Russian nationals charged for alleged roles in DragonFly and Triton hacks

Four Russian nationals who worked for the Russian government were charged with two sets of US indictments last year for their alleged role in hacks performed by the DragonFly and Triton groups, which both targeted critical infrastructure around the world.

The indictments were only unsealed on Friday, however, with the US Department of Justice (DOJ) saying the hacking campaigns conducted by the charged individuals targeted hundreds of companies and organisations across 135 countries.

“We face no greater cyber threat than actors seeking to compromise critical infrastructure, offences which could harm those working at affected plants as well as the citizens who depend on them,” District of Columbia attorney Matthew Graves said.

One of the indictments accuses three Russian individuals of being part of the DragonFly group, also known as Energetic Bear and Crouching Yeti, which conducted a two-phased campaign targeting and compromising the computers of hundreds of entities related to the energy sector worldwide. Two websites operated by the San Francisco International Airport were also allegedly hacked by the group in 2020.

Access to such systems provided the Russian government the ability to, among other things, disrupt and damage such computer systems at a future time of its choosing, the DOJ said.

Read More: