US imposes Russia sanctions over cyberattacks

Adjust Comment Print

The Treasury Department said Monday it has sanctioned three Russian individuals and five firms for using submarines to undermine USA cybersecurity.

The Treasury notice drew attention to recent Russian attempts to destabilize its geopolitical rivals in the West including the NotPetya ransomware campaign, attacks on the U.S. energy grid and the VPNFilter campaign to compromise network devices around the world.

Treasury Secretary Steven Mnuchin said the measures were to counter "malicious actors" working to "increase Russia's offensive cyber-capabilities".

This story is breaking and will be updated.

The three Russian individuals who were sanctioned are Aleksandr Lvovich Tribun, Oleg Sergeyevich Chirikov, and Vladimir Yakovlevich Kaganskiy.

It also said that Russian Federation had been tracking undersea cables that carry the bulk of the world's telecommunications data. The U.S. agency did provide details of what the companies did to bolster the FSB's offensive cyber capabilities, but identified them as a threat to U.S. security nonetheless.

Mnuchin said the committed to "aggressively targeting" anyone aiding the FSB, saying the US would do so under the 2017 sanctions law, known as the Countering America's Adversaries Through Sanctions Act (CAATSA).

According to a Treasury Department announcement, one of the entities is a company controlled by Russia's Federal Security Service, or FSB.

In addition to being barred from the United States financial system, the measures mean American citizens and companies can not do business with the Russian entities.

The Treasury also targeted the Kvant Scientific Research Institute(Meduza wrote about this organization in our deep dive into Russian cyber-defense) and the company Digital Security, which specializes in information security. Embedi is known for exploit research and security solutions for protecting hardware devices.

"I woke up and was embraced by such news", he said. Russian Sen. Konstantin Kosachev said Washington is revealing that its mechanism for punishing Russia is "out of the control of common sense" and looks "more and more unconvincing and ever more pitiful".

In addition, Divetechnoservices and three officials of the firm were sanctioned for supplying and supporting the government's underwater capabilities in monitoring and hacking subsea communications cables around the world.

According to an interview with the Infosec Institue, Polyakov mentions that he had previously worked at a company named Digital Security where only the best hackers from their city were employed.

"One of the owners of ERPScan is also a DSEC owner, but companies are not subsidiaries, they are different", Polyakov told BleepingComputer.

Polyakov Alexander, founder and CTO of ERPScan has been in contact to say he's baffled by the ban and it appears someone in the Treasury Department has goofed.