Two members of Cyber Army Russia Reborn (CARR), a Russian hacktivist group, have been targeted by the US Department of Treasury for their involvement in cyberattacks against US critical infrastructure.
Yuliya Vladimirovna Pankratova, also known as YUliYA, serves as the leader of CARR and oversees the group’s operations while also acting as its spokesperson. Denis Olegovich Degtyarenko, on the other hand, is the main hacker within the group, which initiated its campaign against Ukraine and its allies in 2022.
CARR managed to disrupt human-machine interfaces at water facilities in the US and Poland, as well as cause disruptions at a facility in France. Their ability to compromise industrial control systems (ICS) that manage water storage tanks in Texas resulted in a significant loss of water, according to reports from the US Treasury.
Furthermore, the group was able to breach the supervisory control and data acquisition (SCADA) system of a US energy company, gaining control over alarms and pumps for tanks within the system. The US Treasury press release revealed that Degtyarenko had developed training materials in early May 2024 on compromising SCADA systems, hinting at potential distribution to external groups.
Despite gaining control of operational technology (OT) systems, the hacktivists have not caused extensive damage to their targets, as reported by federal authorities citing the group’s “lack of technical sophistication.”
The sanctions imposed on Pankratova and Degtyarenko underscore the US government’s efforts to deter and punish individuals involved in cyberattacks on critical infrastructure. The escalation of cyber threats targeting vital systems highlights the importance of cybersecurity measures and international cooperation in combating such threats.
The actions of CARR serve as a reminder of the evolving nature of cyber warfare and the potential consequences of such attacks on essential services and infrastructure. The group’s activities demonstrate the need for robust defense mechanisms and proactive cybersecurity measures to safeguard against cyber threats.
As the world becomes increasingly interconnected and reliant on digital systems, the protection of critical infrastructure from cyber threats remains a top priority for governments and organizations worldwide. The sanctions against CARR members aim to send a strong message to malicious actors engaging in cyberattacks and underscore the consequences of such actions.
In conclusion, the US government’s sanctioning of CARR members highlights the ongoing threat posed by cyberattacks on critical infrastructure and the importance of preemptive cybersecurity measures to mitigate such risks. The incident underscores the need for continued vigilance and cooperation in addressing the evolving landscape of cyber threats to safeguard essential services and infrastructure.