017, Tribun was Divetechnoservices’ General Director.

·         Oleg Sergeyevich Chirikov – for acting for or on behalf of Divetechnoservices.  As of March 2018, Chirikov was Divetechnoservices’ Program Manager.

·         Vladimir Yakovlevich Kaganskiy – for acting for or on behalf of Divetechnoservices.  As of December 2017, Kaganskiy was Divetechnoservices’ owner. 

In March, the Department of Homeland Security (DHS) said Russian hackers secured access to critical control systems to U.S. nuclear plants. “We now have evidence they’re sitting on the machines… that allow them to effectively turn the power off or effect sabotage,” Eric Chien, a security technology director at digital security firm Symantec, told The New York Times. “From what we can see, they were there. They have the ability to shut the power off. All that’s missing is some political motivation.”