US puts $10M bounty on three Russians accused of attacking critical infrastructure
The US State Department has issued a massive bounty on the heads of three Russian nationals accused of being intelligence agents who have been secretly hacking into America's critical infrastructure, leaving a trail of vulnerability and chaos in their wake. The bountied individuals, identified as Marat Valeryevich Tyukov, Mikhail Mikhailovich Gavrilov, and Pavel Aleksandrovich Akulov, are suspected of using a previously patched Cisco vulnerability to gain access to thousands of networking devices worldwide.
The $10 million bounty was put in place by the State Department, with no clear explanation as to why. However, experts believe that this move may be more of a publicity stunt than a genuine attempt to apprehend the suspects. The three Russians allegedly targeted over 500 energy companies across 135 countries, using the old Cisco flaw to hijack thousands of networking devices and harvest sensitive information.
The vulnerability in question, CVE-2018-0171, was patched by Cisco in 2018, but it appears that some outdated equipment continued to use this unpatched version. The attack, known as the Salt Typhoon hacking campaign, left nearly every American's data exposed and has been linked to the FBI's investigation into a massive cyberattack on energy companies.
Prosecutors have also accused the suspects of targeting over 3,300 people in 500 organizations worldwide, with one specific target being the Wolf Creek nuclear power plant in Burlington, Kansas. The attackers allegedly installed snooping software that harvested login credentials from plant operators, only to be discovered by the FBI when the site's operators called for assistance.
Experts note that this is not an isolated incident; the FSB Center 16 unit, also known as "Berserk Bear" or "Dragonfly," has a long history of compromising networking devices globally. The unit has been using custom tools to exploit legacy unencrypted protocols and has even deployed malware on Cisco devices.
Cisco has remained silent on the matter at this time, but one thing is clear: the use of old, unpatched equipment to gain access to critical infrastructure is a serious security threat that should not be taken lightly. As the world continues to grapple with the ever-evolving landscape of cyber threats, it's essential to remain vigilant and take steps to protect ourselves from these types of attacks.
Who are the suspects?
The three Russian nationals accused of this heinous crime are:
* Marat Valeryevich Tyukov * Mikhail Mikhailovich Gavrilov * Pavel Aleksandrovich Akulov
These individuals have been linked to the FSB Center 16 unit, also known as "Berserk Bear" or "Dragonfly," which has a reputation for targeting critical infrastructure and compromising networking devices worldwide.
What's at stake?
The $10 million bounty put on the heads of these suspects raises serious questions about the effectiveness of international cooperation in combating cyber threats. While it's unclear whether this bounty will result in their capture, one thing is certain: the consequences of their actions could be catastrophic if left unchecked.
What can we do?
The most critical step in addressing these types of threats is to prioritize cybersecurity awareness and take proactive steps to protect ourselves. This includes:
* Keeping software up-to-date * Using strong passwords and two-factor authentication * Implementing robust network security measures * Educating yourself on the latest cyber threats and vulnerabilities
By taking a proactive approach to cybersecurity, we can reduce the risk of falling victim to these types of attacks and stay one step ahead of the bad guys.