The US has indicted a Ukrainian woman for her alleged involvement with Russia-backed cybercriminal teams which have induced disruptions at American water and meat processing amenities, the Justice Department has stated.
The case towards Victoria Dubranova, 33, who was extradited to the US earlier this 12 months and pleaded not responsible in court docket on Tuesday, is a counterpunch from US regulation enforcement following years of cyberattacks on US victims from two shadowy teams of hackers that gained notoriety following Russia’s full-scale invasion of Ukraine in 2022.
One of the teams, referred to as the Cyber Army of Russia Reborn (CARR), has claimed accountability for a whole bunch of cyberattacks worldwide, together with a hack in January 2024 in the city of Muleshoe, Texas, that wasted tens of 1000’s of gallons of water. Another assault by the group spoiled 1000’s of kilos of meat at a processing facility in Los Angeles in November 2024, inflicting an ammonia leak, the Justice Department stated.
The teams have compelled water plant managers in small cities in the US to confront opportunistic assaults from hackers supportive of Russian President Vladimir Putin’s battle in Ukraine.
US prosecutors allege that Russia’s GRU intelligence company based and funded CARR. The different hacking group, known as NoName057, drew from members of an IT group established by Putin’s order in 2018, based on the Justice Department.
Indictments in the US Central District of California cost Dubranova with conspiracy to break protected computer systems and tamper with public water programs, amongst different charges. She has pleaded not responsible, the Justice Department stated. An legal professional for Dubranova was not listed in court docket data.
“This is not a norm for us … to be able to obtain pro-Russian hacktivists and then have them successfully extradited to the United States,” Brett Leatherman, assistant director of the FBI’s Cyber Division, advised reporters on Wednesday.
He hailed a rise in the variety of arrests in latest months “related to cyber fugitives in both traditional and non-traditional partner countries.”
Thai authorities in November arrested a Russian man on the FBI’s request for allegedly supporting Russian cyber-espionage campaigns towards US organizations.
Dubranova’s alleged role in the pro-Russian hacking teams highlights how Russia has allegedly co-opted tech-savvy Ukrainians who’re sympathetic to Moscow to assist the Kremlin’s pursuits.
The two pro-Russian hacking teams have focused unsecured industrial computer systems that enable the hackers to work together with water pumps and different essential equipment. The teams typically boast about their exploits on a Telegram channel whereas posting pro-Russia content material. It’s partly a psychological operation designed to drum up curiosity in the group and unfold panic amongst targets.
The menace stays. US authorities companies on Tuesday warned that such pro-Russian hacking teams are “actively engaging in opportunistic, low-sophistication malicious cyber activity across multiple sectors.”
“While these attacks may be relatively unsophisticated, they pose real risks to our water systems, food supply and energy sectors,” Leatherman stated.
The pro-Russian hackers have continued, as not too long ago as this week, to assert new US victims on their Telegram channel.
The charges towards Dubranova come because the US continues to attempt to strike a deal to finish the battle between Russia and Ukraine.
Tuesday’s actions present the Justice Department’s “commitment to disrupting malicious Russian cyber activity — whether conducted directly by state actors or their criminal proxies — aimed at furthering Russia’s geopolitical interests,” Assistant Attorney General for National Security John Eisenberg stated in an announcement.
In their public persona, CARR’s members typically lend the looks of a grassroots, patriotic Russian group. But the Justice Department says the GRU has instructed CARR members on what organizations to hack.
“The GRU is increasingly leaning into willing accomplices to hide their own hand in destabilizing physical and cyberattacks in Europe and the US,” John Hultquist, chief analyst at Google Threat Intelligence Group, advised NCS.“It’s important that we never take an adversary’s word for it when they tell us who they are. They frequently lie.”
US and Russian officers have had minimal and sporadic cooperation through the years on cybercrime. Washington is cautious of what US officers say is Russian intelligence’s cozy relationship with Russian cybercriminals.
But even right this moment, the FBI’s Leatherman stated, US regulation enforcement and safety officers nonetheless cross info to their Russian counterparts when it is smart.
“We continue to provide law enforcement and national security information to the Russians when we believe there’s an opportunity to mitigate a threat to the homeland here or help them take action in country,” he stated.