The United States and United Kingdom on Thursday announced charges and sanctions against two individuals allegedly involved in hacking and other cyber operations on behalf of Russia’s FSB security service.
Microsoft and Five Eyes security agencies on Thursday published reports detailing the attacks of a Russian state-sponsored APT tracked as Star Blizzard, Callisto Group, BlueCharlie, TA446, ColdRiver, and Dancing Salome.
The threat actor, linked to an FSB unit called Centre 18, has targeted academia, defense firms, governments, NGOs and think-tanks in the US, the UK and other NATO countries. The hackers conducted both cyberespionage operations and influence campaigns, including a campaign whose goal was to interfere in the 2019 elections in the United Kingdom.
The US Justice Department has announced charges against Russian nationals Ruslan Aleksandrovich Peretyatko and Andrey Stanislavovich Korinets, both allegedly involved in these types of FSB operations.
Peretyatko is an FSB officer and Korinets has been described as a cybercriminal who aided the Callisto attacks, specifically by handling the registration of malicious domains used by the group.
They have been charged with conspiracy to commit an offense against the United States, specifically computer fraud. Peretyatko faces up to five years in prison and Korinets up to ten years in prison, but the chances of them being brought to justice in the US are slim.
According to the Justice Department, the hackers targeted employees at various government agencies between 2016 and 2022, including the intelligence community, Department of Defense and defense contractors, Department of State, and Department of Energy facilities.
Both the US and the UK have announced sanctions against Peretyatko and Korinets for their alleged roles in the malicious cyber activity.
In addition, the US has announced rewards of up to $10 million for information on each of the two Russian nationals.
Related: US Sanctions Several Entities Aiding Russia’s Cyber Operations
Related: US Sanctions Russian National for Helping Ransomware Groups Launder Money
Related: US Sanctions North Korean Cyberespionage Group Kimsuky
