Breakthrough Web Design - 515-897-1144 - Web sites for businesses
News & Entertainment for Mason City, Clear Lake & the Entire North Iowa Region

Founded October 1, 2010


Putin’s Russia sanctioned after using malware to threaten vital U.S. systems


This news story was published on October 25, 2020.
Advertise on NIT Subscribe to NIT

Vladimir Putin’s Russia is using malware to threaten vital U.S. systems

WASHINGTON, D.C. – The Russian government is engaging in dangerous and malicious activities using malware that threaten the security of the United States, bringing sanctions against the nation run by Vladimir Putin.

On Friday, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated, pursuant to Section 224 of the Countering America’s Adversaries Through Sanctions Act (CAATSA), a Russian government research institution that is connected to the destructive Triton malware. The Triton malware — known also as TRISIS and HatMan in open source reporting — was designed specifically to target and manipulate industrial safety systems. Such systems provide for the safe emergency shutdown of industrial processes at critical infrastructure facilities in order to protect human life. The cyber actors behind the Triton malware have been referred to by the private cybersecurity industry as “the most dangerous threat activity publicly known.”

“The Russian Government continues to engage in dangerous cyber activities aimed at the United States and our allies,” said Secretary Steven T. Mnuchin. “This Administration will continue to aggressively defend the critical infrastructure of the United States from anyone attempting to disrupt it.”

In recent years, the Triton malware has been deployed against U.S. partners in the Middle East, and the hackers behind the malware have been reportedly scanning and probing U.S. facilities. The development and deployment of the Triton malware against our partners is particularly troubling given the Russian government’s involvement in malicious and dangerous cyber-enabled activities. Previous examples of Russia’s reckless activities in cyberspace include, but are not limited to: the NotPetya cyber-attack, the most destructive and costly cyber-attack in history; cyber intrusions against the U.S. energy grid to potentially enable future offensive operations; the targeting of international organizations such as the Organization for the Prohibition of Chemical Weapons and the World Anti-Doping Agency; and the 2019 disruptive cyber-attack against the country of Georgia.

Triton Malware

In August 2017, a petrochemical facility in the Middle East was the target of a cyber-attack involving the Triton malware. This cyber-attack was supported by the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics (TsNIIKhM), a Russian government-controlled research institution that is responsible for building customized tools that enabled the attack.

The Triton malware was designed to target a specific industrial control system (ICS) controller used in some critical infrastructure facilities to initiate immediate shutdown procedures in the event of an emergency. The malware was initially deployed through phishing that targeted the petrochemical facility. Once the malware gained a foothold, its operators attempted to manipulate the facility’s ICS controllers. During the attack, the facility automatically shut down after several of the ICS controllers entered into a failed safe state, preventing the malware’s full functionality from being deployed, and prompting an investigation that ultimately led to the discovery of the malware. Researchers who investigated the cyber-attack and the malware reported that Triton was designed to give the attackers complete control of infected systems and had the capability to cause significant physical damage and loss of life. In 2019, the attackers behind the Triton malware were also reported to be scanning and probing at least 20 electric utilities in the United States for vulnerabilities.

TsNIIKhM is being designated pursuant to Section 224 of CAATSA for knowingly engaging in significant activities undermining cybersecurity against any person, including a democratic institution, or government on behalf of the Government of the Russian Federation.

As a result of the designation, all property and interests in property of TsNIIKhM that are in or come within the possession of U.S. persons are blocked, and U.S. persons are generally prohibited from engaging in transactions with them. Additionally, any entities 50 percent or more owned by one or more designated persons are also blocked. Moreover, non-U.S. persons who engage in certain transactions with TsNIIKhM may themselves be exposed to sanctions.

Leave a Reply

Your email address will not be published.

 characters available

2 Responses to Putin’s Russia sanctioned after using malware to threaten vital U.S. systems

  1. Avatar

    Anonymous Reply Report comment

    October 26, 2020 at 10:39 am

    Having a ‘Alexa’ in your home means it records everything you say. It’s owned by a private company not the government. It’s easily tied into your smartphone data. Which in turn is tied into your laptop. AI is running all three devices covertly. Fine tuning your interests for a more personalized ‘experience’. Alexa is always listening even when not in use. Recording/analyzing/storing data. Where ever you go with a smartphone it’s tracking you. So imagine your visiting a friend with an Alexa on the other side of the country. It’ll use voice recognition to find out who the voice belongs to over time. Then there is all the people who have cameras in their home. You think China/Russia can’t hack into this data bank of knowledge. Think again. Or let your smartphone do it for you. It’s not the Government…yet.

  2. Avatar

    well that's kinda sad Reply Report comment

    October 25, 2020 at 5:45 pm

    Feb. 6, 2017
    Trump says he respects Putin during a Super Bowl interview with Bill O’Reilly. Trump defends Putin when O’Reilly calls him a killer.

    “There are a lot of killers,” Trump says. “Do you think our country is so innocent? Do you think our country is so innocent?