Advertisement

U.S. sanctions Russian research institute linked to dangerous malware program

Click to play video 'U.S. election: Officials say Iran, Russia have obtained voter registration information' U.S. election: Officials say Iran, Russia have obtained voter registration information
U.S. election: Officials say Iran, Russia have obtained voter registration information – Oct 21, 2020

Washington imposed sanctions on Friday on a Russian research institute tied to the development of a dangerous computer program capable of causing catastrophic industrial damage, a move that Russia called illegitimate.

The U.S. Treasury Department alleged that the Russian government-backed Central Scientific Research Institute of Chemistry and Mechanics – also known by its Russian acronym, TsNIIKhM – was responsible for “building customized tools that enabled the attack” on an unidentified petrochemical facility in the Middle East in 2017.

Read more: Russian hackers targeting dozens of state, local networks: U.S.

The attack electrified the cybersecurity community when it was made public by researchers that year because – unlike typical digital intrusions aimed at stealing data or holding it for ransom – it appeared aimed at causing physical damage to the facility itself by disabling its safety system.

Story continues below advertisement

Nathan Brubaker, an analyst with cybersecurity company FireEye – which discovered the software involved – said the apparent intent made it uniquely dangerous because disabling safety systems at a plant like that one could lead to serious consequences, such as a fire or an explosion.

“The acute nature of the threat is what makes it scary,” Brubaker said. “Blowing things up and killing people – that’s terrifying.”

Click to play video 'FBI director testifies there’s evidence Russia aims to ‘denigrate’ Joe Biden in 2020 election' FBI director testifies there’s evidence Russia aims to ‘denigrate’ Joe Biden in 2020 election
FBI director testifies there’s evidence Russia aims to ‘denigrate’ Joe Biden in 2020 election – Sep 17, 2020

Treasury also said last year the attackers behind the malware were reported to be scanning and probing at least 20 electric utilities in the United States for vulnerabilities.

“We emphasize once again the illegitimacy of any one-sided restrictions. Russia, unlike the United States, does not conduct offensive operations in cyber domain,” Anatoly Antonov, Russia’s ambassador to the United States, said on social media.

Story continues below advertisement

“We call on the United States to abandon the vicious practice of unfounded accusations.”

Read more: U.S. officials say Iran, Russia actively interfering in 2020 election

U.S. officials have been on a tear in the past month, filing a glut of indictments against hackers in Russia, China and Iran, levying sanctions, and issuing several warnings about state-backed digital intrusions.

Experts see the activity as the United States warning hostile powers to not interfere in its Nov. 3 elections, less than two weeks away.

(Reporting by Raphael Satter; Additional reporting by Vladimir Soldatkin in Moscow; Editing by Doina Chiacu, Tom Brown and Jonathan Oatis)